An official website of the United States government
One of the image segmentation techniques, multilevel thresholding, is widely used in many computer vision applications because of its low computational complexity and efficient data representation. When it is used in cyber-physical systems and internet-of-things, a special technique is required to protect the sensitive information in an image. This paper proposes a novel homomorphic encryption (HE)-based multilevel thresholding method. To implement a comparison operation in the HE domain, which is not a basic homomorphic operation, a numerical method is adopted. Our proposed method executes comparison operations in parallel to perform more iterations and increase accuracy. When the number of iterations in the numerical comparison operation is (5, 3), the proposed three-level thresholding method shows an average peak signal-to-noise ratio of 28 dB compared to a conventional non-HE-based method and takes 3 minutes on a PC.
more »
« less
Accelerating Homomorphic Comparison Operations for Thresholding Using an Asymmetric Input Range and Input Scaling
In a cyber-physical system (CPS), the interconnection of cyber and physical components occurs through a network. This structure, particularly cyber components and networks, makes it susceptible to malicious attacks. One of the solutions to this CPS security issue is to employ end-to-end homomorphic encryption (HE) that allows direct computations on encrypted data. Despite its promise, HE only supports basic operations, such as addition and multiplication, which limits its application areas. Numerical methods have been presented to perform a comparison operation in the HE domain. However, they suffer from a slow processing speed due to an inherently high number of iterations. To accelerate a homomorphic comparison operation, this paper introduces a novel approach that scales inputs using an asymmetric input range in thresholding. Additionally, parallelism in HE-based multilevel thresholding is explored and exploited through the use of a parallel processing application programming interface for further acceleration. Compared to a previous comparison operation method, the proposed method achieves comparable accuracy with fewer iterations, resulting in a 48% reduction in execution time on an edge computing device. Furthermore, employing an additional thread using parallelism increases this reduction to 63%.
more »
« less
- Award ID(s):
- 2347253
- PAR ID:
- 10524138
- Publisher / Repository:
- ACM
- Date Published:
- ISBN:
- 9798400706059
- Subject(s) / Keyword(s):
- cyber-physical system homomorphic encryption multithreading numerical method security thresholding
- Format(s):
- Medium: X
- Location:
- Clearwater FL USA
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Recent advances in cloud services provide greater computing ability to edge devices on cyber-physical systems (CPS) and internet of things (IoT) but cause security issues in cloud servers and networks. This paper applies homomorphic encryption (HE) to background subtraction (BGS) in CPS/IoT. Cheon et al.'s numerical methods are adopted to implement the non-linear functions of BGS in the HE domain. In particular, square- and square root-based HE-based BGS (HEBGS) designs are proposed for the input condition of the numerical comparison operation. In addition, a fast-converging method is proposed so that the numerical comparison operation outputs more accurate results with lower iterations. Although the outer loop of the numerical comparison operation is removed, the proposed square-based HEBGS with the fast-converging method shows an average peak signal-to-noise ratio value of 20dB and an average structural similarity index measure value of 0.89 compared to the non-HE-based conventional BGS. On a PC, the execution time of the proposed design for each 128×128-sized frame is 0.34 seconds.more » « less
-
Recently, cyber-physical systems are actively using cloud servers to overcome the limitations of power and processing speed of edge devices. When passwords generated on a client device are evaluated on a server, the information is exposed not only on networks but also on the server-side. To solve this problem, we move the previous lightweight password strength estimation (LPSE) algorithm to a homomorphic encryption (HE) domain. Our proposed method adopts numerical methods to perform the operations of the LPSE algorithm, which is not provided in HE schemes. In addition, the LPSE algorithm is modified to increase the number of iterations of the numerical methods given depth constraints. Our proposed HE-based LPSE (HELPSE) method is implemented as a client-server model. As a client-side, a virtual keyboard system is implemented on an embedded development board with a camera sensor. A password is obtained from this system, encrypted, and sent over a network to a resource-rich server-side. The proposed HELPSE method is performed on the server. Using depths of about 20, our proposed method shows average error rates of less than 1% compared to the original LPSE algorithm. For a polynomial degree of 32K, the execution time on the server-side is about 5 seconds.more » « less
-
Cyber-Physical Systems (CPS) have been increasingly subject to cyber-attacks including code injection attacks. Zero day attacks further exasperate the threat landscape by requiring a shift to defense in depth approaches. With the tightly coupled nature of cyber components with the physical domain, these attacks have the potential to cause significant damage if safety-critical applications such as automobiles are compromised. Moving target defense techniques such as instruction set randomization (ISR) have been commonly proposed to address these types of attacks. However, under current implementations an attack can result in system crashing which is unacceptable in CPS. As such, CPS necessitate proper control reconfiguration mechanisms to prevent a loss of availability in system operation. This paper addresses the problem of maintaining system and security properties of a CPS under attack by integrating ISR, detection, and recovery capabilities that ensure safe, reliable, and predictable system operation. Specifically, we consider the problem of detecting code injection attacks and reconfiguring the controller in real-time. The developed framework is demonstrated with an autonomous vehicle case study.more » « less
-
The adoption of digital technology in industrial control systems (ICS) enables improved control over operation, ease of system diagnostics and reduction in cost of maintenance of cyber physical systems (CPS). However, digital systems expose CPS to cyber-attacks. The problem is grave since these cyber-attacks can lead to cascading failures affecting safety in CPS. Unfortunately, the relationship between safety events and cyber-attacks in ICS is ill-understood and how cyber-attacks can lead to cascading failures affecting safety. Consequently, CPS operators are ill-prepared to handle cyber-attacks on their systems. In this work, we envision adopting Explainable AI to assist CPS oper-ators in analyzing how a cyber-attack can trigger safety events in CPS and then interactively determining potential approaches to mitigate those threats. We outline the design of a formal framework, which is based on the notion of transition systems, and the associated toolsets for this purpose. The transition system is represented as an AI Planning problem and adopts the causal formalism of human reasoning to asssit CPS operators in their analyses. We discuss some of the research challenges that need to be addressed to bring this vision to fruition.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Proceeding:
- https://doi.org/10.1145/3649476
