Search Results (95)

With the proliferation of image-capturing and display-enabled IoT devices, ensuring the authenticity and integrity of visual data has become increasingly critical, especially in light of emerging cybersecurity threats and powerful generative AI tools. One of the major challenges in such sensor-based systems is the ability to protect privacy while maintaining data usability. Reversible data hiding has attracted growing attention due to its reversibility and ease of implementation, making it a viable solution for secure image communication in IoT environments. In this paper, we propose reversible data hiding techniques tailored to the content characteristics of images. Our approach leverages subsampling and quadtree partitioning, combined with multi-stage prediction schemes, to generate a predicted image aligned with the original. Secret information is embedded by analyzing the difference histogram between the original and predicted images, and enhanced through multi-round rotation techniques and a multi-level embedding strategy to boost capacity. By employing both subsampling and quadtree decomposition, the embedding strategy dynamically adapts to the inherent characteristics of the input image. Furthermore, we investigate the trade-off between embedding capacity and marked image quality. Experimental results demonstrate improved embedding performance, high visual fidelity, and low implementation complexity, highlighting the method’s suitability for resource-constrained IoT applications. Full article

Managing and analyzing data in data lakes for big data environments requires robust protocols to ensure security, scalability, and compliance with privacy regulations. The increasing need to process sensitive data emphasizes the relevance of secure-by-design approaches that integrate encryption techniques and governance frameworks to protect personal and confidential information. This study proposes a protocol that combines the capabilities of Databricks and format-preserving encryption to improve data security and accessibility in data lakes without compromising usability or structure. The protocol was developed using a design science methodology, incorporating findings from a systematic literature review and validated through expert feedback and proof-of-concept experiments in banking environments. The proposed solution integrates multiple layers, data ingestion, persistence, access, and consumption, leveraging the processing capabilities of Databricks and format-preserving encryption to enable secure data management and governance. Validation results indicate the protocol is effectiveness in protecting sensitive data, with promising applicability in regulated industries. This work contributes to addressing key challenges in big data security and lays the groundwork for future developments in data governance and encryption techniques. Full article

Drawing on experience–satisfaction–loyalty, this study models how specific digital retail interface attributes translate into behavioural outcomes. Survey data from Portuguese online shoppers were analysed with PLS-SEM to test a formative–reflective framework linking Interactivity and Technologies, Trust–Security–Privacy, Fulfilment and Service Quality, Usability and Web Design, Personalisation and Customisation and Omnichannel Integration to customer experience (CX), customer satisfaction (CS), customer loyalty (CL) and electronic word of mouth (eWOM). The model explains 62.6% of CX, 70.1% of CS and 66.7% of CL. CX is strongly associated with CS and CS, in turn, with CL; associations with eWOM are non-significant, revealing a theoretical blind spot around advocacy. Interactivity and Technologies, Trust–Security–Privacy and Fulfilment and Service Quality emerge as the most significant antecedents of CX, whereas Omnichannel Integration is inert. The findings advance digital commerce theory by decoupling advocacy from evaluative satisfaction and by reconceptualising integration as multidimensional. Practically, they prioritise investment in interactive, secure and fulfilment capabilities while signalling that loyalty is not associated with advocacy. This study concludes by outlining measurement refinements and longitudinal avenues to capture social–motivational drivers of eWOM. Full article

Trajectory data contain numerous sensitive attributes. Unauthorized disclosure of precise user trajectory information generates persistent privacy and security concerns that significantly impact daily life. Most existing trajectory privacy protection schemes focus on geographic trajectories while neglecting the critical importance of semantic trajectories, resulting in ongoing privacy vulnerabilities. To address this limitation, we propose the Semantic Behavior Sequence-based Trajectory Privacy Protection method (SBS-TPP). Our approach integrates short-term and long-term behavioral patterns within a user behavior modeling layer to identify user preferences. A dual-model framework (geographic and semantic) generates noise-injected trajectories with maximized noise potential. This methodology applies symmetric noise addition to both geographic trajectory fragments and semantic trajectory segments, optimizing trajectory data utility while ensuring robust protection of sensitive information. The SBS-TPP framework operates in the following two phases: firstly, behavior modeling, which comprises interest extraction from behavioral trajectory sequences, and secondly, noise generation, which creates synthetic noise locations with maximal semantic expectation from original locations, yielding privacy-enhanced trajectories for publication. Experimental results demonstrate that our interest extraction model achieves 93.7% accuracy while maintaining 81.6% data utility under strict privacy guarantees. The proposed method significantly enhances data usability and enables effective recommendation services without compromising user privacy or security. Full article

Facial authentication has gained widespread adoption as a biometric authentication method, offering a convenient alternative to traditional password-based systems, particularly on mobile devices equipped with front-facing cameras. While this technology enhances usability and security by eliminating password management, it remains highly susceptible to spoofing attacks. Adversaries can exploit facial recognition systems using pre-recorded photos, videos, or even sophisticated 3D models of victims’ faces to bypass authentication mechanisms. The increasing availability of personal images on social media further amplifies this risk, making robust anti-spoofing mechanisms essential for secure facial authentication. To address these challenges, we introduce FaceCloseup, a novel liveness detection technique that strengthens facial authentication by leveraging perspective distortion inherent in close-up shots of real, 3D faces. Instead of relying on additional sensors or user-interactive gestures, FaceCloseup passively analyzes facial distortions in video frames captured by a mobile device’s camera, improving security without compromising user experience. FaceCloseup effectively distinguishes live faces from spoofed attacks by identifying perspective-based distortions across different facial regions. The system achieves a 99.48% accuracy in detecting common spoofing methods—including photo, video, and 3D model-based attacks—and demonstrates 98.44% accuracy in differentiating between individual users. By operating entirely on-device, FaceCloseup eliminates the need for cloud-based processing, reducing privacy concerns and potential latency in authentication. Its reliance on natural device movement ensures a seamless authentication experience while maintaining robust security. Full article

The visual nature of Sign Language datasets raises privacy concerns that hinder data sharing, which is essential for advancing deep learning (DL) models in Sign Language recognition and translation. This study evaluated two anonymization techniques, realistic avatar synthesis and face swapping (FS), designed to anonymize the identities of signers, while preserving the semantic integrity of signed content. A novel metric, Identity Anonymization with Expressivity Preservation (IAEP), is introduced to assess the balance between effective anonymization and the preservation of facial expressivity crucial for Sign Language communication. In addition, the quality evaluation included the LPIPS and FID metrics, which measure perceptual similarity and visual quality. A survey with deaf participants further complemented the analysis, providing valuable insight into the practical usability and comprehension of anonymized videos. The results show that while face swapping achieved acceptable anonymization and preserved semantic clarity, avatar-based anonymization struggled with comprehension. These findings highlight the need for further research efforts on securing privacy while preserving Sign Language understandability, both for dataset accessibility and the anonymous participation of deaf people in digital content. Full article

With the proliferation of multi-camera smartphones, image generation has proliferated and cloud storage services have become the primary tool for storing and sharing photos. However, this also poses privacy and security risks. Traditional image encryption techniques, while protecting privacy, also lead to loss of image availability in the cloud. To balance security and availability, TPE (Thumbnail Preserving Encryption) is proposed. However, the decryption effect of the existing schemes is generally unsatisfactory, and many existing schemes are unable to achieve perfect restoration in practical applications. Meanwhile, a few fully reversible schemes are limited by the proposed algorithms, which makes it difficult to be extended to a wider range of applications. To solve this contradiction, this paper proposes a TPE scheme based on reversible information hiding. Specifically, the scheme preserves the DC coefficients of the image during the encryption process and encrypts the AC coefficients to enhance the security of the image, thus obtaining the intermediate encrypted image. Then, the intermediate encrypted image is pre-decrypted, and the subtle error between the original image and the intermediate encrypted image is used as the compensation information. In order to achieve lossless decryption, we introduce the reversible information hiding technique to embed the compensation information into the intermediate image, and we finally obtain the encrypted image. This is also applicable to other high-quality TPE schemes and can provide ideas for their optimization direction. The experimental results show that this scheme not only achieves lossless decryption but also outperforms other TPE schemes in terms of visual effect, while the file extension size is kept at a low level. The research in this paper provides new ideas for balancing image privacy protection and usability, which has important theoretical and practical significance. Full article

Recently, the increasing frequency of cybersecurity incidents has raised concerns about communication security and personal privacy. In a zero-trust network environment, it is critically important to protect communication content and ensure that it is not intercepted, recorded, or stored without proper authorization. End-to-end encryption (E2EE) is a reliable solution for this purpose. The COVID-19 pandemic has accelerated the adoption of remote work and virtual meetings, making the security of voice conferences a critical issue. This study aims to explore the application of end-to-end encryption technology in voice conferences. We designed and implemented an end-to-end encrypted voice conferencing system based on terminal-side mixing to ensure security while also being applicable in low-bandwidth network environments. The developed system effectively prevented man-in-the-middle attacks and data wiretaps, while maintaining high performance and low latency. It can be used in low-bandwidth scenarios such as satellite networks. The end-to-end encryption technology, when combined with terminal-side voice mixing, significantly enhances the security and usability of voice conferences as a new solution for secure communication in the future. Full article

The rapid expansion of the Internet of Things (IoT) has made software security and reliability a critical concern. With multi-language programs running on edge computing, embedded systems, and sensors, each connected device represents a potential attack vector, threatening data integrity and privacy. Symbolic execution is a key technique for automated vulnerability detection. However, unknown function interfaces, such as sensor interactions, limit traditional concrete or concolic execution due to uncertain function returns and missing symbolic expressions. Compared with system simulation, the traditional method is to construct an interface abstraction layer for the symbolic execution engine to reduce the cost of simulation. Nevertheless, the disadvantage of this solution is that the manual modeling of these functions is very inefficient and requires professional developers to spend hundreds of hours. In order to improve efficiency, we propose an LLM-based automated approach for modeling unknown functions. By fine-tuning a 20-billion-parameter language model, it automatically generates function models based on annotations and function names. Our method improves symbolic execution efficiency, reducing reliance on manual modeling, which is a limitation of existing frameworks like KLEE. Experimental results primarily focus on comparing the usability, accuracy, and efficiency of LLM-generated models with human-written ones. Our approach was integrated into one verification platform project and applied to the verification of smart contracts with distributed edge computing characteristics. The application of this method directly reduces the manual modeling effort from a month to just a few minutes. This provides a foundational validation of our method’s feasibility, particularly in reducing modeling time while maintaining quality. This work is the first to integrate LLMs into formal verification, offering a scalable and automated verification solution for sensor-driven software, blockchain smart contracts, and WebAssembly systems, expanding the scope of secure IoT development. Full article

Usable security and privacy in public services are critical considerations in today’s digital age, where governments increasingly rely on technology to deliver services efficiently while safeguarding sensitive information. Successful usage of these electronic services depends on citizens’ trust level in e-government channels. Therefore, the design of these public service organizations should consider the usability aspect of security controls. In this paper, we present the results of a quantitative study conducted in Saudi Arabia to understand end users’ perceptions regarding usable security and privacy in their public service usage. Based on the findings, we present a model to further improve the usable security and privacy aspects, which will help policymakers and practitioners improve public service provision by electronic means. The model can be further refined in different geographical contexts to improve cybersecurity in e-government service provision through the integrated efforts of citizens, service-providing organizations and government cybersecurity agencies. Full article

Background: Mobile health (mHealth) applications play a crucial role in enhancing healthcare accessibility, patient engagement, and chronic disease management. However, technical, usability, accessibility, and privacy-related barriers continue to hinder their widespread adoption. The Sehaty app, a government-managed mHealth platform in Saudi Arabia, is widely used for scheduling medical appointments, accessing health records, and communicating with healthcare providers. Understanding the challenges associated with its utilization is essential for optimizing its functionality and improving user experience. Aim: This study aims to identify and evaluate the key barriers affecting the adoption and usability of the Sehaty mHealth application among patients with chronic conditions in Saudi Arabia. Specifically, it examines challenges related to technical performance, usability, accessibility, privacy, and security and their impact on user satisfaction and engagement. Methods: A cross-sectional study was conducted using a structured questionnaire distributed to 344 participants selected through purposive sampling to ensure the inclusion of active Sehaty users with chronic conditions. The questionnaire assessed 10 primary usability barriers, including technical issues, navigation difficulties, privacy concerns, and accessibility limitations. Descriptive statistics and correlation analyses were performed to evaluate the prevalence and interrelationships of these barriers. Results: The findings indicate that technical barriers, including frequent application crashes, slow responsiveness, and system instability, significantly hinder user satisfaction. Usability challenges, such as difficulties in navigation and task completion, further impede engagement. Moreover, privacy and security concerns emerged as significant deterrents, with users expressing apprehensions about data safety and transparency. Accessibility barriers, particularly for older adults and individuals with disabilities, were associated with insufficient support and training, making the app less user-friendly for these populations. The study highlights the interconnected nature of usability challenges, suggesting that improvements in technical stability and interface design could lead to enhanced user confidence, engagement, and overall satisfaction. Conclusions: Addressing these barriers requires targeted technical enhancements, user-centered design improvements, and strengthened data security measures to promote trust and engagement. Additionally, implementing comprehensive user support systems and accessibility features is essential to ensuring equitable access to mHealth services. While the study’s generalizability is limited by its focus on a single government-managed platform, its findings offer valuable insights applicable to broader mHealth initiatives. Future research should incorporate longitudinal studies to assess the long-term impact of usability improvements on mHealth adoption and healthcare outcomes. Full article

Federated learning is a powerful tool for securing participants’ private data due to its ability to make data “available but not visible”. In recent years, federated learning has been enhanced by the emergence of multi-weight aggregation protocols, which minimize the impact of erroneous parameters, and verifiable protocols, which prevent server misbehavior. However, it still faces significant security and performance challenges. Malicious participants may infer the private data of others or carry out poisoning attacks to compromise the model’s correctness. Similarly, malicious servers may return incorrect aggregation results, undermining the model’s convergence. Furthermore, substantial communication overhead caused by interactions between participants or between participants and servers hinders the development of federated learning. In response to this, this paper proposes GHEFL, a group-based, verifiable, federated learning method based on homomorphic encryption that aims to prevent servers from maliciously stealing participant privacy data or performing malicious aggregation. While ensuring the usability of the aggregated model, it strives to minimize the workload on the server as much as possible. Finally, we experimentally evaluate the performance of GHEFL. Full article

In the digital age, sharing moments through photos has become a daily habit. However, every face captured in these photos is vulnerable to unauthorized identification and potential misuse through AI-powered synthetic content generation. Previously, we introduced SnapSafe, a secure system for enabling selective image privacy focusing on facial regions for single-party scenarios. Recognizing that group photos with multiple subjects are a more common scenario, we extend SnapSafe to support multi-user facial privacy protection with dynamic access control designed for online photo platforms. Our approach introduces key splitting for access control, an owner-centric permission system for granting and revoking access to facial regions, and a request-based mechanism allowing subjects to initiate access permissions. These features ensure that facial regions remain protected while maintaining the visibility of non-facial content for general viewing. To ensure reproducibility and isolation, we implemented our solution using Docker containers. Our experimental assessment covered diverse scenarios, categorized as “Single”, “Small”, “Medium”, and “Large”, based on the number of faces in the photos. The results demonstrate the system’s effectiveness across all test scenarios, consistently performing face encryption operations in under 350 ms and achieving average face decryption times below 286 ms across various group sizes. The key-splitting operations maintained a $100\%$ success rate across all group configurations, while revocation operations were executed efficiently with server processing times remaining under 16 ms. These results validate the system’s capability in managing facial privacy while maintaining practical usability in online photo sharing contexts. Full article

With the rapid development of information technology, blended learning has become a crucial aspect of modern education. However, the fragmented use of various teaching platforms, such as Xuexitong and Rain Classroom, has led to the dispersion of teaching data. This not only increases the cognitive load on teachers and students but also hinders the systematic recording of teaching activities and learning outcomes. Moreover, existing blended learning evaluation systems exhibit significant shortcomings in large-scale data storage and secure sharing. To address these issues, this study designs a blended teaching evaluation management system based on blockchain and searchable encryption. First, an on-chain and off-chain collaborative storage model is established using the Ethereum blockchain and the InterPlanetary File System (IPFS) to ensure secure and large-scale storage of student work data. Next, a role-based access control scheme utilizing smart contracts is proposed to effectively prevent unauthorized access. Simultaneously, a searchable encryption scheme is designed using AES-CBC-256 and SHA-256 algorithms, enabling data sharing while safeguarding data privacy. Additionally, the smart contract comprehensively records students’ grade information, including weekly regular scores, midterm scores, final scores, overall scores, and their rankings, ensuring transparency in the evaluation process. Based on these technical solutions, a general-purpose teaching evaluation management system (B-Education) is developed. The experimental results demonstrate that the system accurately records teaching activities and learning outcomes, improving the transparency of teaching evaluations while ensuring data security and privacy. The system’s gas consumption remains within a reasonable range, demonstrating good flexibility and usability. Educational institutions can flexibly configure course evaluation criteria and adjust the weighting of various grades based on their specific needs. This study provides an innovative solution for blended teaching evaluation, offering significant theoretical value and practical implications. Full article

Machine-learning applications are becoming increasingly widespread. However, machine learning is highly dependent on high-quality, large-scale training data. Due to the limitations of data privacy and security, in order to accept more user data, users are required to participate in the computation themselves through the secure use of secret keys. In this paper, we propose a multi-user encrypted machine-learning system based on partially homomorphic encryption, which can be realized for the purpose of supporting encrypted machine learning under multiple users. In this system, offline homomorphic computation is provided, so that users can support homomorphic computation without interacting with the cloud after locally executing encryption, and all computational parameters are computed in the initial and encryption phases. In this system, the isolation forest algorithm is modified appropriately so that its computation can be within the supported homomorphic computation methods. The comparison with other schemes in the comparison experiments reflects this scheme’s computational and communication advantages. In the application experiments, where anomaly detection is taken as the goal, the encrypted machine-learning system can provide more than 90% recall, illustrating this scheme’s usability. Full article