apdp: attack-proof personalized differential privacy model...

13
SPECIAL SECTION ON ARTIFICIAL INTELLIGENCE IN CYBERSECURITY Received October 1, 2019, accepted November 4, 2019, date of publication November 12, 2019, date of current version November 27, 2019. Digital Object Identifier 10.1109/ACCESS.2019.2953133 APDP: Attack-Proof Personalized Differential Privacy Model for a Smart Home YUPING ZHANG 1 , YOUYANG QU 2 , LONGXIANG GAO 2 , (Senior Member, IEEE), TOM H. LUAN 3 , (Senior Member, IEEE), XI ZHENG 4 , (Member, IEEE), SHIPING CHEN 5 , (Member, IEEE), AND YONG XIANG 2 , (Senior Member, IEEE) 1 School of Network and Communication, Chengdu Technological University, Chengdu 610023, China 2 School of Information Technology, Deakin University, Burwood, VIC 3125, Australia 3 School of Cyber Engineering, Xidian University, Xi’an 710126, China 4 Faculty of Science and Engineering, Macquarie University, Sydney, NSW 2109, Australia 5 ICT Centre, Commonwealth Scientific and Industrial Research Organization, Sydney, NSW 2015, Australia Corresponding author: Youyang Qu ([email protected]) This work was supported in part by the Chinese Scholarship Council (CSC) under Grant 201508515039. ABSTRACT The proliferation of smart devices in recent years has led to novel smart home applications that upgrade traditional home appliances to intelligent units and automatically adapt their services without human assistance. In a smart home system, a central gateway is required to coordinate the functions of various smart home devices and allow bidirectional communications. However, the gateway may cause leakage of sensitive information unless proper privacy protections are applied. In this work, we first introduce a smart home model based on fog computing and secured by differential privacy. Then, we apply a personalized differential privacy scheme to provide privacy protection. Furthermore, we consider a collusion attack and propose our differential privacy model called APDP based on a modified Laplace mechanism and a Markov process to strengthen privacy protection, thus resisting the attack. Lastly, we perform extensive experiments based on the real-world datasets to evaluate the proposed APDP model. INDEX TERMS Smart home, fog computing, differential privacy, personalized privacy. I. INTRODUCTION With the fast development of computing, communication and data science technologies, advanced service systems, such as the smart home, make our life more efficient and con- venient. The smart home is regarded as an instance of the Internet of Things (IoT) [1] that transforms a dwelling into an intelligent system incorporating communication networks. As a result, key electrical appliances and services can be remotely accessed, monitored and even controlled, leading to the emergence of many appealing applications, e.g., caring for senior citizens and patients, automated alarms, and water and electricity self-service [2], [3]. To develop a service, it is necessary to enhance the process- ing and storage ability of a smart home system. An increas- ing amount of data from various appliances must to be collected in real time, stored, encrypted, transmitted, pro- cessed, and fed back. However, due to limited resources, The associate editor coordinating the review of this manuscript and approving it for publication was Wei Quan. the traditional gateway device of a smart home can hardly satisfy the requirements of complicated big data process- ing tasks, massive historical resource storage, and real-time processing with feedback. Although the above requirements can be partially solved by cloud computing, this approach leads to the emergence of new challenges, such as latency and transmission bandwidth [4], [5]. The newly emerged fog computing, regarded as an extension of cloud computing to support mobile applications at the network edge [6], is a promising solution to the above challenges. We propose a fog-based gateway for a smart home and name it the fog server. As shown in Fig. 1, the fog server is a lightweight cloud-like device with an onboard CPU, a large storage capacity, and wireless communication interfaces. The fog server running on such a device provides distributed compu- tation, communication, control and storage to the smart home along with the cloud-to-things continuum [7]–[9]. Privacy issues have become increasingly challenging in smart home systems [10]. Specifically, the data col- lected from the IoT devices contain sensitive personal VOLUME 7, 2019 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see http://creativecommons.org/licenses/by/4.0/ 166593

Upload: others

Post on 27-Jan-2021

7 views

Category:

Documents


0 download

TRANSCRIPT

  • SPECIAL SECTION ON ARTIFICIAL INTELLIGENCE IN CYBERSECURITY

    Received October 1, 2019, accepted November 4, 2019, date of publication November 12, 2019, date of current versionNovember 27, 2019.

    Digital Object Identifier 10.1109/ACCESS.2019.2953133

    APDP: Attack-Proof Personalized DifferentialPrivacy Model for a Smart HomeYUPING ZHANG1, YOUYANG QU 2, LONGXIANG GAO 2, (Senior Member, IEEE),TOM H. LUAN 3, (Senior Member, IEEE), XI ZHENG 4, (Member, IEEE),SHIPING CHEN5, (Member, IEEE), AND YONG XIANG2, (Senior Member, IEEE)1School of Network and Communication, Chengdu Technological University, Chengdu 610023, China2School of Information Technology, Deakin University, Burwood, VIC 3125, Australia3School of Cyber Engineering, Xidian University, Xi’an 710126, China4Faculty of Science and Engineering, Macquarie University, Sydney, NSW 2109, Australia5ICT Centre, Commonwealth Scientific and Industrial Research Organization, Sydney, NSW 2015, Australia

    Corresponding author: Youyang Qu ([email protected])

    This work was supported in part by the Chinese Scholarship Council (CSC) under Grant 201508515039.

    ABSTRACT The proliferation of smart devices in recent years has led to novel smart home applicationsthat upgrade traditional home appliances to intelligent units and automatically adapt their services withouthuman assistance. In a smart home system, a central gateway is required to coordinate the functions of varioussmart home devices and allow bidirectional communications. However, the gateway may cause leakage ofsensitive information unless proper privacy protections are applied. In this work, we first introduce a smarthome model based on fog computing and secured by differential privacy. Then, we apply a personalizeddifferential privacy scheme to provide privacy protection. Furthermore, we consider a collusion attack andpropose our differential privacy model called APDP based on a modified Laplace mechanism and a Markovprocess to strengthen privacy protection, thus resisting the attack. Lastly, we perform extensive experimentsbased on the real-world datasets to evaluate the proposed APDP model.

    INDEX TERMS Smart home, fog computing, differential privacy, personalized privacy.

    I. INTRODUCTIONWith the fast development of computing, communication anddata science technologies, advanced service systems, suchas the smart home, make our life more efficient and con-venient. The smart home is regarded as an instance of theInternet of Things (IoT) [1] that transforms a dwelling intoan intelligent system incorporating communication networks.As a result, key electrical appliances and services can beremotely accessed, monitored and even controlled, leading tothe emergence of many appealing applications, e.g., caringfor senior citizens and patients, automated alarms, and waterand electricity self-service [2], [3].

    To develop a service, it is necessary to enhance the process-ing and storage ability of a smart home system. An increas-ing amount of data from various appliances must to becollected in real time, stored, encrypted, transmitted, pro-cessed, and fed back. However, due to limited resources,

    The associate editor coordinating the review of this manuscript andapproving it for publication was Wei Quan.

    the traditional gateway device of a smart home can hardlysatisfy the requirements of complicated big data process-ing tasks, massive historical resource storage, and real-timeprocessing with feedback. Although the above requirementscan be partially solved by cloud computing, this approachleads to the emergence of new challenges, such as latencyand transmission bandwidth [4], [5]. The newly emerged fogcomputing, regarded as an extension of cloud computing tosupport mobile applications at the network edge [6], is apromising solution to the above challenges. We propose afog-based gateway for a smart home and name it the fogserver. As shown in Fig. 1, the fog server is a lightweightcloud-like device with an onboard CPU, a large storagecapacity, and wireless communication interfaces. The fogserver running on such a device provides distributed compu-tation, communication, control and storage to the smart homealong with the cloud-to-things continuum [7]–[9].

    Privacy issues have become increasingly challengingin smart home systems [10]. Specifically, the data col-lected from the IoT devices contain sensitive personal

    VOLUME 7, 2019 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see http://creativecommons.org/licenses/by/4.0/ 166593

    https://orcid.org/0000-0002-2944-4647https://orcid.org/0000-0002-3026-7537https://orcid.org/0000-0002-5215-7443https://orcid.org/0000-0002-2572-2355

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    FIGURE 1. Smart home based on Fog Computing.

    information. Massive volumes of data collected from ubiq-uitous sensors, wearable devices or smart meters may lead toimproper release of sensitive personal and private informa-tion. We identify two primary challenges in smart home pri-vacy protection. The first is the lack of personalized privacyprotection. The second is vulnerability to collusion attacksfrom both insider nodes and outsider clouds [11], [12]. Thesetwo challenges significantly degrade the utility of systemsand expose them to significant threats.

    Several existing studies have provided privacy pro-tection uniformly. The clustering-based methods includeK-anonymity [13], L-diversity [14], T-closeness [15] andtheir variants [16]. Clustering-based methods provide satis-factory protection in the scenario of datasets with records thatshare the same attributes; however, they do not function wellin the scenario of data diffusion. Dwork proposed differentialprivacy that offers privacy protection with a solid theoreticalfoundation [17]. Under the framework of differential privacy,numerousmechanisms have been proposed to achieve privacypreservation, e.g., Laplace noise [18] and sampling [19].Although differential privacy can offer strict protection, mostexisting approaches use fixed privacy levels to cope with vari-ous requirements [20]. Recent privacy studies on smart homesalso include the communication protocol [21], data analyticsin cloud-based smart homes [22], location sharing [23], etc.

    With significantly increased computing resources, a fogcomputing-based smart home not only provides enhancedsmart home applications but also introduces more dimen-sions of privacy preservation into smart home systems.In this paper, we develop a personalized differential privacyprotection scheme. We first develop a smart home modelbased on fog computing and protected by differential pri-vacy. We further introduce a personalized differential privacy

    mechanism based on trust distance and a Markov Laplacemechanism. We also create an enhanced differential privacymodel called APDP to address the problem of a collusionattack, which is a severe problem under the multiple-cloudscenario. We perform extensive experiments to illustrate theadvantage of the proposed APDP model. The primary contri-butions of this work are summarized as follows.

    • Smart home model based on fog computing anddifferential privacy: We propose a privacy-preservingsmart homemodel based on the fog computing paradigmand introduce differential privacy to protect privacy inthe model. Our work is one of the first to introduce bothdifferential privacy and fog computing to a smart homeapplication scenario.

    • Collusion attack and personalized differential pri-vacy model: Based on the smart home model,we explore a new attack model under the personalizeddifferential privacy protection scenario. Then, we pro-pose our APDP model based on a modified Laplaceand Markov process to improve privacy protection andresist the attack. Using formal analysis and performingan empirical study of a real-world dataset, we prove thatour algorithm performs very well with respect to privacyprotection, data utility, and the ability to defend againsta collusion attack.

    The rest of this paper is organized as follows. Section IIbriefly reviews the related studies. Section III describes thestructure of a smart home utilizing the fog computing tech-nology and emphasizes the benefits of their interactions.Section IV presents the personalized differential privacy sys-tem model. Section V presents the adversary and collu-sion attack model. Section VI develops and analyzes theattack-proof mechanism. Section VII validates the proposalusing simulations. Section VIII concludes the paper.

    II. RELATED STUDIESThe concept of a smart home has been widely explored inrecent years [24], [25]. Alam et al. [2] describe the definitionof a smart home as ‘‘an application of ubiquitous or pervasivecomputing or environment’’ and analyze the development ofsmart homes. Stojkoska and Trivodaliev [10] present a holis-tic approach to the integration of state-of-the-art IoT solutionsinto smart homes. Chan et al. [26] present an internationalselection of leading smart home projects, as well as the asso-ciated technologies of wearable or implantable monitoringsystems and assistive robotics. Datta et al. [27] develop an IoTarchitecture that enables smarter, connected and personalizedhealthcare andwellness services for residents of smart homes.Cicirelli et al. [28] propose a framework that primarily relieson the cloud-assisted agent-based smart home environmentarchitecture, offering basic abstraction entities for design andimplementation. Jie et al. [1] describe the integration of IoTtechnologies into smart home systems.

    Fog computing has many advantages in terms ofprivacy protection and performance in a smart home.

    166594 VOLUME 7, 2019

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    Dastjerdi and Buyya [29] introduce fog computing compo-nents, software systems and applications. Luan et al. [30]provide an overview of fog computing from the network-ing perspective to improve the efficiency aspects of fogcomputing. Chiang and Zhang [7] describe the range ofnew challenges in the emerging IoT and the difficulty ofovercoming these challenges with today’s computing andnetworking models. Brogi and Forti [31] propose a generaland extensible model to support QoS-aware deploymentsof IoT applications in a fog infrastructure. Tang et al. [32]present a hierarchical distributed fog computing architectureto support the integration of a very large number of infras-tructure components and services into future smart cities.Datta et al. [33] discuss the architecture of fog computingthat is deployed at roadside units (RSUs) and M2M gatewaysthat offers consumer-centric IoT services. Lee et al. [34]present a gateway-based fog computing architecture for wire-less sensor and actuator networks (WSANs).

    Security and privacy issues in smart homes havebeen extensively considered by many researchers. Severalexisting approaches provide privacy protection uniformly.The clustering-based methods include K-anonymity [13],L-diversity [14], T-closeness [15] and their variants [16].Clustering-based methods provide satisfactory protectionunder the scenario of datasets with records that share thesame attributes; however, such methods do not work wellin the data diffusion scenario. Dwork proposed differentialprivacy that offers privacy protection with a solid theoreticalfoundation [17]. Under the framework of differential privacy,numerousmechanisms have been proposed to achieve privacypreservation, e.g., Laplace noise [18] and sampling [19].Although differential privacy can offer strict protection, mostexisting approaches use fixed privacy levels to cope withvarious requirements. Recent privacy studies of smart homesalso include the communication protocol [21], data analyticsin cloud-based smart homes [22], location sharing [23], etc.

    In this era of big data, privacy protection is required inevery aspect of the system [35], [36]. Komninos et al. [37]present dangers encountered in some of the most illustrativescenarios of interaction among entities of the smart home andsmart grid environments, evaluating their impact on the entiregrid. Geneiatakis et al. [38] set up the scene for a security andprivacy threat analysis for a typical smart home architecturethat relies on existing IoT devices and platforms that are read-ily available in the market. Lee et al. [39] discuss the conceptof the IoT fog as well as the existing security measures usefulin securing the IoT fog and then explore potential threats tothe IoT fog. Yang et al. propose privacy preserving collabo-rative filtering via the Johnson-Lindenstrauss transform [40].Zhang et al. [41] introduce various aspects of smart cityapplications, discuss the system architecture, then presentthe general security and privacy requirements, and identifyseveral security challenges for the smart city.

    Personalized privacy can optimize the data utility whilereducing the overall privacy budget [42], [43]. For personal-ized privacy, Wang and Zhang [44] use a Markov decision

    process to control the granularity of the published data.Koufogiannis and Pappas [45] leverage personalized differ-ential privacy to protect the privacy based on distance insocial networks. Götz et al. [46] explore privately releasinguser context streams for personalized mobile applications.In addition, Aghasian et al. propose a method to measurethe privacy closure based on multiple social networks [47].However, all exisiting works barely consider the personalizedprivacy protection in smart home scenario. In addition, per-sonalized privacy will result in collusion attack in a certainextent, which is merely discussed either. We will try to solvethese issues in the rest of this work.

    III. SMART HOME MODELING BASED ON FOGCOMPUTING AND DIFFERENTIAL PRIVACYThe objective of the smart home model is to providehigh-quality services to the user while maximizing the net-work bandwidth and minimizing processing latency. In theproposed model, we consider a fog structure and use a fogserver as the bridge between the cloud server and the IoTapplications. The fog server has a certain computing capabil-ity and storage used to perform computational tasks, reducingthe processing time and service latency. For clarity, we firstanalyze the details of the smart home architecture and thenmodel it as a graph based on graph theory. The rationale isthat we regard fog servers, cloud servers, and smart devicesas nodes and the connections between them as edges.

    A. FOG COMPUTING-BASED SMART HOME MODELTo offer quality services at home, a smart home can providemany different components. In this paper, we discuss thearchitecture of general application with basic components.

    Fig. 2 demonstrates the architecture of a smart home basedon fog computing, which has four layers: IoT devices, the fogserver, the public cloud, and the application layer. The IoTlayer in Fig. 1 includes smart devices deployed at home,such as sensors, wearable devices, smart meters, electricdevices, and monitoring devices. With these smart devices,the IoT layer can obtain all of the status information in asmart home and send it to the fog simultaneously or performpost-processing at the fog server. Therefore, the IoT layerprimarily performs the functions of data collection and ser-vice provision to users. The fog layer has computing, stor-age, control, communication, security, and privacy protectioncapabilities. It can process most of the data collected fromthe IoT and sends the analytic results to the cloud or providesdirect feedback to IoT devices. When the data size is beyondthe fog’s processing ability, a request is sent to the cloudto participate in further processing. This fog-based structurecan improve the real-time processing ability in a smart home,reduce the system latency, and save the network bandwidth.The public cloud layer has superior computing and storagecapabilities that provide support to the fog. In addition, it canprovide a variety of access types to the application layer,which is the top layer. Entities provide services such asmedical center, alarm center, and electric utility.

    VOLUME 7, 2019 166595

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    FIGURE 2. Hierarchical structure of a Smart Home.

    Building on the fog-based smart home structure, we modela smart home as a graph. We develop a personalized differ-ential privacy protection model. It can minimize the over-all privacy budget while improving data utility. In Sec. VI,we leverage a modified Laplace mechanism that introducesa noise generation process into a stochastic process anddecouples the correlation among noises. As a result, we caneliminate the collusion attack under this scenario.

    B. TRUST DISTANCE-BASED DIFFERENTIAL PRIVACYBased on the proposed smart home structure, we furthermodel it using graph theory. We use a weighted graph

    G ={n, e,w

    ∣∣∣n ∈ N , e ∈ E,w ∈ W} (1)to denote the smart home based on the fog computingparadigm. In graph G, we use n ∈ N to represent each node,e ∈ E to denote the relationship between nodes, andw ∈ W toshow the weights between nodes. If there are two nodes ni andni and at least one series of edges {eik1 , eik2 , . . . , eknj} con-nects them, we conclude that the nodes have a relationship.

    Based on the relationship, we also use dT to describe the trustdistance, where dT ∈ DT t.

    The application layer contains many nodes (applications),such as TVs, lighting, and cyber-physical equipment. Thenodes may further connect to several sub-nodes. In this case,the nodes in the end are specific to a certain function and mayleak the user’s private information, e.g., the blood pressuremeasurement. Based on this observation, we set the trustdistance DT as the number of hops between the nodes andthe fog server. Therefore, the privacy level � increases withthe growth of trust distance DT , while � decreases with thereduction of DT .

    For each node ni, when fog server nF tries to diffuse itsdata dij to cloud nCj, the fog server generates a proxy of thedata as

    ŷij = dij + Lap(δ

    �), (2)

    where Lap( δ�) denotes the Laplace noise [18], while δ and �

    are the global sensitivity and privacy level, respectively.The node ni demands that the proxy ŷij satisfy �(DT )-

    differential privacy to protect the private data. For privacylevel �(DT ), DT is a distance function denoting the distancebetween node ni and fog server nF .For simplicity, we regard graph G as an undirected graph.

    However, this assumption can be eliminated, as the modelworks the same way for directed graphs. We also assume thatthe fog server is a trusted central authority and can processthe data with �-differential privacy and transmit the data via asecure communication channel. In the fog server, the privacybudget is a constant B that equals the sum of all privacy levelsof all the published data.

    IV. PERSONALIZED DIFFERENTIAL PRIVACY SCHEMEWe propose a personalized differential privacy-preservingdata publishing model of a smart home, where the sensitivedata of a certain node ni may be shared with the cloud throughfog server nF . The usual data types are listed in Table 1. Thesensitive data’s privacy level usually varies with and is basedon the trust distance. The reason is that the contents are moreprivate and specific if the trust distance is longer. The nodeswith the longest trust distance, e.g., the wearable equipmentand smart meters, possess the most private data. Moreover,the sensitive data may be released to multiple clouds if theresources of a single cloud cannot satisfy the needs. Formultiple clouds, the sensitive data should be provided dif-ferent levels of protection according to various requirements.In both cases, the fog server should provide personalizedprivacy protection to the sensitive data of node ni.

    A. DIFFERENTIAL PRIVACYDifferential privacy has a solid theoretical foundation forproviding privacy protection to two adjacent datasets. In twoadjacent datasets denoted by D and D′, it is required that D′

    have one more record than D and that an adversary cannotre-identify this specific record.

    166596 VOLUME 7, 2019

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    TABLE 1. Sensitive data classification.

    Definition 1 �-Differential Privacy: � is a positive privacyparameter decided by the overall privacy budget of the sys-tem. D′ and D are two adjacent datasets with an adjacentrelationship. Denote by A a randomized algorithm that san-itizes the datasets. The algorithm M is called �-differentiallyprivate on D′ and D if and only if

    Pr[

    A(D′) ∈ ]= exp

    (�)× Pr

    [A(D) ∈

    ], (3)

    where the probability space is taken over the randomnessused by A .

    B. LAPLACE MECHANISMThe Laplace mechanism is most typically used to attain�-differential privacy in a numeric scenario. The key featureof this method is the generation of a random noise that followsthe Laplace distribution. After the noise has been added to theraw data, an adversary cannot re-identify the location of theextra record.

    The mechanism M : Rn → 1(Rn) that addsLaplace-distributed noise N is defined by

    M (D) = D + N ,

    s.t. N ∼ Lap(δ

    ),

    Lap(b)∼ d Pr

    [N = n

    ]= exp

    (−||n||2b

    ), (4)

    where d Pr[N = n] is the density of Lap(b). Following theabove formulation, we regard M as an �-differentially privatemechanism under an adjacency relation.

    C. PRIVACY PROTECTION BASED ON TRUST DISTANCEBuilding on the smart home model provided in Section III-B,we formulate the personalized privacy protection modelbased on trust distance in a fog computing structure.

    In a smart home, if the computing power of the fog serveris insufficient, the sensitive data of node ni may be passed tocloud server nCj. Such data need to be protected for privacyreasons. Most existing approaches usually consider uniformprivacy level protection and apply the protection once andfor all. However, uniform protection cannot meet the newrequirements of the smart home for various sources of dataand possible multiple clouds. Therefore, we focus on pro-viding personalized privacy protection to smart homes in thispaper.

    In this section, we focus on personalizing the trust distanceDT to avoid private data leakage in a single cloud. Theobjective is to design a differential privacy mechanism {A :D → δDn} that publishes the sensitive data di from node nito recipient node nj. The mechanism A generates n outcomesŷnij that are then released to the cloud. Furthermore, A needsto meet the following constraints.

    The first constraint is providing personalized privacy pro-tection. For all the sensitive data dTij , the generated n proxiesŷnij have to satisfy �(d

    Tij )-differential privacy, where MAP() is

    a mapping function that maps trust distance dTij to privacylevel �.The second constraint is limiting the upper bound of per-

    sonalized privacy levels after composition. For all the proxiesŷnij, the ceiling of all composition mechanisms should equalthe maximum �(dTij ), rather than the sum of all �(d

    Tij ).

    n∑i=1;j6=i

    ADP

    (MAP

    (dTij))= maxADP

    (MAP

    (dTij)), (5)

    where the superscript DP denotes differential privacy.The third constraint is to obtain the maximum utility under

    the personalized privacy scenario. For all the noisy responsesŷnij, they should denote the most accurate outputs of the rawdata dij. The least noisy response results in the maximum datautility. In terms of numeric value, the data utility is usuallymeasured by the root-mean-square error. Thus, the minimumroot-mean-square error results in the maximum data utility.

    In the proposed personalized privacy protection model,there are various noisy outputs ŷnij, and therefore, there aremultiple corresponding data utility values. In this work,we specifically refer to the sum of data utility values whenconsidering the maximum data utility in Equation 6.

    n∑i=1,j6=i

    E∣∣∣∣∣∣ŷnij − dij∣∣∣∣∣∣22. (6)

    D. PRIVACY PROTECTION IN MULTIPLE CLOUDSIn addition to the features of the sensitive data itself, the datamay also be released to multiple clouds from the fogserver. The privacy challenges have long been discussed byearlier studies. In this subsection, we try to solve the per-sonalized privacy protection problem in the multiple-cloudscenario. For instance, when the TV station asks for a TV

    VOLUME 7, 2019 166597

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    series, the fog server will pass the query to a certain cloudserver nCj. However, after a few episodes, the fog server mayobserve that this cloud has stopped storing the TV series,or lacks a few episodes. In this case, the fog server has tosend the query to other clouds to obtain assistance. In thisway, the sensitive data are released to multiple clouds, andprivacy protection is necessary.

    The fog server publishes node ni’s sensitive data k ∈ Ktimes, where K denotes the number of clouds that receivethe same data. The personalized privacy level is representedby MAP(k). It is a mapping function that maps k to privacylevel �.We consider a one-round relaxation example for clar-

    ity. The results can also be intuitively extended to multiplerounds.

    Assume that there are two privacy levels �(K ) and �(K ′),where �(K ′) > �(K ). There is a mechanism A�(K )→�(K ′) :D → 1(OY 2) that publishes the sensitive data to two differentcloud servers. In the first cloud server, node ni publishes aproxy ŷKij to cloud server nCj. The proxy ŷ

    1ij satisfies �(K )-

    differential privacy. In the next cloud server, the privacy levelis relaxed to �(K ′)-differential privacy. If clouds collude tosteal the more accurate sensitive data, the proposed mecha-nism should satisfy

    ADP(�(K )+ �(K ′)′

    )= ADP

    (�(K ′)

    ), (7)

    where �(K ′)′ is the privacy level of the second noisy response.As the upper bound of the composition theorem indicates,we have

    ADP(�(K ′)′

    )= ADP

    (�(K ′)− �(K )

    )), (8)

    from which we can obtain �(K ′)′ < �(K ′). This resultimplies that the second proxy cannot relax the privacy levelat all but must instead tighten the privacy level. This is acontradiction, especially if �(K ) < �(K ′)� 1. The data util-ity degrades significantly, resulting in applications becomingimpractical. The problem of personalized privacy-preservingdata publishing in multiple clouds can be formulated asdescribed below.

    We propose a mechanism {A�(1)→�(K ) : D → δŷk} thatis differentially private if the sensitive data are published inmultiple clouds. ThemechanismA generates multiple proxiesŷk and releases them to k different clouds. With the increaseof �(K ), the outcomes become progressively more accurate.In this scenario, the mechanism A should further satisfy thefollowing constraints.

    The first constraint is providing personalized privacy pro-tection. For all the sensitive data dTij , the generated n proxiesŷnij have to satisfy �(d

    Tij )-differential privacy, whereMAP() is a

    mapping function that maps trust distance dTij to privacy level�.

    The second constraint is limiting the upper bound of per-sonalized privacy levels after composition. For all the proxiesŷnij, the ceiling of all composition mechanisms should equal

    the maximum �(dTij ), rather than the sum of all �(dTij ).

    n∑i=1;j6=i

    ADP

    (MAP

    (dTij))= maxADP

    (MAP

    (dTij)), (9)

    where the superscript DP denotes differential privacy.The third constraint is to obtain the maximum utility under

    the personalized privacy scenario. For all the noisy responsesŷnij, they should denote the most accurate outputs of the rawdata dij. The least noisy response results in the maximum datautility. In terms of numeric values, data utility is usually mea-sured by the root-mean-square error. Thus, minimizing theroot-mean-square error results in the maximum data utility.

    The last requirement is personalized privacy levels of datapublishing in multiple clouds. For data release to multi-ple clouds, the privacy levels {�(1), �(2), . . . , �(K )} increasemonotonically, which can be described by �(1) < �(2) <. . . < �(K )}.

    E. GENERIC PERSONALIZED PRIVACY SCHEMEFOR A SMART HOMEIn the above subsections, we analyze two types of person-alized privacy protection application scenarios. The resultsshow that personalized differential privacy is necessary, espe-cially in a fog server. As the computing power of a fog serveris limited, the privacy budget provided is also limited andfixed in a relevant small range.

    For the trust distance problem and the multiple-cloudproblem, we observe that both involve the same challenge,i.e., personalized privacy level functions �(). Therefore, theyare the same problem in a certain sense. Building on this,we formulate the problem of trust distance-based personal-ized privacy data diffusion over multiple clouds as follows.

    Our target is to design a differentially private mechanism{A�(dTi1,1)→�(dTij ,k) : D → δŷ

    T} that publishes the sensitive

    data from node ni to cloud server nCj through the fog serverin a smart home. The mechanism generates n × k noisyproxies that are published to k cloud servers. The privacy level�(dTij , k) increases with incremented k , and the noisy prox-ies become progressively more accurate. The privacy level�(dTij , k) decreases as d

    Tij increases, and the proxies become

    progressively more noisy. Additionally, the mechanism Aneeds to satisfy the following constraints.• Multiple-cloud data release: For a data release to multi-ple clouds with a fixed distance dTij , the privacy levels{�(dTij , 1), �(d

    Tij , 2), . . . , �(d

    Tij ,T )} increase monotoni-

    cally, as represented by �(dTij , 1) < �(dTij , 2) < . . . <

    �(dTij ,T ).• Personalized privacy protection: For all the sensitivedata dij, each proxy ŷTij should satisfy �(d

    T (ij), k)-differential privacy.

    • Limited upper bound of composition: For all the noisyproxies ykij, the ceiling after composition should bethe maximum �( 1dij , t), rather than the sum of �(

    1dij, t).

    The mathematical description is provided by

    166598 VOLUME 7, 2019

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    Equation 10.

    n,n,K∑i=1,j6=i,K

    ADP

    (MAP

    (dTij ,L

    ))

    = maxdij,k

    ADP

    (MAP

    (dTij , k

    )). (10)

    • Maximum data utility: All the proxies yTij have to bethe most accurate noisy responses of actual outputs dij,which results in themaximumutility. In the numeric datasense, data utility is measured by the root-mean-squareerror, as shown in Equation 11. Furthermore, the mini-mum root-mean-square error leads to the maximum datautility.

    n,n,K∑i=1,j6=i,k

    E∣∣∣∣∣∣yTij − dTi ∣∣∣∣∣∣22. (11)

    V. COLLUSION ATTACK UNDER DIFFERENTIAL PRIVACYAfter analyzing the two personalized privacy protection sce-narios, we observe that adversaries can launch collusionattacks that impact the protection’s effectiveness. Under thepersonalized differential privacy protection scenario, adver-sary and collusion attacks have certain new features and canbe formulated mathematically under differential privacy.

    We model the adversary in the differential privacy sense inthis work. In most existing approaches, the adversary is con-sidered qualitatively, rather than quantitatively. Furthermore,the attack cannot be formulated based on the adversary. Theresult is that we can only measure the relative attack impact,e.g., via the information theory-based entropy. Therefore,we propose the differential privacy-based adversary model asfollows.

    In the proposed personalized differential privacy model,the privacy levels are modeled by �(·). Therefore, we modelthe adversary by

    Pad = ADP(�ad

    ),

    where the background knowledge of the adversary can beregarded as complying with �ad -differential privacy.

    The advantage of modeling the adversary in this way is thatwe can use the composition theorem to include the impact ofthe adversary in the privacy protection model. In addition,the collusion attack can be further analyzed based on thisdefinition.

    A collusion attack is widely known as the scenario of twoor more adversaries colluding with each other to obtain moreaccurate data. In our case, two or more clouds may sharetheir data to perform a collusion attack and cause a leakageof private data. There are three conditions for launching acollusion attack. First, the sensitive data have been publishedon two or more clouds. Second, each of the clouds alreadypossesses some data, and the clouds share the same interest.Third, the clouds have the incentive that they can obtain moreinformation after colluding.

    Building upon the adversary model, we can further developthe collusion attack definition.

    Given m ∈ M adversaries (cloud servers) and their corre-sponding privacy levels �dT , kM , the collusion attack can bedescribed by

    CA(DT ,K ,M ) =DT ,K ,M∑

    dT∈DT ,k∈K ,m∈M

    �(dT , k)m

    = �(dT , k)1+�(dT , k)2 + . . . ,+�(dT , k)m,

    (12)

    where CA(·) is the sum of all privacy levels (�s). As discussedabove, the increase of the privacy level � leads to a degrada-tion of privacy protection. As the composition theorem is abuilt-in feature of differential privacy, collusion attacks canalways be launched without proper operation.

    VI. APDP MODELIn our proposed smart home model, the privacy protectionis guaranteed by differential privacy with Laplace noise.However, the existence of composition features of differen-tial privacy may result in degradation of privacy protection.Therefore, we introduce theAPDPmodel that uses amodifiedLaplace mechanism, in which the noise generation is inte-grated with the Markov process. As a result, the correlationsamong noises are broken, and hence, our APDPmodel is ableto resist the collusion attack.

    A. COMPOSITION MECHANISM UNDERLYING APDPAPDP is created to incorporate various mechanisms to pro-vide privacy protection. In addition to the Laplace mecha-nism, other mechanisms include the exponential mechanism,the Gaussian mechanism, sampling, etc.

    Assume that mechanisms {A1,A2, . . . ,An} : D → 1(Y )respectively satisfy {�1, �2, . . . , �n}-differential privacy. Thecomposition mechanism A : D → 1(Y n) defined by A ={A1,A2, . . . ,An} is called

    ∑ni �i-differentially private.

    ADP(�com

    )=

    n∑i

    ADP(�i

    ). (13)

    The respective privacy level∑n

    i �i denotes the upper boundof the composition theorem. However,

    ∑ni �i overstates the

    actual privacy level. In this paper, we introduce APDP toexplore correlations among mechanisms that ensure betterprivacy protection.

    B. INCORPORATING A MARKOV PROCESSI have modified the section to highlight APDP; please changeaccordingly to suit the change.

    For n-dimensional numeric data d , our target is to proposea smart home-suitable mechanism A inside APDP to generatethe noisy outputs ŷKij that are sent by smart home node ni tocloud server nj and published in K cloud servers. A musthave two features. First, the accuracy ||ŷKij − d

    Kij || should

    VOLUME 7, 2019 166599

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    solely depend on the trust distance dT and the number ofmultiple cloud servers k , while all the other responses donot degrade the accuracy. Second, any group of cloud servershas no ability to infer more sensitive information about smarthome node ni after collusion

    ∑�(dT , k).

    Motivated by this, we introduce a Markov process insideAPDP that is defined over a continuous domain. ThisMarkov transfer process will be further applied to fulfill theprivacy-preserving mechanism in the following study.Definition 2 (Markov Process): Given the privacy level �

    and three specific privacy levels �i−1, �i, and �i+1, where�i−1 < �i < �i+1, the Markov process has the followingproperties.• The noise follows the Laplace distribution: ∀� >0, d Pr

    (V� = v

    )∝ exp

    (− �||v||2

    ).

    • The noise generation process is a Markov process:∀�i−1 < �i < �i+1,V�i−1 |V�i ,V�i−1⊥V�i+1 .

    • The transfer probability of the Markov process is

    d Pr(V�i = vi

    ∣∣∣V�i+1 = vi+1) ∝ δ(vi − vi+ 1)+

    (n+1)�1+n2i ||vi − vi+1||

    1− n22

    (2π )n2

    B n2−1

    (�i||vi − vi+1||2

    +O(τ 2)

    s.t. τ =�i

    �i+1− 1, (14)

    where B is the Bessel function.We need the Markov process to guarantee that the correla-

    tions between noises are properly decoupled. Therefore, theproposed APDP model is able to resist the collusion attack.

    C. APDP ANALYSISThe Laplace mechanism is a popular approach to satisfying�-differential privacy requirements. However, it cannotbe optimal in terms of the minimum mean-square error.Therefore, in APDP, we target achieving the optimumLaplace mechanism for bothminimum entropy andminimummean-square error by designing the noise properly. (You needto play down the tone of the mechanism while highlightingAPDP, which has a built-in mechanism and is customizableand configurable.)Theorem 1 (Optimum Laplace Mechanism): Given the

    �-differentially private mechanism A : Rn → 1(Rn), Asatisfies yKij = dij + N, where N ∼ ρ(N ) ∈ 1(R

    n). Themean-square error can be minimized if the noise density fsatisfies

    f n1 (v) =(�

    2

    )exp

    (− �

    ∣∣∣∣∣∣v∣∣∣∣∣∣1

    ), (15)

    where f n1 (v) denotes the density of noise at v. Thus, we have

    E∣∣∣∣∣∣ytij − dij∣∣∣∣∣∣22 = EV∼ρ∣∣∣∣∣∣V ∣∣∣∣∣∣2

    ≥ EV∼f n1

    ∣∣∣∣∣∣V ∣∣∣∣∣∣22

    =2n�2. (16)

    The optimum Laplace mechanism provides the solutionto achieving optimized data utility at a fixed privacy level.We further prove that the proposed method can satisfy theoptimum Laplace mechanism, which makes the proposedmodel more feasible and practical.

    First, a one-dimensional case is considered for clarity.It can be further extended to multiple dimensions. In thefollowing proposed theorem, we establish a method that sat-isfies all the requirements and illustrates the feasibility andeffectiveness.Theorem 2 (Attack-Proof): Two privacy levels, �1 and �2,

    which represent abbreviated notations of �1(

    1dij, t)and

    �2

    (1dij, t), satisfying 0 < �1

    (1dij, t)< �2

    (1dij, t), are given.

    Then, the form of the mechanism is

    yti1 = d + V1, yti2 = d + V2, (V1,V2) ∼ ρ1(R

    2). (17)

    Moreover, the density f�1( 1dij

    ,t),�2( 1dij,t) is

    f�1,�2 (x, y)=�21

    2�2exp

    (− �2|y|

    )δ(x − y)

    +�1(�22 − �

    21 )

    4�2exp

    (− �1|x−y|−�2|y|

    ). (18)

    Based on the theorem, we can conclude that Theorem 2 hasthe following properties:

    • The mechanism A1 is �1(dT , k

    )-differentially private.

    • The mechanism A1 is optimal. Namely, A1 minimizesthe mean-square error E(V1)2.

    • The mechanism A2 is �2(dT , k

    )-differentially private.

    • The mechanism A2 is optimal. Namely, A2 minimizesthe mean-square error E(V2)2.

    • The mechanism (A1,A2) is �2(dT , k

    )-differentially

    private.The rationale for the noise following a Markov stochastic

    process is that a Markov process requires that the currentstate be only related to the preceding state. This implies thatthe current state is not impacted by the other states beforethe preceding state. In this case, the current noise is onlydetermined by the preceding noise. In the proposed model,the privacy level increases with the trust distance, as does thenoise. Therefore, the current user has no incentive to colludewith the next user who has an inaccurate output with a greaternoise.

    VII. PERFORMANCE EVALUATIONIn this part, we demonstrate the performance of the proposedmodel in terms of privacy protection and data utility andcompare the proposal to the ordinary personalized differentialprivacy that only personalizes the privacy levels but doesnot consider resistance to attacks. We also show that ourproposal can outperform the existing approaches from theperspective of background knowledge attack. As a result,the experimental results based on real-world datasets showthat our proposed model can minimize the overall privacy

    166600 VOLUME 7, 2019

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    FIGURE 3. Privacy level comparison in multiple clouds.

    budget and maximize the data utility while eliminating thebackground knowledge attack.

    We use a real-world smart home dataset that is collected in[48], [49] and is based on a health-related smart home. Thedata are collected under 7 scenarios, including sleeping, rest-ing, dressing, eating, toilet use, hygiene and communication.Fifteen candidates are contained in this dataset. Specifically,the shortest path is denoted by the hop account that capturesthe features of our model. However, our model can accommo-date any type of distance metric used in existing approaches.The algorithms are implemented in MATLAB 2015 and runon aMac OS platformwith a Core i5 CPU running at 2.7GHzwith 8 GB of RAM.

    In the comparison experiments, we compare the proposedattack-proof personalized differential privacy model (APDP)with uniform differential privacy (UDP) [17] and ordinary ornormal personalized differential privacy (NPDP) [45]. First,UDP provides uniform privacy levels to all nodes. Second,NPDP provides different privacy levels based on variousrequirements. Third, APDP offers attack-proof personalizedprivacy levels built upon NPDP. We demonstrate the evalua-tion results below.

    A. PRIVACY PROTECTIONAs Fig. 3a shows, we use 1 to 6 nodes to simulate thecomposition mechanism. We can conclude that the proposedAPDP has the best performance in term of privacy protection.With the increase of the node quantity, the privacy levelof UDP does not increase and remains stable. The privacylevels of both NPDP and APDP increase due to the impact ofthe composition mechanism. Comparing these two models,we observe that APDP increases quickly and that the privacylevels release fast. The privacy issues are quite severe. How-ever, APDP performs better, as it increases slowly, and themaximum values equals that of UDP. Therefore, APDP can

    FIGURE 4. Data utility comparison.

    minimize the negative impact of the composition mechanismand provide better privacy protection from the perspective ofboth strictness and customization.

    In Fig. 3b, we illustrate the case of multiple clouds insteadof multiple nodes. Similarly, we use 6 clouds as an exam-ple. In the case of multiple clouds, all the clouds are inde-pendent, and there is no co-relation inside them. Therefore,the composition theorem has a more significant impact onprivacy protection. All three models suffer from performancedegradation with the increase in the number of clouds.We canconclude that the privacy level of UDP increases the fastest,followed by NPDP. Only the privacy level of APDP increasesmoderately, and the maximum privacy level is still satisfac-tory.

    In summary, APDP has the best privacy protection com-pared to UDP and NPDP under the scenarios of both multiplenodes and multiple clouds.

    VOLUME 7, 2019 166601

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    FIGURE 5. Privacy level comparison in multiple clouds against collusion attack.

    B. DATA UTILITYIn the case of data utility, we reach the following conclusionsbased on Fig. 4. The vertical axis denotes the amount ofinjected noise. Therefore, the smaller the noise is, the higherthe data utility. The trends show that the data utility of UDPmaintains the same level and remains the highest regardlessof the number of multiple clouds. As for NPDP and APDP,the utilities of both approaches increase with the numberof multiple clouds. However, compared to NPDP, APDPrises faster, i.e., it provides a higher data utility. In addition,the more clouds there are, the higher the data utility.

    C. DEFENSE AGAINST A COLLUSION ATTACKIn Fig. 5a, we illustrate the performance of the three modelsagainst a collusion attack in multiple clouds. In this case,there are two attacks, which are represented by two greendashed lines. We demonstrate that UDP cannot prevent acollusion attack, while NPDP and APDP have the abilityto defeat the attack to different degrees. NPDP can resistan attack to a certain degree; however, it ultimately fails asthe green dashed line has an intersection with the red line.However, APDP is fully attack-proof, as the yellow line isconsistently under the green dashed line.

    In Fig. 5b, we illustrate the performance of the three mod-els against a collusion attack with multiple nodes. Similar tothe above, there are two attacks, which are represented by twogreen dashed lines. We demonstrate that UDP can preventa collusion attack because the privacy level is not releasedafter composition. NPDP and APDP have the ability to defeatthe attack to different degrees. NPDP can resist the attackto a certain degree; however, it ultimately fails as the greendashed line has an intersection with the red line. APDP isfully attack-proof, as the yellow line is consistently under thegreen dashed line.

    To summarize, APDP has the best performance in termsof collusion attack resistance. It can eliminate the collusion

    attack due to the properly decoupled noise generated by themodified Laplace mechanism.

    VIII. CONCLUSIONIn this paper, we first identify the performance and privacychallenges in smart homes; low bandwidth, high latency, andleakage of private data significantly impact the applicationof smart homes. To address these issues, a fog-based smarthome system has been developed that can improve the perfor-mance with enhanced bandwidth and reduced service latency.We have also developed a personalized privacy protectionmodel based on differential privacy. The proposed model candefeat the collusion attack under the scenario of multiple par-ties. Lastly, we have validated our proposal using trace-drivenexperiments. The evaluation results have shown that the pro-posedmodel can achieve optimized trade-off between privacyprotection and data utility. In term of future work, we plan toleverage cross-discipline techniques to further optimize thetrade-off, for example, Markov decision process and gener-ative adversarial networks. In addition, we prepare to useother personalization matrix to extend this model to moregeneralized scenarios.

    APPENDIXPROOF OF THEOREM 2Proof of Theorem 2. The noise of APDP model M =(M1,M2) is defined by Equation 18. According to this,we prove that the proposed mechanism satisfies all therequired properties.

    1) The first coordinate is Laplace-distributed with param-eter 1

    �1. If x > 0, we can derive Equation 19.

    Pr(V1 = x)

    =

    ∫Rρ(x, y)dy =

    �21

    2�2exp

    (− �2x

    )+�1(�22 − �

    21 )

    4�2

    ∫Rexp

    (− �1|x − y| − �2|y|

    )dy

    166602 VOLUME 7, 2019

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    =�21

    2�2exp

    (− �2x

    )+�1(�22 − �

    21 )

    4�2

    (∫ 0−∞

    exp(− �1x + (�1 + �2)y

    )dy

    +

    ∫ x0

    exp(− �1x + (�2 − �1)dy

    )dy

    +

    ∫+∞

    0exp

    (− �1x + (�1 + �2)y

    )dy)

    =�21

    2�2exp

    (− �2x

    )+�1(�2 − �1)

    4�2exp

    (− �1x

    )exp

    ((�1 + �2)y

    )∣∣∣0−∞

    +�1(�2 + �1)

    4�2exp

    (− �1x

    )exp

    ((�2 − �1)y

    )∣∣∣x0

    +�1(�2 − �1)

    4�2exp

    ((�1 + �2)y

    )∣∣∣+∞x

    =�1

    2exp

    (− �1x

    ). (19)

    If x < 0, the equation follows the symmetry (x, y) →(−x,−y). Thus, we can conclude that M1 is �1-differentiallyprivate and obtains the best data utility.

    2) The second coordinate is Laplace-distributed withparameter 1

    �2. We can derive Equation 20.

    Pr(V2 = y)

    =

    ∫Rρ(x, y)dx =

    �21

    2�2exp

    (− �2|y|

    )+�1(�22 − �

    21 )

    4�2exp

    (− �2|y|

    ) ∫Rexp

    (− �1|x − y|

    )dx

    =�21

    2�2exp

    (− �2|y|

    )+�1(�22 − �

    21 )

    4�2exp

    (− �2|y|

    ) ∫Rexp

    (− �1|x|

    )dx

    =�21

    2�2exp

    (− �2|y|

    )+�22 − �

    21

    4�2exp

    (− �2|y|

    )=�2

    2exp

    (− �2|y|

    ). (20)

    Therefore, we prove that M2 is �2-differentially private andobtains the best data utility.

    3) Finally, we still need to prove that the compositionmechanism maintains �2-differential privacy. The delta partis handled separately by defining L = {x : (x, x) ∈ }. Theprobability of landing in is represented by

    Pr(M ∈ S)

    =�21

    2�2

    ∫Dexp

    (− �2|x − d |

    )dx

    +�1(�22 − �

    21 )

    4�2

    ∫∫Sexp

    (− �1

    ∣∣∣(x − d)− (y− d)∣∣∣− �2

    ∣∣∣y− d∣∣∣)dxdy. (21)

    We compute a derivative and use Fubini’s theorem toexchange the derivative with the integral, as shown in Equa-tion 22.

    ddu

    Pr(M ∈ S)

    =�21

    2�2

    ∫D�2sgn(x − d) exp

    (− �2|x − d |

    )dx

    +�1(�22 − �

    21 )

    4�2

    ∫∫S�2sgn(x − d) exp

    (− �1

    ∣∣∣(x − y∣∣∣− �2

    ∣∣∣y− d∣∣∣)dxdy⇒

    ∣∣∣∣ ddu Pr(M ∈ S)∣∣∣∣ ≤ �212�2

    ∫D�2 exp

    (− �2|x − d |

    )dx

    +�1(�22−�

    21 )

    4�2

    ∫∫S�2 exp

    (−�1

    ∣∣∣(x − y∣∣∣−�2∣∣∣y− d∣∣∣)dxdy⇒

    ∣∣∣∣ ddu Pr(M ∈ S)∣∣∣∣ ≤ �2 Pr (M ∈ S)

    ∣∣∣∣ ddu ln Pr(M ∈ S)∣∣∣∣ ≤ �2. (22)

    This completes the proof.

    ACKNOWLEDGMENT(Youyang Qu contributed equally to this work.)

    REFERENCES[1] Y. Jie, J. Y. Pei, L. Jun, G. Yun, and X. Wei, ‘‘Smart home system based

    on IoT technologies,’’ in Proc. Int. Conf. Comput. Inf. Sci., Jun. 2013,pp. 1789–1791.

    [2] M. R. Alam, M. B. I. Reaz, and M. A. M. Ali, ‘‘A review of smarthomes—Past, present, and future,’’ IEEE Trans. Syst., Man, Cybern.,C (Appl. Rev.), vol. 42, no. 6, pp. 1190–1203, Nov. 2012.

    [3] W. Quan, N. Cheng, M. Qin, H. Zhang, H. A. Chan, and X. Shen, ‘‘Adap-tive transmission control for software defined vehicular networks,’’ IEEEWireless Commun. Lett., vol. 8, no. 3, pp. 653–656, Jun. 2019.

    [4] T. Dillon, C. Wu, and E. Chang, ‘‘Cloud computing: Issues and chal-lenges,’’ in Proc. IEEE Int. Conf. Adv. Inform. Netw. Appl., Apr. 2010,pp. 27–33.

    [5] W. Quan, Y. Liu, H. Zhang, and S. Yu, ‘‘Enhancing crowd collaborationsfor software defined vehicular networks,’’ IEEE Commun. Mag., vol. 55,no. 8, pp. 80–86, Aug. 2017.

    [6] M. Yang, T. Zhu, B. Liu, Y. Xiang, and W. Zhou, ‘‘Machine learningdifferential privacy with multifunctional aggregation in a fog computingarchitecture,’’ IEEE Access, vol. 6, pp. 17119–17129, 2018.

    [7] M. Chiang and T. Zhang, ‘‘Fog and IoT: An overview of research opportu-nities,’’ IEEE Internet Things J., vol. 3, no. 6, pp. 854–864, Dec. 2016.

    [8] L. Gao, T. H. Luan, S. Yu, W. Zhou, and B. Liu, ‘‘FogRoute: DTN-baseddata dissemination model in fog computing,’’ IEEE Internet Things J.,vol. 4, no. 1, pp. 225–235, Feb. 2017.

    [9] L. Gao, T. H. Luan, B. Liu, W. Zhou, and S. Yu, ‘‘Fog computing andits applications in 5G,’’ in 5G Mobile Communications. Springer, 2017,pp. 571–593.

    [10] B. L. R. Stojkoska and K. V. Trivodaliev, ‘‘A review of Internet of Thingsfor smart home: Challenges and solutions,’’ J. Cleaner Prod., vol. 140,no. 3, pp. 1454–1464, 2017.

    [11] H. Zhu, C. Fang, Y. Liu, C. Chen, M. Li, and X. S. Shen, ‘‘You can jambut you cannot hide: Defending against jamming attacks for Geo-locationdatabase driven spectrum sharing,’’ IEEE J. Sel. Areas Commun., vol. 34,no. 10, pp. 2723–2737, Oct. 2016.

    [12] H. Li, H. Zhu, and D. Ma, ‘‘Demographic information inference throughmeta-data analysis of Wi-Fi traffic,’’ IEEE Trans. Mobile Comput., vol. 17,no. 5, pp. 1033–1047, May 2018.

    VOLUME 7, 2019 166603

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    [13] S. Pierangela and S. Latanya, ‘‘Protecting privacy when disclosing infor-mation: K-anonymity and its enforcement through generalization and sup-pression,’’ in Proc. IEEE Symp. Res. Secur. Privacy, May 1998, pp. 1–19.

    [14] A. Machanavajjhala, D. Kifer, J. Gehrke, and M. Venkitasubramaniam,‘‘L-diversity: Privacy beyond k-anonymity,’’ IEEE Trans. Knowl. DataEng., vol. 1, no. 1, pp. 1–52, May 2007.

    [15] N. Li, T. Li, and S. Venkatasubramanian, ‘‘Closeness: A new privacymeasure for data publishing,’’ IEEE Trans. Knowl. Data Eng., vol. 22,no. 7, pp. 943–956, Jul. 2010.

    [16] Y. Qu, S. Yu, L. Gao, and J. Niu, ‘‘Big data set privacy preservingthrough sensitive attribute-based grouping,’’ in Proc. IEEE Int. Conf. Com-mun. (ICC), Paris, France, May 2017, pp. 1–6.

    [17] C. Dwork, ‘‘Differential privacy,’’ in Proc. ICALP, Venice, Italy, Jul. 2006,pp. 1–12.

    [18] C. Dwork, K. Kenthapadi, F. McSherry, I. Mironov, and M. Naor, ‘‘Ourdata, ourselves: Privacy via distributed noise generation,’’ in Proc. Adv.Cryptol.-EUROCRYPT, 25th Annu. Int. Conf. Theory Appl. Cryptograph.Techn., Saint Petersburg, Russia, May/Jun. 2006, pp. 486–503.

    [19] C. Dwork, ‘‘Differential privacy,’’ in Encyclopedia of Cryptography andSecurity, 2nd ed. Springer, 2011, pp. 338–340.

    [20] Y. Qu, S. Yu, J. Zhang, H. T. T. Binh, L. Gao, and W. Zhou, ‘‘GAN-DP:Generative adversarial net driven differentially privacy-preserving big datapublishing,’’ in Proc. IEEE Int. Conf. Commun. (ICC), Shanghai, China,May 2019, pp. 1–6.

    [21] T. Song, R. Li, B. Mei, J. Yu, X. Xing, and X. Cheng, ‘‘A privacy preserv-ing communication protocol for IoT applications in smart homes,’’ IEEEInternet Things J., vol. 4, no. 6, pp. 1844–1852, Dec. 2017.

    [22] Y.-T. Lee, W.-H. Hsiao, Y.-S. Lin, and S.-C. T. Chou, ‘‘Privacy-preservingdata analytics in cloud-based smart home with community hierarchy,’’IEEE Trans. Consum. Electron., vol. 63, no. 2, pp. 200–207, May 2017.

    [23] H. Li, H. Zhu, S. Du, X. Liang, and X. Shen, ‘‘Privacy leakage of locationsharing in mobile social networks: Attacks and defense,’’ IEEE Trans.Dependable Secure Comput., vol. 15, no. 4, pp. 646–660, Jul./Aug. 2018.

    [24] X. Zeng, S. K. Garg, P. Strazdins, P. P. Jayaraman, D. Georgakopoulos, andR. Ranjan, ‘‘IOTSim: A simulator for analysing IoT applications,’’ J. Syst.Archit., vol. 72, pp. 93–107, Jan. 2017.

    [25] N. Cheng, F. Lyu, W. Quan, C. Zhou, H. He, W. Shi, and X. Shen,‘‘Space/aerial-assisted computing offloading for IoT applications:A learning-based approach,’’ IEEE J. Sel. Areas Commun., vol. 37, no. 5,pp. 1117–1129, May 2019.

    [26] M. Chan, D. Estève, C. Escriba, and E. Campo, ‘‘A review of smarthomes—Present state and future challenges,’’ Comput. Methods ProgramsBiomed., vol. 91, no. 1, pp. 55–81, 2008.

    [27] S. K. Datta, C. Bonnet, A. Gyrard, R. P. F. da Costa, and K. Boudaoud,‘‘Applying Internet of Things for personalized healthcare in smarthomes,’’ in Proc. 24th Wireless Opt. Commun. Conf. (WOCC), Oct. 2015,pp. 164–169.

    [28] F. Cicirelli, G. Fortino, A. Giordano, A. Guerrieri, G. Spezzano, andA. Vinci, ‘‘On the design of smart homes: A framework for activityrecognition in home environment,’’ J. Med. Syst., vol. 40, no. 9, p. 200,Sep. 2016.

    [29] A. V. Dastjerdi and R. Buyya, ‘‘Fog computing: Helping the Internetof Things realize its potential,’’ Computer, vol. 49, no. 8, pp. 112–116,Aug. 2016.

    [30] T. H. Luan, L. Gao, Z. Li, Y. Xiang, G. Wei, and L. Sun, ‘‘Fog computing:Focusing on mobile users at the edge,’’ Feb. 2015, arXiv:1502.01815.[Online]. Available: https://arxiv.org/abs/1502.01815

    [31] A. Brogi and S. Forti, ‘‘QoS-aware deployment of IoT applicationsthrough the fog,’’ IEEE Internet Things J., vol. 4, no. 5, pp. 1185–1192,Oct. 2017.

    [32] B. Tang, Z. Chen, G. Hefferman, T. Wei, H. He, and Q. Yang, ‘‘A hier-archical distributed fog computing architecture for big data analysis insmart cities,’’ in Proc. ASE BigData SocialInform. (ASE BD&SI), 2015,pp. 28:1–28:6.

    [33] S. K. Datta, S. Kanti, C. Bonnet, and J. Haerri, ‘‘Fog Computing architec-ture to enable consumer centric Internet of Things services,’’ in Proc. Int.Symp. Consum. Electron., Jun. 2015, pp. 1–2.

    [34] W. Lee, K. Nam, H.-G. Roh, and S.-H. Kim, ‘‘A gateway based fogcomputing architecture for wireless sensors and actuator networks,’’ inProc. Int. Conf. Adv. Commun. Technol. (ICACT), Jan. 2016, pp. 210–213.

    [35] S. Yu, ‘‘Big privacy: Challenges and opportunities of privacy study in theage of big data,’’ IEEE Access, vol. 4, pp. 2751–2763, 2016.

    [36] Y. Qu, S. Yu, L. Gao, W. Zhou, and S. Peng, ‘‘A hybrid privacy protectionscheme in cyber-physical social networks,’’ IEEE Trans. Computat. SocialSyst., vol. 5, no. 3, pp. 773–784, Sep. 2018.

    [37] N. Komninos, E. Philippou, and A. Pitsillides, ‘‘Survey in smart gridand smart home security: Issues, challenges and countermeasures,’’ IEEECommun. Surveys Tuts., vol. 16, no. 4, pp. 1933–1954, 4th Quart., 2014.

    [38] D. Geneiatakis, I. Kounelis, R. Neisse, I. N. Fovino, G. Steri, andG. Baldini, ‘‘Security and privacy issues for an IoT based smart home,’’in Proc. 40th Int. Conv. Inf. Commun. Technol., Electron. Microelectron.(MIPRO), May 2017, pp. 1292–1297.

    [39] K. Lee, D. Kim, D. Ha, U. Rajput, and H. Oh, ‘‘On security and privacyissues of fog computing supported Internet of Things environment,’’ inProc. Int. Conf. Netw. Future (NOF), Sep. 2015, pp. 1–3.

    [40] M. Yang, T. Zhu, L. Ma, Y. Xiang, and W. Zhou, ‘‘Privacy preservingcollaborative filtering via the Johnson-lindenstrauss transform,’’ in Proc.IEEE Trustcom/BigDataSE/ICESS, Sydney, NSW, Australia, Aug. 2017,pp. 417–424.

    [41] K. Zhang, J. Ni, K. Yang, X. Liang, J. Ren, and X. S. Shen, ‘‘Securityand privacy in smart city applications: Challenges and solutions,’’ IEEECommun. Mag., vol. 55, no. 1, pp. 122–129, Jan. 2017.

    [42] X. Gong, X. Chen, K. Xing, D. Shin, M. Zhang, and J. Zhang, ‘‘Per-sonalized location privacy in mobile networks: A social group util-ity approach,’’ in Proc. IEEE Conf. Comput. Commun. (INFOCOM),Kowloon, Hong Kong, Apr./May 2015, pp. 1008–1016.

    [43] Y. Qu, S. Yu, W. Zhou, S. Peng, G. Wang, and K. Xiao, ‘‘Privacy of things:Emerging challenges and opportunities in wireless Internet of Things,’’IEEE Wireless Commun., vol. 25, no. 6, pp. 91–97, Dec. 2018.

    [44] W. Wang and Q. Zhang, ‘‘Privacy preservation for context sensing onsmartphone,’’ IEEE/ACM Trans. Netw., vol. 24, no. 6, pp. 3235–3247,Dec. 2016.

    [45] F. Koufogiannis and G. J. Pappas, ‘‘Diffusing private data over networks,’’IEEE Trans. Control Netw. Syst., vol. 5, no. 3, pp. 1027–1037, Sep. 2018.

    [46] M. Götz, S. Nath, and J. Gehrke, ‘‘Maskit: Privately releasing user contextstreams for personalized mobile applications,’’ in Proc. ACM SIGMODInt. Conf. Manage. Data (SIGMOD), Scottsdale, AZ, USA, May 2012,pp. 289–300.

    [47] E. Aghasian, S. Garg, L. Gao, S. Yu, and J. Montgomery, ‘‘Scoring users’privacy disclosure across multiple online social networks,’’ IEEE Access,vol. 5, pp. 13118–13130, 2017.

    [48] A. Fleury, M. Vacher, and N. Noury, ‘‘SVM-based multimodal classifica-tion of activities of daily living in health smart homes: Sensors, algorithms,and first experimental results,’’ IEEE Trans. Inf. Technol. Biomed., vol. 14,no. 2, pp. 274–283, Mar. 2010.

    [49] A. Fleury, N. Noury, and M. Vacher, ‘‘Improving supervised classificationof activities of daily living using prior knowledge,’’ in Digital Advancesin Medicine, E-Health, and Communication Technologies (InternationalJournal of E-Health and Medical Communications). IEEE, 2013, p. 131.

    YUPING ZHANG received the B.S. degree incommunication engineering from Hohai Univer-sity, China, and the M.S. degree in pattern recog-nition and intelligent systems from SouthwestJiaotong University, China. He is currently anAssociate Professor with the School of Net-work and Communication, Chengdu Technolog-ical University, China. He is also a VisitingScholar with the School of Information Technol-ogy, Deakin University, Australia. His research

    interests include fog computing, the Internet of Things, security, and privacy.

    YOUYANG QU received the B.S. and M.S.degrees from the Beijing Institute of Technology,in 2002 and 2015, respectively. He is currently pur-suing the Ph.D. degree with the School of Informa-tion Technology, Deakin University. His researchinterests include security and privacy issues insocial networks, cloud computing, the IoT, and bigdata. He has served as a TPC Member at the IEEEICC 2018.

    166604 VOLUME 7, 2019

  • Y. Zhang et al.: APDP: APDP for a Smart Home

    LONGXIANG GAO received the Ph.D. degreein computer science from Deakin University,Australia.

    He was a Postdoctoral Research Fellow withIBM Research and Development Australia. He iscurrently a Lecturer with the School of Informa-tion Technology, Deakin University. He has morethan 30 publications, including patents, mono-graphs, book chapters, and journal and conferencepapers. Some of his publications have appeared

    in top venues, such as the IEEE TMC, the IEEE IoT, the IEEE TDSC,and the IEEE TVT. His research interests include data processing, mobilesocial networks, fog computing, and network security. He received the2012 Chinese Government Award for Outstanding Students Abroad (rankedNo. 1 in theVictoria and Tasmania consular districts). He is active in the IEEECommunication Society. He has served as the TPC Co-Chair, the PublicityCo-Chair, the Organization Chair, and a TPC member at many internationalconferences.

    TOM H. LUAN received the B.Sc. degree fromXi’an Jiaotong University, Xi’an, China, in 2004,theM.Phil. degree from the Hong Kong Universityof Science and Technology, in 2007, and the Ph.D.degree from the University of Waterloo, Waterloo,ON, Canada, in 2012. From 2013 to 2017, he wasa Lecturer in Mobile and Apps with Deakin Uni-versity, Burwood, VIC, Australia. He is currentlya Professor with the School of Cyber Engineer-ing, Xidian University, Xi’an, China. His research

    primarily focuses on the system model, algorithm design, performanceevaluation and system security in the areas of mobile computing, wirelessmultimedia networks, vehicular networks, fog computing, and mobile cloudcomputing.

    XI (JAMES) ZHENG received the bachelor’sdegree in computer information system fromFudan, Chief Solution Architect for Menulog,Australia, the master’s degree in computer andinformation science from UNSW, and the Ph.D.degree in software engineering from UT Austin.He is currently an Assistant Professor/Lecturerin software engineering with Macquarie Univer-sity. He is also specialized in service computing,the IoT security, and reliability analysis. He has

    published more than 40 high-quality publications in top journals and confer-ences (PerCOM, ICSE, ICCPS, the IEEE SYSTEMS JOURNAL, the ACM Trans-actions on Embedded Computing Systems). He awarded the Best Paper inAustralian distributed computing and doctoral conference, in 2017. He alsoawarded the Deakin Research Outstanding Award, in 2016. Reviewer for topjournals and conferences (the IEEE SYSTEMS JOURNAL, the ACM Transactionson Design Automation of Electronic Systems, Pervasive andMobile Comput-ing, the IEEE TRANSACTIONS ON CLOUD COMPUTING, and PerCOM).

    SHIPING CHEN received the bachelor’s degreein electrical engineering from the Harbin Uni-versity of Technology China, the master’sdegree in computer system engineering from theChinese Academy of Sciences, and the Ph.D.degree in computer science from the Univer-sity of New South Wales. From 1985 to 1999,he worked on real-time control, parallel comput-ing, and CORBA-based Internet gaming systemsin research institutes and the IT industry. Since

    joining CSIRO in 1999, he has worked on a number of middleware-relatedresearch and consultant projects. He is currently an IT Professional withmore than 20 years of Research and Development experience and combinedresearch/engineering skills. He has published more than 30 research articlesin the above research areas and authored a number of industrial techni-cal/client reports on the above IT practices. His current research interestsinclude web services management, secure data storage, and trusted cloudcomputing. In the past few years, he has worked closely with universitiesby co-supervising the master’s and Ph.D. students and is actively involvedin research community services (WWW, ICSOC, ICWS, and SCC) as aProgram Committee Member.

    YONG XIANG (SM’12) received the Ph.D. degreein electrical and electronic engineering from theUniversity of Melbourne, Australia. He is cur-rently a Professor and the Director of the Artifi-cial Intelligence and Image Processing ResearchCluster with the School of Information Tech-nology, Deakin University, Australia. He hasauthored more than 110 refereed journal and con-ference papers in these areas. His research interestsinclude information security and privacy, multi-

    media (speech/image/video) processing, wireless sensor networks, massiveMIMO, and bio-medical signal processing. He is an Associate Editor of theIEEE SIGNAL PROCESSING LETTERS and IEEE ACCESS. He has served as theProgram Chair, the TPC Chair, the Symposium Chair, and the Session Chairfor a number of international conferences.

    VOLUME 7, 2019 166605