IEEE Transactions on Dependable and Secure Computing

Federated learning is a computing paradigm that enhances privacy by enabling multiple parties to collaboratively train a machine learning model without revealing personal data. However, current research indicates that traditional federated learning ...

Recently, to resist privacy leakage and aggregation result forgery in federated learning (FL), Wang et al. proposed a verifiable and oblivious secure aggregation protocol for FL, called VOSA. They claimed that VOSA was aggregate unforgeable and verifiable ...

Face anti-spoofing (FAS) and face forgery detection play vital roles in securing face biometric systems from presentation attacks (PAs) and vicious digital manipulation (e.g., deepfakes). Despite satisfactory performance upon large-scale data and powerful ...

Location spoofing attack deceiving a Wi-Fi positioning system has been studied for over a decade. However, it has been challenging to construct a practical spoofing attack in urban areas with dense coverage of legitimate Wi-Fi APs. This paper identifies ...

Capacitive touchscreens have become the primary human-machine interface for personal devices such as smartphones and tablets. In this article, we present <monospace>GhostTouch</monospace>, the first active contactless attack against capacitive ...

Malware proliferation is a major threat to computer systems, and malware classification techniques are effective for analyzing and identifying malware. Recent intelligent malware classifiers intend to integrate natural language processing techniques for ...

There are various security-critical decisions routinely made, based on information provided by peers: routing messages, user reports, sensor data, navigational information, blockchain updates, etc. Jury theorems were proposed in sociology to make ...

The prosperity of blockchain technique has spawned numerous types of cryptocurrencies. However, a secure and privacy-preserving cryptocurrency exchange protocol that can support atomicity and unlinkability, and effectively resist various attacks is still ...

Deep learning methods can not only detect false data injection attacks (FDIA) but also locate attacks of FDIA. Although adversarial false data injection attacks (AFDIA) based on deep learning vulnerabilities have been studied in the field of single-label ...

Trust evaluation assesses trust relationships between entities and facilitates decision-making. Machine Learning (ML) shows great potential for trust evaluation owing to its learning capabilities. In recent years, Graph Neural Networks (GNNs), as a new ML ...

AI-as-a-Service has emerged as an important trend for supporting the growth of the digital economy. Digital service providers make use of their vast amount of customer data to train AI models (such as image recognition, financial modelling and pandemic ...

Covert communication is a crucial technology that hides information in the redundant structure of the file and transmission through public channel to achieve the secure delivery of information. The existing covert communication methods face certain ...

Federated learning is a collaborative machine learning paradigm that brings the model to the edge for training over the participants&#x2019; local data under the orchestration of a trusted server. Though this paradigm protects data privacy, the aggregator ...

Insider threat is one of the most damaging cyber attacks that could cause the loss of intellectual property and enterprise data security breaches. Action sequence data such as host logs are used to investigate such threats and develop anomaly-based AI ...

In a blockchain-based data trading platform, data users can purchase data sets and computing power through encrypted smart contracts. The security of smart contracts is important as it relates to that of the data platform. However, due to the inability to ...

To address the confidentiality concerns of malicious adversaries that fully compromise the message broker in pub/sub based IoT systems, several researchers use proxy re-encryption (PRE) to realize end-to-end encrypted message distribution (from publisher ...

Privacy within the Bitcoin ecosystem has been critical for the operation and propagation of the system since its very first release. While various entities have sought to deanonymize and reveal user identities, the default semi-anonymous approach to ...

As a privacy-preserving distributed learning paradigm, federated learning (FL) has been proven to be vulnerable to various attacks, among which backdoor attack is one of the toughest. In this attack, malicious users attempt to embed backdoor triggers into ...

Cache side-channel attacks remain a stubborn source of cross-core secret leakage. Such attacks exploit the timing difference between cache hits and misses. Most defenses thus choose to prevent cache evictions. Given that two possible types of evictions&#...

Personalized recommendation is deemed ubiquitous. Indeed, it has been applied to several online services (e.g., E-commerce, advertising, and social media applications, to name a few). Learning unknown user preferences from user-provided data lies at the ...

In recent years, <italic>query-based static application security testing</italic>(Q-SAST) tools such as CodeQL have gained popularity due to their ability to codify vulnerability knowledge into SQL-like queries and search for vulnerabilities in the ...

Due to the powerful representation ability and superior performance of Deep Neural Networks (DNN), Federated Learning (FL) based on DNN has attracted much attention from both academic and industrial fields. However, its transmitted plaintext data causes ...

The increasing privacy concerns associated with cloud-assisted image retrieval have captured the attention of researchers. However, a significant number of current research endeavors encounter limitations, including suboptimal accuracy, inefficient ...

Medical images play a crucial role in doctors&#x2019; clinical diagnosis and treatment. However, the transmission and sharing of such private information raises security concerns. To address this issue, image hiding is used as an effective technique to ...

The sealed-bid auction enables bidders to secretly send their bids to the auctioneer, which compares all bids and publishes the winning one on the bid-opening day. This type of auction is friendly for protecting the bid privacy, and sufficiently fair for ...

Conventional crowdsourcing platforms primarily rely on a central server as the broker for information exchange. Although many efforts have been made, centralized platforms are still vulnerable to underlying security issues, such as an untrusted central ...

The use of blockchain technology has been proposed to provide auditable access control for individual resources. Unlike the case where all resources are owned by a single organization, this work focuses on distributed applications such as business ...

MQTT has become the de facto standard in the IoT. Although standard MQTT lacks built-in security features, several proposals have been made to address this gap. Unfortunately, no existing proposal aims to offer end-to-end data flow integrity in the threat ...

One prominent tactic used to keep malicious behavior from being detected during dynamic test campaigns is <italic>logic bombs</italic>, where malicious operations are triggered only when specific conditions are satisfied. Defusing logic bombs remains an ...

Machine learning models are vulnerable to maliciously crafted Adversarial Examples (AEs). Training a machine learning model with AEs improves its robustness and stability against adversarial attacks. It is essential to develop models that produce high-...