User Anonymity Research Articles

Hybrid Mutual Authentication for Vehicle-to-Infrastructure Communication Without the Coverage of Roadside Units

The security issues in Vehicle Ad Hoc Networks (VANETs) are prevalent within Intelligent Transportation Systems (ITS). To ensure the security of vehicle-to-infrastructure (V2I) communication, extensive research on V2I authentication has been conducted in recent years. However, these protocols often overlook the limitations of communication range, leading to failures in V2I communication. Consequently, addressing the challenge of secure V2I communication in areas not covered by distributed roadside units (RSUs) remains a significant task. To address these issues, the current study proposes an Anonymous Certificate-less Hybrid Mutual Authentication Protocol (ACHMAP) based on Vehicle-to-Vehicle-to-Infrastructure (V2V2I) communication. In the proposed protocol, a secure multi-hop link is established through vehicle-to-vehicle (V2V) mutual one-time token authentication. Subsequently, the out-of-coverage vehicle and relevant RSUs complete V2I mutual authentication using signcryption messages transmitted by vehicle nodes. In the security analysis, it is demonstrated that the entire V2V2I stage can resist various security attacks, such as replay attacks, impersonation attacks, and threats to user anonymity, while preserving confidentiality and integrity. We simulated the proposed protocol using Network Simulator 3 (NS-3) to confirm that the authentication mechanism has lower overhead and minimal authentication delay in V2V2I communication.

A Hierarchical Blockchain System for Social Economy Services

Social economy actors have assisted the recovery from crises by providing innovative solutions that are aimed at strengthening public services to complement government action. Currently, the widespread use of information and communication technologies (ICTs) by both citizens and organizations has changed society’s routine behavior, giving rise to the so-called information society. One of the major burdens of using big data for social problems is the lack of adequate data governance standards. Challenging and critical issues about big data include privacy and security for most of the social economy field of activities. Blockchain technology has attracted the attention of academic researchers and industries, which combines technologies like cryptography, end-to-end communication, and algorithms. Moreover, blockchain technology provides user anonymity to protect the privacy of users. We propose a hierarchical blockchain system for social economy services that can effectively protect the security and privacy of users and transmitted data. The proposed scheme was proven to ensure the legitimacy of all parties in the system and security of data and transactions, and blockchain technology and signcryption mechanisms were applied to achieve integrity, non-repudiation, and traceability. Security and performance analyses are also provided to prove that the proposed scheme achieved the above security concerns with efficiency.

Secure and Efficient k-anonymous Trajectory Privacy Protection Method based on Differential Privacy

The Location-based service scheme have already involved in every aspect of People's daily life and are increasingly used in various industries. Aiming at the problem of the security and efficiency of mobile terminal users’ trajectory privacy protection in location-based service, we propose a k-anonymous trajectory privacy protection scheme based on differential privacy. This scheme adopts differential privacy technology to add Laplace noise to the user's trajectory many times to generate 2k noise trajectory, and then according to the trajectory similarity to determine k-1 noise users whose trajectory are similar to the user trajectory, and sets them and the real user as an anonymous user group, and then uses the anonymous user group to request LBS services. Security analysis shows that the scheme satisfies the security features of anonymity, unforgeability, and anti-counterfeiting attack. The simulation results show that the scheme not only guarantees the similarity between the false trajectory and the real trajectory but also has higher execution efficiency.

A network security protection scheme for tax system based on elliptic curve cryptography

With the rapid development of modern information technology and network technology, the construction of tax informatization plays an important role in improving the level of tax management and work efficiency. However, in the centralized data processing mode, the establishment of large data center and the efficient, stable, and secure connection of server bandwidth have become key challenges. Moreover, the openness and interconnectivity of the tax system network pose various network security threats, seriously threatening the integrity and security of data. For the above issues, this article proposes a tax system network security protection scheme based on elliptic curve cryptography. This scheme combines hash function and elliptic curve cryptography to achieve user anonymity and secure generation of session keys, effectively ensuring the secure transmission of confidential information. The security and effectiveness of the scheme are verified through informal and formal security analysis based on security proof, BAN logic and AVISPA tool. And a comprehensive evaluation of the scheme is conducted, and the results show that the scheme significantly reduced the costs while providing security features.

A heterogeneous ring signcryption scheme with privacy protection and conditional tracing for smart grid

Smart grid develops rapidly, but there are still security risks such as user privacy leakage, power data tampering and audit data inconsistency. The existing schemes to ensure data security mainly use traceable ring signcryption, which is applied in distributed application scenarios such as smart grid. Traceable ring signcryption can ensure the anonymity, integrity, unforgeability and confidentiality of data, and can trace the real identity of anonymous users. However, the traceability of these schemes is arbitrary, any actor can trace the identity of anonymous users, and they do not resolve disputes caused by tampered or inconsistent data. To remedy these deficiencies, we combine ring signcryption with consortium blockchain technology for the first time to achieve privacy protection and conditional tracing, which can effectively avoid anonymous user identity being revealed at will. Consortium blockchain is a semi-distributed P2P network that can solve data disputes and is suitable for organizations that require certain access control mechanisms such as smart grid. In this paper, we propose a heterogeneous ring signcryption scheme with privacy protection and conditional tracing (CTHRSC) which between certificateless cryptographic system (CLC) and public key infrastructure (PKI). Besides, we prove that our scheme is secure under the discrete logarithm problem (DLP) and decisional Diffie–Hellman problem (DDHP) in random oracle model (ROM). Compared with other signature or signcryption schemes, our advantages are satisfying conditional tracing and known temporary session key security (KTSKS), requiring less computation cost and communication overhead.

Examining the escalation of hostility in social media: a comparative analysis of online incivility in China and the United States regarding the Russia–Ukraine war

Abstract Purpose This study examines and compares online incivility on China’s Weibo and the U.S.’s X (Twitter) amid the Russia-Ukraine conflict, aiming to unravel how different cultural and geopolitical contexts influence online incivility and identify factors that may influence the occurrence of online incivility in different national contexts. Design/methodology This study collected and analyzed over 80,000 social media posts concerning the Russia-Ukraine conflict. By employing machine learning methods and moderation tests, this study compares online incivility in different country contexts. Findings Twitter and Weibo show different level of online incivility across eight months in the discussion of Russia-Ukraine war. Conflict frame and negative sentiment both positively predict online incivility on Twitter and Weibo and these two factors both show higher prediction power on Twitter than on Weibo. Practical implication This study highlights the necessity for platforms like X (Twitter) and Weibo to refine their moderation systems to address the predictors of online incivility, particularly negative sentiment and conflict framing. Social implication This study provides evidence that cultural differences significantly impact online communication patterns and norms. It also finds that non-anonymous users might exhibit more uncivil behavior in politically charged discussions, seeking social approval. Originality/value This research is one of the few studies to compare online incivility and its impact factors between China and the United States social media platforms. It shows how cultural differences influence the prevalence and predictors of online incivility and distinguishes the roles of negative sentiment and conflict framing in fostering incivility, with novel findings that challenge conventional beliefs about the impact of user anonymity on online discourse.

TCSR: Self‐attention with time and category for session‐based recommendation

AbstractSession‐based recommendation that uses sequence of items clicked by anonymous users to make recommendations has drawn the attention of many researchers, and a lot of approaches have been proposed. However, there are still problems that have not been well addressed: (1) Time information is either ignored or exploited with a fixed time span and granularity, which fails to understand the personalized interest transfer pattern of users with different clicking speeds; (2) Category information is either omitted or considered independent of the items, which defies the fact that the relationships between categories and items are helpful for the recommendation. To solve these problems, we propose a new session‐based recommendation method, TCSR (self‐attention with time and category for session‐based recommendation). TCSR uses a non‐linear normalized time embedding to perceive user interest transfer patterns on variable granularity and employs a heterogeneous SAN to make full use of both items and categories. Moreover, a cross‐recommendation unit is adapted to adjust recommendations on the item and category sides. Extensive experiments on four real datasets show that TCSR significantly outperforms state‐of‐the‐art approaches.

Analyzing Darknet Traffic: Examining how Tor Modifications Affect Onion Service Traffic Classification

The important work of classifying network traffic for control and monitoring is examined in this study. Data protection has taken centre stage as privacy concerns have grown over the last two decades. Online privacy is possible through the Tor network, which is well-known for enabling Onion Services and offering user anonymity. But the abuse of this anonymity—especially with Onion Services—has prompted the government to work on de-anonymizing users. In this work, we address three main goals: first, we achieve over 99% accuracy in distinguishing Onion Service traffic from other Tor traf- fic; second, we assess how well our methods perform in the event that Tor traffic is modified to hide information leaks; and third, we detect the utmost significant article integrations for our classification task. This study tackles issues related to privacy challenges and misuse concerns in network traffic analysis.

User perceptions and utilisation of features of an AI-enabled workplace digital mental wellness platform ‘mindline at work’

BackgroundThe working population encounters unique work-related stressors. Despite these challenges, accessibility to mental healthcare remains limited. Digital technology-enabled mental wellness tools can offer much-needed access to mental healthcare. However, existing...

Understanding the security failures of four user authentication schemes for wireless sensor networks in IoT environment

User authentication protocols are applied to provide a secure conversation between participating entities in wireless sensor networks (WSNs). To identify how to ensure security in these schemes, it is imperative to look into the security vulnerabilities of these authentication mechanisms. As a part of this study, we examine the security of four 2-factor authentication schemes for WSNs (namely, Zhang and Wen, Jangirala et al., Maurya and Sastry and Singh et al.). Security verification result shows that they are all confronted by serious security weaknesses (like sensor node capture attack, exposer of session key by gateway node attack, smart card lost attack, malicious gateway node attack, and session-specific ephemeral information loss attack) and lack of important security functionalities (like multi-factor security, perfect forward secrecy, user anonymity and untraceability, and session key security). This research concentrates on the ‘root cause of the problem. This will help in the research and development of reliable and efficient user authentication mechanisms for WSNs. Our research results point out some new challenges in building reliable multi-factor mechanisms of user authentication for WSNs. We additionally identify some significant insights from the cryptanalysis results of these mechanisms.

Utilization chatbot for Indonesian tourism: a post-pandemic solution of information accessibility

Indonesia is a renowned tourist destination worldwide. However, the COVID-19 pandemic has resulted in a decrease in both foreign and domestic tourist visits. Therefore, this research aims to develop a Telegram-based ChatBot application to increase post-pandemic tourist visits. The ChatBot is designed to make it easier for tourists to obtain information related to transportation and accommodation at tourist attractions. The ChatBot is built using the Knuth-Morris-Pratt (KMP) algorithm and web scraping method. The ChatBot's response to the keyword matching is then presented to tourists. To measure travelers' perceptions of ChatBot, the System Usability Scale (SUS) was used. SUS is a questionnaire consisting of 10 questions that were answered by 20 anonymous users. Based on the calculations, the average SUS score is 71, which indicates that the developed ChatBot is in the good category and suitable for use. Using this ChatBot will make it easier for tourists to obtain tourism information in Indonesia. With its ability to retrieve relevant information related to transportation and accommodation at tourist attractions, the ChatBot can serve as a useful tool to increase post-pandemic tourist visits.

2FAKA-C/S: A Robust Two-Factor Authentication and Key Agreement Protocol for C/S Data Transmission in Federated Learning

As a hot technology trend, the federated learning (FL) cleverly combines data utilization and privacy protection by processing data locally on the client and only sharing model parameters with the server, embodying an efficient and secure collaborative learning model between clients and aggregated Servers. During the process of uploading parameters in FL models, there is susceptibility to unauthorized access threats, which can result in training data leakage. To ensure data security during transmission, the Authentication and Key Agreement (AKA) protocols are proposed to authenticate legitimate users and safeguard training data. However, existing AKA protocols for client–server (C/S) architecture show security deficiencies, such as lack of user anonymity and susceptibility to password guessing attacks. In this paper, we propose a robust 2FAKA-C/S protocol based on ECC and Hash-chain technology. Our security analysis shows that the proposed protocol ensures the session keys are semantically secure and can effectively resist various attacks. The performance analysis indicates that the proposed protocol achieves a total running time of 62.644 ms and requires only 800 bits of communication overhead, showing superior computational efficiency and lower communication costs compared to existing protocols. In conclusion, the proposed protocol securely protects the training parameters in a federated learning environment and provides a reliable guarantee for data transmission.

FHS-adapter: fine-grained hierarchical semantic adapter for Chinese landscape paintings generation

How to migrate text-to-image models based on pre-trained diffusion models to adapt them to domain generation tasks is a common problem. In particular, the generation task for Chinese landscape paintings with unique characteristics suffers from a scarcity of fine-grained contextual details specific to such artwork. Moreover, the use of substantial amounts of non-landscape painting data during pre-training predisposes the model to be swayed by alternative visual styles, thereby leading to generated images that inadvertently lack the distinctive traits inherent to Chinese paintings. In this paper, we propose a Fine-grained Hierarchical Semantic Adapter for Chinese landscape paintings generation, namely FHS-adapter. The method orchestrates the diffusion process in a batch-wise manner, leveraging external fine-grained multi-perspective information to guide it. It gradually diminishes the influence of other style images embedded in the pre-trained diffusion model, ultimately preserving a greater number of landscape painting elements. The encoder was also replaced with the Taiyi-CLIP encoder, which is adapted for Chinese. We propose T2ICLP, a multimodal dataset containing 10,000 high-quality image-text pairs of Chinese landscape paintings. Unlike previous datasets, this dataset extracts fine-grained textual information from four perspectives, including Meta, Description, Sentiment, Poem. We compared the proposed model with the mainstream diffusion-based T2I models. Through an anonymous user study, our FHS-adapter method performs well in simulating various aspects such as brushwork, e.g.‘Gou, Cun, Dian, Ran’ means hooking, texturing, dotting, and dyeing, compositional space, elemental proportions, and color usage of different painting genres and artists. Our dataset is available at https://github.com/T2ICLP/t2iclp.

Skip-Gram and Transformer Model for Session-Based Recommendation

Session-based recommendation uses past clicks and interaction sequences from anonymous users to predict the next item most likely to be clicked. Predicting the user’s subsequent behavior in online transactions becomes a problem mainly due to the lack of user information and limited behavioral information. Existing methods, such as recurrent neural network (RNN)-based models that model user’s past behavior sequences and graph neural network (GNN)-based models that capture potential relationships between items, miss different time intervals in the past behavior sequence and can only capture certain types of user interest patterns due to the characteristics of neural networks. Graphic models created to improve the current session reduce the model’s success due to the addition of irrelevant items. Moreover, attention mechanisms in recent approaches have been insufficient due to weak representations of users and products. In this study, we propose a model based on the combination of skip-gram and transformer (SkipGT) to solve the above-mentioned drawbacks in session-based recommendation systems. In the proposed method, skip-gram both captures chained user interest in the session thread through item-specific subreddits and learns complex interaction information between items. The proposed method captures short-term and long-term preference representations to predict the next click with the help of a transformer. The transformer in our proposed model overcomes many limitations in turn-based models and models longer contextual connections between items more effectively. In our proposed model, by giving the transformer trained item embeddings from the skip-gram model as input, the transformer has better performance because it does not learn item representations from scratch. By conducting extensive experiments with three real-world datasets, we confirm that SkipGT significantly outperforms state-of-the-art solutions with an average MRR score of 5.58%.

PACIFIC

To be useful and widely accepted, automated contact tracing schemes (also called exposure notification) need to solve two seemingly contradictory problems at the same time: they need to protect the anonymity of honest users while also preventing malicious users from creating false alarms. In this paper, we provide, for the first time, an exposure notification construction that guarantees the same levels of privacy and integrity as existing schemes but with a fully malicious database (notably similar to Auerbach et al. CT-RSA 2021) without special restrictions on the adversary. We construct a new definition so that we can formally prove our construction secure. Our definition ensures the following integrity guarantees: no malicious user can cause exposure warnings in two locations at the same time and that any uploaded exposure notifications must be recent and not previously uploaded. Our construction is efficient, requiring only a single message to be broadcast at contact time no matter how many recipients are nearby. To notify contacts of potential infection, an infected user uploads data with size linear in the number of notifications, similar to other schemes. Linear upload complexity is not trivial with our assumptions and guarantees (a naive scheme would be quadratic). This linear complexity is achieved with a new primitive: zero knowledge subset proofs over commitments which is used by our "no cloning" proof protocol. We also introduce another new primitive: set commitments on equivalence classes, which makes each step of our construction more efficient. Both of these new primitives are of independent interest.

Urban mobility and learning: analyzing the influence of commuting time on students' GPA at Politecnico di Milano

ABSTRACT Despite its crucial role in students' daily lives, commuting time remains an underexplored dimension in higher education research. To address this gap, this study focuses on challenges that students face in urban environments and investigates the impact of commuting time on the Grade Point Average (GPA) of first-year bachelor students of Politecnico di Milano, Italy. This research employs an innovative two-step methodology. In the initial phase, machine learning algorithms trained on privacy-preserving GPS data from anonymous users are used to construct accessibility maps to the university and to obtain an estimate of students' commuting times. In the subsequent phase, authors utilize polynomial linear mixed-effects models and investigate the factors influencing students' GPA, with a particular emphasis on commuting time. Notably, this investigation incorporates causal inference analyses from the observational studies domain, which enable to establish the effect of commuting time on academic outcome. The findings underscore the significant impact of travel time on students' performance and may support policies and implications aiming at improving students' educational experience in metropolitan areas. The study's innovation lies both in its exploration of a relatively uncharted factor and the novel methodologies applied in both phases.

AnoPay: Anonymous Payment for Vehicle Parking With Updatable Credential

Many existing anonymous parking payment schemes lack high efficiency and flexibility. For instance, the calculation and communication costs involved in payment may linearly increase with the payment amount. In this paper, we propose an anonymous payment system (dubbed AnoPay) for vehicle parking, which leverages updatable attribute-based anonymous credentials and efficient zero-knowledge proof (ZKP) to achieve user anonymity and constant overhead for parking fee payment. To further improve the efficiency, we design a secure parking fee aggregation protocol based on linear homomorphic encryption to aggregate parking transactions, where the amount of each parking transaction is hidden and the privacy of the parking lot in terms of its revenue is guaranteed. AnoPay achieves both unlinkability and accountability, malicious payments can be efficiently traced when it is necessary. We provide a security model and rigorous proof for each security property of AnoPay. Extensive experiments and comparisons demonstrate the efficiency and practicality of the system.

Counter: A Novel Scheme Ensuring Compliance and Privacy in Cryptocurrency-Based Blockchain

An extremely secure cryptocurrency, commonly known as the Decentralized Anonymous Payment System (DAP), stands as one of the most innovative and widely embraced applications in the field of blockchain. Although the DAP provides a strong degree of transaction privacy and user anonymity, it has been utilized illegally in criminal activities, constituting security challenges to governments and financial institutions. In this paper, we propose a solution known as Counter: A Novel Scheme Ensuring Compliance and Privacy in Cryptocurrency-Based Blockchain, which aims to preserve transaction privacy while providing governments with supervision and enforcing regulations over transactions. Our suggested counter imposed limitations on the transfer of large amounts of cryptocurrencies and also imposed a restriction on the trading of cryptocurrencies during specific time periods. The principal feature of our proposed system involves employing the Order-Preserving Encryption (OPE) and Pedersen Commitment to implement a financial policy ensuring that the transferred amount remains within the allowed range and does not exceed the limit. Besides, we utilized the Unix timestamp to guarantee that the transaction is carried out within the allowed date and time frame. We utilized the RSA accumulator to provide government supervision and enforce regulations. Our suggested counter employs the combination of the ring signature, Pedersen Commitment, and stealth address to protect transaction privacy. Our system fulfills all the security requirements for organizing digital assets that have been defined by international financial institutions and authorities. Finally, the assessment shows that our system is effective and efficient compared to other systems.

Statistical privacy protection for secure data access control in cloud

Cloud Service Providers (CSPs) allow data owners to migrate their data to resource-rich and powerful cloud servers and provide access to this data by individual users. Some of this data may be highly sensitive and important and CSPs cannot always be trusted to provide secure access. It is also important for end users to protect their identities against malicious authorities and providers, when they access services and data. Attribute-Based Encryption (ABE) is an end-to-end public key encryption mechanism, which provides secure and reliable fine-grained access control over encrypted data using defined policies and constraints. Since, in ABE, users are identified by their attributes and not by their identities, collecting and analyzing attributes may reveal their identities and violate their anonymity. Towards this end, we define a new anonymity model in the context of ABE. We analyze several existing anonymous ABE schemes and identify their vulnerabilities in user authorization and user anonymity protection. Subsequently, we propose a Privacy-Preserving Access Control Scheme (PACS), which supports multi-authority, anonymizes user identity, and is immune against users collusion attacks, authorities collusion attacks and chosen plaintext attacks. We also propose an extension of PACS, called Statistical Privacy-Preserving Access Control Scheme (SPACS), which supports statistical anonymity even if malicious authorities and providers statistically analyze the attributes. Lastly, we show that the efficiency of our scheme is comparable to other existing schemes. Our analysis show that SPACS can successfully protect against Collision Attacks and Chosen Plaintext Attacks.

Personalised Advertising in Social Networks: Ethical Challenges and Threats

The article provides a comprehensive analysis of the phenomenon of personalised advertising on social media, emphasising identifying and considering the ethical challenges and potential threats arising in this context. Personalisation of social media advertising raises significant ethical concerns related to privacy, data security, consumer manipulation, moral dilemmas, bias and discrimination. The study shows that while personalised advertising can increase the effectiveness of advertising campaigns and consumer satisfaction, it also compromises consumers’ anonymity and may lead to misuse of personal data. The purpose of the article is to analyse the ethical challenges and potential threats associated with personalised advertising on social media. The author examines the impact of personalised advertising on the anonymity of Internet users, their freedom of choice and other rights. The research methods are based on a comprehensive approach that includes a theoretical review of the available literature, and case studies, as well as logical analysis and synthesis of the data obtained. A comparative analysis was used to compare different approaches to the regulation of personalised advertising. This allows us to better understand the mechanisms of personalised advertising and assess its impact on individual rights and freedoms. The scientific novelty lies in the extended analysis of the relationship between personalised advertising and ethical principles in the context of digital technologies. Considerable attention is paid to the study of the impact of personalisation on the privacy and anonymity of users, as well as the potential risks and threats that may arise from the uncontrolled collection and use of personal data. There is a lack of research in this area, which necessitates the development of new theoretical approaches and practical recommendations that meet the current challenges of the digital age. Conclusions. The article emphasises the need to strike a balance between the commercial efficiency of advertising campaigns and the protection of users’ rights. Recommendations are offered to strengthen security measures, ensure transparency in the collection and use of data, and develop ethical norms and standards in this area. The author highlights the critical need to develop effective mechanisms for regulating and controlling personalised advertising. The article proposes the introduction of clear ethical standards and legal restrictions governing the collection, processing and use of personal data, and emphasises the importance of raising awareness of users about their rights and protection mechanisms. The author emphasises the importance of establishing ethical, transparent and responsible practices in the field of digital advertising in order to ensure respect for the privacy and rights of users.