Academic & Scientific Articles

Permanent URI for this communityhttp://dl.cerist.dz/handle/CERIST/3

Browse

Author: search.filters.author.Derhab, Abdelouahid

Search Results

Now showing 1 - 10 of 27
  • Thumbnail Image
    Item
    Privacy-preserving remote deep-learning-based inference under constrained client-side environment
    (Springer, 2023) Boulemtafes, Amine; Derhab, Abdelouahid; Ait Ali Braham, Nassim; Challal , Yacine
    Remote deep learning paradigm raises important privacy concerns related to clients sensitive data and deep learning models. However, dealing with such concerns may come at the expense of more client-side overhead, which does not fit applications relying on constrained environments. In this paper, we propose a privacy-preserving solution for deep-learning-based inference, which ensures effectiveness and privacy, while meeting efficiency requirements of constrained client-side environments. The solution adopts the non-colluding two-server architecture, which prevents accuracy loss as it avoids using approximation of activation functions, and copes with constrained client-side due to low overhead cost. The solution also ensures privacy by leveraging two reversible perturbation techniques in combination with paillier homomorphic encryption scheme. Client-side overhead evaluation compared to the conventional homomorphic encryption approach, achieves up to more than two thousands times improvement in terms of execution time, and up to more than thirty times improvement in terms of the transmitted data size.
  • Thumbnail Image
    Item
    Privacy-preserving deep learning for pervasive health monitoring: a study of environment requirements and existing solutions adequacy
    (Elsevier, 2022-03) Boulemtafes, Amine; Derhab, Abdelouahid; Challal , Yacine
    In recent years, deep learning in healthcare applications has attracted considerable attention from research community. They are deployed on powerful cloud infrastructures to process big health data. However, privacy issue arises when sensitive data are offloaded to the remote cloud. In this paper, we focus on pervasive health monitoring applications that allow anywhere and anytime monitoring of patients, such as heart diseases diagnosis, sleep apnea detection, and more recently, early detection of Covid-19. As pervasive health monitoring applications generally operate on constrained client-side environment, it is important to take into consideration these constraints when designing privacy-preserving solutions. This paper aims therefore to review the adequacy of existing privacy-preserving solutions for deep learning in pervasive health monitoring environment. To this end, we identify the privacy-preserving learning scenarios and their corresponding tasks and requirements. Furthermore, we define the evaluation criteria of the reviewed solutions, we discuss them, and highlight open issues for future research.
  • Thumbnail Image
    Item
    PReDIHERO – Privacy-Preserving Remote Deep Learning Inference based on Homomorphic Encryption and Reversible Obfuscation for Enhanced Client-side Overhead in Pervasive Health Monitoring
    (IEEE, 2021) Boulemtafes, Amine; Derhab, Abdelouahid; Ait Ali Braham, Nassim; Challal, Yacine
    Homomorphic Encryption is one of the most promising techniques to deal with privacy concerns, which is raised by remote deep learning paradigm, and maintain high classification accuracy. However, homomorphic encryption-based solutions are characterized by high overhead in terms of both computation and communication, which limits their adoption in pervasive health monitoring applications with constrained client-side devices. In this paper, we propose PReDIHERO, an improved privacy-preserving solution for remote deep learning inferences based on homomorphic encryption. The proposed solution applies a reversible obfuscation technique that successfully protects sensitive information, and enhances the client-side overhead compared to the conventional homomorphic encryption approach. The solution tackles three main heavyweight client-side tasks, namely, encryption and transmission of private data, refreshing encrypted data, and outsourcing computation of activation functions. The efficiency of the client-side is evaluated on a healthcare dataset and compared to a conventional homomorphic encryption approach. The evaluation results show that PReDIHERO requires increasingly less time and storage in comparison to conventional solutions when inferences are requested. At two hundreds inferences, the improvement ratio could reach more than 30 times in terms of computation overhead, and more than 8 times in terms of communication overhead. The same behavior is observed in sequential data and batch inferences, as we record an improvement ratio of more than 100 times in terms of computation overhead, and more than 20 times in terms of communication overhead.
  • Thumbnail Image
    Item
    PRIviLY: Private Remote Inference over fulLY connected deep networks for pervasive health monitoring with constrained client-side
    (Elsevier, 2023-09) Boulemtafes, Amine; Derhab, Abdelouahid; Challal, Yacine
    Remote deep learning paradigm enables to better leverage the power of deep neural networks in pervasive health monitoring (PHM) applications, especially by addressing the constrained client-side environment. However, remote deep learning in the context of PHM requires to ensure three properties: (1) meet the high accuracy requirement of the healthcare domain, (2) satisfy the client-side constraints, and (3) cope with the privacy requirements related to the high sensitivity of health data. Different privacy-preserving solutions for remote deep learning exit in the literature but many of them fail to fully address the PHM requirements especially with respect to constrained client-side environments. To that end, we propose PRIviLY, a novel privacy-preserving remote inference solution, designed specifically for the popular Fully Connected Deep Networks (FCDNs). PRIviLY avoids the use of encryption for privacy preservation of sensitive information, in order to fully prevent accuracy loss, and to alleviate the server-side hardware requirements. Besides, PRIviLY adopts a non-colluding two-server architecture, and leverages the linear computations of FCDNs along with reversible random perturbation and permutation techniques in order to preserve privacy of sensitive information, while meeting low overhead requirement of constrained client-sides. At the cloud server, efficiency evaluation shows that PRIviLY achieves an improvement ratio of 4 to more than 15 times for communication, and a minimum improvement ratio of 135 times for computation overhead. At the intermediate server, the minimum improvement ratio is at least more than 10,900 for computation, while for communication, the improvement ratio varies from 5 to more than 21 times. As for the client-side, PRIviLY incurs an additional overhead of about 27% in terms of communication, and between 16% and at most 27% in terms of computation.
  • Thumbnail Image
    Item
    TriDroid: a triage and classification framework for fast detection of mobile threats in android markets
    (Springer-Verlag, 2021) Amira, Abdelouahab; Derhab, Abdelouahid; Karbab, ElMouatez Billah; Nouali, Omar; Aslam Khan , Farrukh
    The Android platform is highly targeted by malware developers, which aim to infect the maximum number of mobile devices by uploading their malicious applications to different app markets. In order to keep a healthy Android ecosystem, app-markets check the maliciousness of newly submitted apps. These markets need to (a) correctly detect malicious app, and (b) speed up the detection process of the most likely dangerous applications among an overwhelming flow of submitted apps, to quickly mitigate their potential damages. To address these challenges, we propose TriDroid, a market-scale triage and classification system for Android apps. TriDroid prioritizes apps analysis according to their risk likelihood. To this end, we categorize the submitted apps as: botnet, general malware, and benign. TriDroid starts by performing a (1) Triage process, which applies a fast coarse-grained and less-accurate analysis on a continuous stream of the submitted apps to identify their corresponding queue in a three-class priority queuing system. Then, (2) the Classification process extracts fine-grained static features from the apps in the priority queue, and applies three-class machine learning classifiers to confirm with high accuracy the classification decisions of the triage process. In addition to the priority queuing model, we also propose a multi-server queuing model where the classification of each app category is run on a different server. Experiments on a dataset with more than 24K malicious and 3K benign applications show that the priority model offers a trade-off between waiting time and processing overhead, as it requires only one server compared to the multi-server model. Also it successfully prioritizes malicious apps analysis, which allows a short waiting time for dangerous applications compared to the FIFO policy.
  • Thumbnail Image
    Item
    Collaborative detection and response framework against SQL injection attacks in IoT-based smart
    (Springer Publisher whith IEEE, 2017-12-11) Boukhari, Chahira; Derhab, Abdelouahid; Guerroumi, Mohamed
    In this paper, we propose a collaborative detection and re- sponse framework against SQL injection attacks in IoT-based smart grids. The framework is composed of a set of host-based detection sys- tems; each of which is deployed at a smart meter, in addition, at the data management server. When an attack at one host is detected, the network administrator is noti ed and remotely patches the other hosts. The detection engine is lightweight as each smart meters analyzes the log le associated with its network traffic. Hence, the framework is sacalable to large IoT-based smart grids as the detection task is performed by each smart meter and does not rely on a single component. Prelimary results are promising in terms of true positive and false positive rates.o
  • Thumbnail Image
    Item
    SMART: Secure Multi-pAths Routing for wireless sensor neTworks
    (IEEE, 2014-06-22) Lasla, Noureddine; Derhab, Abdelouahid; Ouadjaout, Abdelraouf; Bagaa, Miloud; Challal, Yacine
    In this paper, we propose a novel secure routing protocol named Secure Multi-pAths Routing for wireless sensor neTworks (SMART) as well as its underlying key management scheme named Extended Twohop Keys Establishment (ETKE). The proposed framework keeps consistent routing topology by protecting the hop count information from being forged. It also ensures a fast detection of inconsistent routing information without referring to the sink node. We analyze the security of the proposed scheme as well as its resilience probability against the forged hop count attack. We have demonstrated through simulations that SMART outperforms a comparative solution in literature, i.e., SeRINS, in terms of energy consumption
  • Thumbnail Image
    Item
    Distributed Algorithm for the Actor Coverage Problem in WSN-based Precision Irrigation Applications
    (IEEE, 2011-05) Derhab, Abdelouahid; Lasla, Noureddine
    In this paper, we study the actor coverage problem with the goal of meeting the requirements of precision irrigation applications in Wireless sensor and Actor Networks (WSANs), which are : (1) the volume of water applied by actors should match plant water demand and (2) minimizing over-irrigation to the least extent. We take a novel approach to define and resolve the actor coverage problem. Based on this approach, we propose two algorithms : Centralized Actor-Coverage-IRRIG (CACI) and Distributed Actor-Coverage-IRRIG (DACI). The existing centralized and distributed approaches for the minimum cost actor coverage problem in WSANs are not optimal for all metrics. The communication scheme of DACI is designed in the way that it can keep the advantages of the centralized and the distributed approaches without inheriting their weaknesses. DACI constructs an actor cover set with the same optimality cost as CACI while incurring low signaling overhead. Complexity analysis and simulations results show that CACI and DACI are both better than the existing centralized algorithm in terms of cover set optimality. Also, DACI is better than the existing distributed algorithm in terms of message overhead.
  • Thumbnail Image
    Item
    Distributed Low-Latency Data Aggregation Scheduling in Wireless Sensor Networks
    (ACM, 2015-04) Bagaa, Miloud; Younis, Mohamed; Djenouri, Djamel; Derhab, Abdelouahid; Badache, Nadjib
    This article considers the data aggregation scheduling problem, where a collision-free schedule is determined in a distributed way to route the aggregated data from all the sensor nodes to the base station within the least time duration. The algorithm proposed in this article (Distributed algorithm for Integrated tree Construction and data Aggregation (DICA)) intertwines the tree formation and node scheduling to reduce the time latency. Furthermore, while forming the aggregation tree, DICA maximizes the available choices for parent selection at every node, where a parent may have the same, lower, or higher hop count to the base station. The correctness of the DICA is formally proven, and upper bounds for time and communication overhead are derived. Its performance is evaluated through simulation and compared with six delay-aware aggregation algorithms. The results show that DICA outperforms competing schemes. The article also presents a general hardware-in-the-loop framework (DAF) for validating data aggregation schemes on Wireless Sensor Networks (WSNs). The framework factors in practical issues such as clock synchronization and the sensor node hardware. DICA is implemented and validated using this framework on a test bed of sensor motes that runs TinyOS 2.x, and it is compared with a distributed protocol (DAS) that is also implemented using the proposed framework.
  • Thumbnail Image
    Item
    SMART: Secure Multi-pAths Routing for wireless sensor neTworks
    (CERIST, 2014-06-22) Lasla, Noureddine; Derhab, Abdelouahid; Ouadjaout, Abdelraouf; Bagaa, Miloud; Challal, Yacine
    Abstract. In this paper, we propose a novel secure routing protocol named Secure two-hop disjoint Multi-pAths Routing for wireless sensor neTworks (SMART) as well as its underlying key management scheme named Extended Two-hop Keys Establishment (ETKE). The proposed framework keeps consistent routing topology by protecting the hop count information from being forged. The two-hop scheme ensures immediate verification and fast detection of inconsistent routing information with- out referring to the sink node. We prove that it is sufficient to keep only two-hop disjoint paths to ensure full-resilience against node capture attacks. We have demonstrated through simulations that our solution outperforms a comparative solution in literature. In addition, ETKE is more resilient to node capture attacks than the probabilistic key man- agement schemes.