Privacy-preserving Internet of Things analysis architecture

Abstract

The Internet of Things (IoTs) is flourishing and has penetrated deeply into people’s daily life. With the seamless connection to the physical world, IoT provides tremendous opportunities to a wide range of smart applications. Although the privacy of such wireless applications has been thoroughly studied in Wireless Sensor Networks (WSNs), IoT applications face emerging challenges and potential privacy risks due to unique IoT characteristics. These risks endanger the vision of the next generation ubiquitous Internet and the proliferation of the IoT.

This dissertation focuses on addressing data privacy leakage issues involved in providing data storage and publishing, and machine learning services. Three common IoT functionalities are mainly focused respectively, which are client-to-server private data storage and acquisition, server-to-client private data publishing, and privacy-preserving machine learning services on server-side. The privacy leakage during these services will cause tremendous threats to normal users. Different to the solutions under the traditional domain, this dissertation aims to provide and discuss potential solutions under strict resource constraints including device computing capability and power consumption, which is vital for low-end IoT devices.

The main contribution of this dissertation is to address IoT data analysis architecture vulnerabilities and privacy issues in existing IoT systems. Each of the privacy leakage problems in IoT services is addressed with the specific solution under corresponding threat models. Initially, in the client-to-server scenario, the leakage of private data can be severe as a problem of confidentiality. To this end, Kryptein is proposed, which is a compressive-sensing-based encryption scheme for cloud-enabled IoT systems to secure the interaction between the IoT devices and the cloud. Additionally, for the server-to-client private data publishing service, Koinonia, new privacy-preserving primitives based on differentially private Bloom filter are proposed to defend against different attacks to the published private data. Finally, the trade-off on differential privacy based privacy-preserving machine learning architecture is discussed. As a result, Acies is proposed to provide a better trade-off compared to classic Laplace input perturbation method. Together, these contributions enable efficient and private data management and processing in IoT systems.