Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Security and Privacy in Machine Learning and Artificial Intelligence (AI)
share announcement

Security and Privacy in Machine Learning and Artificial Intelligence (AI)

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (29 February 2024) | Viewed by 8592

Special Issue Editors

Dr. Tao Jiang

E-Mail Website
Guest Editor
School of Cyber Engineering, Xidian University, Xi’an 710126, China
Interests: artificial intelligence security and privacy; cryptography, cloud computing security
Dr. Yuling Chen

E-Mail Website
Guest Editor
State Key Laboratory of Public Big Data and the College of Computer Science and Technology, Guizhou University, Guiyang 550025, China
Interests: blockchain; data privacy; information security; AI security
Prof. Dr. Yilei Wang

E-Mail Website
Guest Editor
College of Computer Science and Technology, Qufu Normal University, Qufu 273165, China
Interests: information security theory; secure multi-party computing protocols; blockchain and smart contract applications
Prof. Dr. Huiyu (Joe) Zhou

E-Mail Website
Guest Editor
School of Informatics, University of Leicester, Leicester LE1 7RH, UK
Interests: machine learning; artificial intelligence; computer vision; human-computer interface
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

In the past decade, the world has witnessed a booming development in the field of Machine Learning (ML) and Artificial Intelligence (AI). Under this trend, ML&AI techniques have been increasingly deployed for automated decisions in many critical applications, such as autonomous vehicles, personalized recommendations, cybersecurity, health care, and many more. However, the use of ML&AI in security- and privacy-sensitive domains, where adversaries may attempt to mislead or evade intelligent mechanisms, creates new frontiers for security research. On the one hand, ML&AI technologies, especially deep learning, have been repeatedly proven to suffer from trust and interpretability challenges in the face of various attacks, such as adversarial attacks, poisoning attacks, backdoor attacks, member inference, member reconstruction, etc. Therefore, new ML&AI theories and methods are required to ensure security and data privacy. On the other hand, to overcome the efficiency and application limitation of simple data encryption solutions, new security, and privacy technologies are necessary to exploit, such as federated learning, homomorphic encryption, differential privacy, secure multiparty computation, and many more. Moreover, with the promulgation of security and privacy legislation, such as the General Data Protection Regulation (GDPR), more restrictions are required for data owners, enterprises, and organizations in collecting, using, sharing, and managing Internet data. Therefore, how to ensure the security and privacy of the systems enabled by ML&AI techniques is becoming urgent and challenging.

This Special Issue is expected to publish high-quality and original papers presenting novel algorithms, protocols, or systems that enhance the security and privacy protections of the emerging ML&AI paradigm. Potential topics include, but are not limited to, the following research areas:

ML&AI Theoretical topics:

  • ML&AI interpretability
  • adversarial learning
  • differential privacy for ML&AI
  • cryptography for ML&AI

Application topics:

  • evasion attacks and defenses
  • poisoning attack and defenses
  • model inversion attacks and defenses
  • AI backdoors attacks and defenses
  • membership inference/reconstruction attacks and defenses
  • digital watermarking for ML&AI models
  • privacy-preserving data mining
  • privacy-preserving data publishing
  • ML&AI model processing platforms
  • ML&AI-based social networks security and privacy
  • ML&AI-based secure and privacy-preserving blockchain
  • secure and privacy-preserving outsourced ML&AI
  • security and privacy of federated machine learning
  • AI-based detection techniques, e.g., intrusion detection, anomaly detection, fraud detection, malicious codes, network anomalous behaviors, etc.

Other topics:

  • ML&AI fairness
  • ML&AI trust
  • ML&AI ethics

Dr. Tao Jiang
Dr. Yuling Chen
Prof. Dr. Yilei Wang
Prof. Dr. Huiyu (Joe) Zhou
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • machine learning and artificial intelligence
  • security and privacy
  • cryptography
  • attack and defense
  • theory and application

Published Papers (6 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

17 pages, 6410 KiB  
Article
A Graph Neural Network Approach with Improved Levenberg–Marquardt for Electrical Impedance Tomography
by Ruwen Zhao, Chuanpei Xu, Zhibin Zhu and Wei Mo
Appl. Sci. 2024, 14(2), 595; https://doi.org/10.3390/app14020595 - 10 Jan 2024
Viewed by 729
Abstract
Electrical impedance tomography (EIT) is a non-invasive imaging method that allows for the acquisition of resistivity distribution information within an object without the use of radiation. EIT is widely used in various fields, such as medical imaging, industrial imaging, geological exploration, etc. Presently, [...] Read more.
Electrical impedance tomography (EIT) is a non-invasive imaging method that allows for the acquisition of resistivity distribution information within an object without the use of radiation. EIT is widely used in various fields, such as medical imaging, industrial imaging, geological exploration, etc. Presently, most electrical impedance imaging methods are restricted to uniform domains, such as pixelated pictures. These algorithms rely on model learning-based image reconstruction techniques, which often necessitate interpolation and embedding if the fundamental imaging model is solved on a non-uniform grid. EIT technology still confronts several obstacles today, such as insufficient prior information, severe pathological conditions, numerous imaging artifacts, etc. In this paper, we propose a new electrical impedance tomography algorithm based on the graph convolutional neural network model. Our algorithm transforms the finite-element model (FEM) grid data from the ill-posed problem of EIT into a network graph within the graph convolutional neural network model. Subsequently, the parameters in the non-linear inverse problem of the EIT process are updated by using the improved Levenberg—Marquardt (ILM) method. This method generates an image that reflects the electrical impedance. The experimental results demonstrate the robust generalizability of our proposed algorithm, showcasing its effectiveness across different domain shapes, grids, and non-distributed data. Full article
(This article belongs to the Special Issue Security and Privacy in Machine Learning and Artificial Intelligence (AI))
Show Figures

Figure 1

10 pages, 341 KiB  
Article
Machine Unlearning by Reversing the Continual Learning
by Yongjing Zhang, Zhaobo Lu, Feng Zhang, Hao Wang and Shaojing Li
Appl. Sci. 2023, 13(16), 9341; https://doi.org/10.3390/app13169341 - 17 Aug 2023
Viewed by 2205
Abstract
Recent legislations, such as the European General Data Protection Regulation (GDPR), require user data holders to guarantee the individual’s right to be forgotten. This means that user data holders must completely delete user data upon request. However, in the field of machine learning, [...] Read more.
Recent legislations, such as the European General Data Protection Regulation (GDPR), require user data holders to guarantee the individual’s right to be forgotten. This means that user data holders must completely delete user data upon request. However, in the field of machine learning, it is not possible to simply remove these data from the back-end database wherein the training dataset is stored, because the machine learning model still retains this data information. Retraining the model using a dataset with these data removed can overcome this problem; however, this can lead to expensive computational overheads. In order to remedy this shortcoming, we propose two effective methods to help model owners or data holders remove private data from a trained model. The first method uses an elastic weight consolidation (EWC) constraint term and a modified loss function to neutralize the data to be removed. The second method approximates the posterior distribution of the model as a Gaussian distribution, and the model after unlearning is computed by decreasingly matching the moment (DMM) of the posterior distribution of the neural network trained on all data and the data to be removed. Finally, we conducted experiments on three standard datasets using backdoor attacks as the evaluation metric. The results show that both methods are effective in removing backdoor triggers in deep learning models. Specifically, EWC can reduce the success rate of backdoor attacks to 0. IMM can ensure that the model prediction accuracy is higher than 80% and keep the success rate of backdoor attacks below 10%. Full article
(This article belongs to the Special Issue Security and Privacy in Machine Learning and Artificial Intelligence (AI))
Show Figures

Figure 1

20 pages, 1931 KiB  
Article
Analysis of Cyber-Intelligence Frameworks for AI Data Processing
by Alberto Sánchez del Monte and Luis Hernández-Álvarez
Appl. Sci. 2023, 13(16), 9328; https://doi.org/10.3390/app13169328 - 17 Aug 2023
Viewed by 1333
Abstract
This paper deals with the concept of cyber intelligence and its components as a fundamental tool for the protection of information today. After that, the main cyber-intelligence frameworks that are currently applied worldwide (Diamond Model, Cyberkill Chain, and Mitre Att&ck) are described to [...] Read more.
This paper deals with the concept of cyber intelligence and its components as a fundamental tool for the protection of information today. After that, the main cyber-intelligence frameworks that are currently applied worldwide (Diamond Model, Cyberkill Chain, and Mitre Att&ck) are described to subsequently analyse them through their practical application in a real critical cyber incident, as well as analyse the strengths and weaknesses of each one of them according to the comparison of seventeen variables of interest. From this analysis and considering the two actions mentioned, it is concluded that Mitre Att&ck is the most suitable framework due to its flexibility, permanent updating, and the existence of a powerful database. Finally, an explanation is given for how Mitre Att&ck can be integrated with the research and application of artificial intelligence in the achievement of the objectives set and the development of tools that can serve as support for the detection of the patterns and authorship of cyberattacks. Full article
(This article belongs to the Special Issue Security and Privacy in Machine Learning and Artificial Intelligence (AI))
Show Figures

Figure 1

17 pages, 2232 KiB  
Article
Lattice-Based Group Signature with Message Recovery for Federal Learning
by Yongli Tang, Deng Pan, Panke Qin and Liping Lv
Appl. Sci. 2023, 13(15), 9007; https://doi.org/10.3390/app13159007 - 06 Aug 2023
Viewed by 863
Abstract
Federal learning and privacy protection are inseparable. The participants in federated learning need to be the targets of privacy protection. On the other hand, federated learning can also be used as a tool for privacy attacks. Group signature is regarded as an effective [...] Read more.
Federal learning and privacy protection are inseparable. The participants in federated learning need to be the targets of privacy protection. On the other hand, federated learning can also be used as a tool for privacy attacks. Group signature is regarded as an effective tool for preserving user privacy. Additionally, message recovery is a useful cryptographic primitive that ensures message recovery during the verification phase. In federated learning, message recovery can reduce the transmission of parameters and help protect parameter privacy. In this paper, we propose a lattice-based group signature with message recovery (GS-MR). We then prove that the GS-MR scheme has full anonymity and traceability under the random oracle model, and we reduce anonymity and traceability to the hardness assumptions of ring learning with errors (RLWE) and ring short integer solution (RSIS), respectively. Furthermore, we conduct some experiments to evaluate the sizes of key and signature, and make a performance comparison between three lattice-based group signature schemes and the GS-MR scheme. The results show that the message–signature size of GS-MR is reduced by an average of 39.17% for less than 2000 members. Full article
(This article belongs to the Special Issue Security and Privacy in Machine Learning and Artificial Intelligence (AI))
Show Figures

Figure 1

16 pages, 986 KiB  
Article
ReliaMatch: Semi-Supervised Classification with Reliable Match
by Tao Jiang, Luyao Chen, Wanqing Chen, Wenjuan Meng and Peihan Qi
Appl. Sci. 2023, 13(15), 8856; https://doi.org/10.3390/app13158856 - 31 Jul 2023
Cited by 1 | Viewed by 1032
Abstract
Deep learning has been widely used in various tasks such as computer vision, natural language processing, predictive analysis, and recommendation systems in the past decade. However, practical scenarios often lack labeled data, posing challenges for traditional supervised methods. Semi-supervised classification methods address this [...] Read more.
Deep learning has been widely used in various tasks such as computer vision, natural language processing, predictive analysis, and recommendation systems in the past decade. However, practical scenarios often lack labeled data, posing challenges for traditional supervised methods. Semi-supervised classification methods address this by leveraging both labeled and unlabeled data to enhance model performance, but they face challenges in effectively utilizing unlabeled data and distinguishing reliable information from unreliable sources. This paper introduced ReliaMatch, a semi-supervised classification method that addresses these challenges by using a confidence threshold. It incorporates a curriculum learning stage, feature filtering, and pseudo-label filtering to improve classification accuracy and reliability. The feature filtering module eliminates ambiguous semantic features by comparing labeled and unlabeled data in the feature space. The pseudo-label filtering module removes unreliable pseudo-labels with low confidence, enhancing algorithm reliability. ReliaMatch employs a curriculum learning training mode, gradually increasing training dataset difficulty by combining selected samples and pseudo-labels with labeled data. This supervised approach enhances classification performance. Experimental results show that ReliaMatch effectively overcomes challenges associated with the underutilization of unlabeled data and the introduction of error information, outperforming the pseudo-label strategy in semi-supervised classification. Full article
(This article belongs to the Special Issue Security and Privacy in Machine Learning and Artificial Intelligence (AI))
Show Figures

Figure 1

17 pages, 497 KiB  
Article
MDIFL: Robust Federated Learning Based on Malicious Detection and Incentives
by Ruolan Wu, Yuling Chen, Chaoyue Tan and Yun Luo
Appl. Sci. 2023, 13(5), 2793; https://doi.org/10.3390/app13052793 - 21 Feb 2023
Viewed by 1497
Abstract
Federated Learning (FL) is an emerging distributed framework that enables clients to conduct distributed learning and globally share models without requiring data to leave the local. In the FL process, participants are required to contribute data resources and computing resources for model training. [...] Read more.
Federated Learning (FL) is an emerging distributed framework that enables clients to conduct distributed learning and globally share models without requiring data to leave the local. In the FL process, participants are required to contribute data resources and computing resources for model training. However, the traditional FL lacks security guarantees and is vulnerable to attacks and damages by malicious adversaries. In addition, the existing incentive methods lack fairness to participants. Therefore, accurately identifying and preventing malicious nodes from doing evil, while effectively selecting and incentivizing participants, plays a vital role in improving the security and performance of FL. In this paper, we propose a Robust Federated Learning Based on Malicious Detection and Incentives (MDIFL). Specifically, MDIFL first uses a gradient similarity to calculate reputation, thereby maintaining the reputation of participants and identifying malicious opponents, and then designs an effective incentive mechanism based on contract theory to achieve collaborative fairness. Extensive experimental results demonstrate that the proposed MDIFL can not only preferentially select and effectively motivate high-quality participants, but also correctly identify malicious adversaries, achieve fairness, and improve model performance. Full article
(This article belongs to the Special Issue Security and Privacy in Machine Learning and Artificial Intelligence (AI))
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-6
Back to TopTop