A group intelligence optimisation method for privacy protection problems in smart home environments

With the rapid and prosperous development of the Internet of Things (IoT), numerous application areas mainly include transportation and logistics, industrial manufacturing, healthcare, intelligent environment, etc., which have a broad market prospect. In recent years, smart home M has received more and more attention and is increasingly appearing in people’s daily lives [1–3]. Imagine, as soon as you come home from work, the electric light has been turned on, the TV is playing your favorite variety show, and the coffee maker is making a cup of mellow-type coffee, and you can talk to the smart speaker and order it to control the curtains and lights and other devices as if you have a housekeeper [4–6]. When you are not at home, if there is a gas leak or water pipe burst at home, etc., the corresponding alarm will respond and have a message to notify you of the accident, and you can also remotely monitor everything in your home and control smart home devices. Through the Internet of Things (IoT) technology, smart home connects various heterogeneous devices at home to each other to realize the communication, collection and transmission of data between the devices, build a highly efficient management system for residential facilities and family schedules, and improves the safety, convenience, comfort and artistry of the home. Google, Amazon and other international Internet giants have launched a smart home IOT cloud platform to make traditional devices intelligent, and domestic companies such as Xiaomi and Baidu have also promoted smart life applications, launching products such as Xiao-ai classmates and Xiaodu speakers [7–9].

Currently, smart home services are being integrated with the Internet of Behavior (Io B). The so-called behavioral Internet, i.e., the Internet of Things (IoT), is applied to human beings, and the collection of data in the network contains behavioral data such as the user’s health, emotions, and habits. Based on this data, smart home systems will continue to optimize products, provide more targeted services to consumers, and enhance the consumer experience. However, with the expanding scope and deepening use of smart home systems’ collection of users’ data, people are also becoming more aware of the privacy protection issue [10–12]. The privacy issues of smart home systems mainly include data confidentiality, data anonymization, data access control, and data erasure. In terms of data confidentiality, confidentiality is an important privacy challenge in smart home systems due to the heterogeneous nature of system devices [13–14]. In particular, devices with limited computational resources may not be able to use state-of-the-art encryption algorithms, and there is a significant risk of leakage. With respect to data anonymization, the traditional anonymization mechanism in the relationship between personal information obtained by smart home devices and their corresponding data subjects is more difficult to implement in smart home system settings. Data access control, i.e., strong access control mechanisms, needs to be set up in smart home systems to prevent unauthorized entities from accessing data. Data erasure, mainly the sensitive data about users collected by devices, is retained in the system for a long period, which is a big risk potential [15–16].

The emergence of smart homes has undoubtedly brought much convenience to our lives. We can easily control the lights, air conditioners, TVs, etc., at home anytime and anywhere through cell phones or other smart devices, enjoying the convenience brought by technology. At the same time, the smart home can also be intelligently adjusted according to our habits and preferences so that the home environment is more in line with our needs. Literature [17] builds an overall IoT framework to support the smart home IoT program and, at the same time, determines the main tasks that should be performed at each level and explores in detail the data processing problems and communication problems of the smart home IoT program, which provides a certain reference for the development of future smart home programs. Literature [18] conceptualized a human activity recognition strategy with smartphone inertial sensors as the core logic to adapt to smart home practices and conducted comparative experiments to confirm the superior performance of the proposed recognition strategy. Literature [19] brings together in-depth qualitative data on smart home research, pointing out the disruptive nature of smart home technology and that it is difficult and limiting to understand and use smart home devices in practice. Literature [20] examines the development and application of smart home technology and analyzes and defines the requirements for the construction of smart homes, i.e., based on the quality of the construction of smart home modules, defines the needs of smart homes therein, and also categorizes these needs. Literature [21] conceived a smart home energy management model based on IoT technology and big data processing technology, which realizes the monitoring and control of smart home energy management and promotes energy-saving management. Literature [22] proposed a comprehensive analytical research framework to explore the factors affecting the use of smart home services by users, and the study pointed out that mobility and privacy security significantly affect the use of smart home services. Literature [23] describes how smart home services combined with healthcare services can effectively monitor and manage the health and well-being of the elderly remotely, and finally reviews relevant publications on remote elderly healthcare service technologies based on smart home principles, making a positive contribution to the further development and innovation in this field.

The rapid development of smart homes has provided great convenience for people’s lives, but the collection and use of user data are hardly regulated, bringing new risks and privacy issues that will become more and more serious. How to properly protect user privacy, regulators, users, and product suppliers should make corresponding efforts to safely apply smart products to make people’s lives safer and more convenient. Literature [24] used semi-structured interviews to reveal users’ attitudes towards privacy and security during the use of smart home services, which provided important suggestions for the development and optimization of smart home products and solution designers. Literature [25] analyzes the core components related to smart home confidentiality, integrity, and availability as well as technologies to validate the security and privacy advancements of the proposed BC lightweight smart home framework adapted to IoT technologies and concludes that the proposed framework effectively improves the security risks of smart home technologies. Literature [26] designed a three-layer intrusion detection system that can classify, identify and evaluate cyber-attacks on IoT technology-enabled smart home devices and realized the discrimination of attack attributes as well as the localization of attacking device regions on smart home simulation experiments. Literature [27] combined semi-structured interview methodology to investigate the current status of users’ smart home usage and their attitudes and perceptions of security and privacy, and the study identified the gap between smart home practices and threat model analysis, pointing out users’ limited knowledge of security and privacy of smart home devices, as well as the mismatch between smart home managers and other members of the family in terms of the level of authority and usage. Literature [28] utilized the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology to conduct a comprehensive assessment of smart home security and privacy risks, including the database of the smart home system, physical files, and so on, to uncover a variety of security risks and vulnerabilities of the smart home devices, and to solidify the foundation for the improvement of the security performance of the smart home. Literature [29] discusses the technical composition and operation logic of smart homes, emphasizes the importance of smart home-sensitive data management, and argues that the generalization of smart home devices in the context of the Internet of Things (IoT), the user’s awareness of information security and attitudes need to evolve with the times.

In order to promote and achieve the optimisation of group intelligence, this paper proposes key technologies for smart home privacy protection from the perspective of privacy protection of smart home users at three levels: terminal devices, data transmission interfaces, and application platforms respectively. In the smart home platform privacy leakage detection technology, an API-based privacy leakage detection scheme is proposed to extract the API that contains the unique identification of the device identity and then reverse the mobile App to find the generation method of the unique identification of the device identity. By replacing the information that identifies the device identity in the communication packet using Hook technology, privacy information of the device can be obtained without permission to complete the discovery of privacy leakage problem. The idea of grouping and then executing the protection of terminal privacy data is proposed, and the proposed idea is implemented based on the improved RAPPOR algorithm to construct a localised differential privacy protection model, which effectively protects the privacy data security of terminals in smart homes scenarios. A lightweight key negotiation scheme based on ECDH is proposed, and a lightweight data security transmission scheme based on Chaotic Logistic and RC4 stream cipher is constructed to enhance the stability of encryption and decryption of smart home data. The practice of applying smart home privacy protection technology is carried out in a living room using a smart home in community A. The above-mentioned smart home platform privacy leakage detection technology, terminal privacy data protection technology, and interface data transmission confidentiality technology are evaluated in terms of performance, respectively.

2

Privacy protection in smart home environments

2.1

Analysis of privacy protection issues

With the development of science and technology, the number of smart home devices continues to grow and become more feature-rich, while the problem of user privacy leakage has become more serious. From the upstream personal information being illegally obtained to the midstream data being resold and sold in various black market trading platforms to the downstream various privacy data being used for fraud and extortion, a completely black and grey industrial chain has been formed behind the leakage of personal information, breeding a huge space for illegal profits, and seriously threatening the security of individuals, enterprises and even the country.

There are many reasons for security attacks on smart home devices, and these are some of the main factors. 1)

Smart home application platform

For smart home systems, privacy leakage mainly occurs in the communication process, leading to privacy leakage due to irregular communication protocols, access control policies are not strict, and the attacker can directly capture the network traffic to obtain the user’s private information.

2)

Smart home data transmission interface

In the smart home environment, device resources are generally limited, the authentication mechanism is weak, and key negotiation usually uses certificate signing, which results in computational overhead.

The key negotiation usually adopts certificate signing, which leads to high computational overhead and low security of key negotiation. The rapid increase of sensor devices in the IoT environment brings more challenges to secure data transmission in the IoT environment.

3)

Smart Home Receiving Terminal

Smart home terminal devices can access the user’s sensitive information, but the user does not know the specific flow of these sensitive data in the terminal device and thus cannot analyze the privacy leakage. Traditional data privacy protection methods cannot be applied to sensitive information data in smart home receiving terminals.

2.2

Impact of Privacy Protection Issues on Group Wisdom

When the user’s private data in the smart home environment is abused recklessly, the crisis suffered by the group intelligence in the face of the onslaught of information torrent deserves everyone’s vigilance. In the case that individuals can hardly resist the misuse of privacy data, users’ privacy data in smart homes is illegally collected and analysed, and the group’s points of interest are constantly mined and amplified, which is undoubtedly a waste of group wisdom in the long run.

With the full penetration of information technology in social life, how to reduce the leakage of users’ private data and realise privacy protection in the smart home environment has become an important way to maintain and stabilise group wisdom.

3

Privacy-preserving technologies in smart home environments

In the above statement, it is known that privacy protection and the reduction of privacy leakage in smart home environments have become an important way to maintain and stabilize the wisdom of the group. In this chapter, we will combine the privacy protection problems faced in the use of smart homes and propose key technologies for privacy protection in smart homes from the three levels of “terminal devices, data transmission interfaces, and application platforms” in order to promote and realise the optimisation of group intelligence.

3.1

Smart Home Platform Privacy Leakage Detection Technology

3.1.1

Platform Encrypted Traffic Privacy Leakage Detection Method Implementation

This section is a concrete implementation of the privacy leakage detection method for encrypted traffic on smart home platforms, which is mainly divided into four parts: event signature, event classification, event input and event detection, which are elaborated in detail below. 1)

Event Signature

The purpose of event signature is to generate a training dataset for machine learning by analysing the differences in encrypted traffic between different smart home devices and cloud platforms. An event signature method is designed to acquire all events related to smart home devices.

Traffic Acquisition. First, the third-party library Pyshark is imported in Python, and the communication traffic between smart home devices and cloud platforms is captured using the LiveCapture module. During the traffic capture process, control commands are sent using the mobile app, and specific operations are recorded in chronological order to form a collection of tags: 1 $I = {i_{1}, i_{2}, \dots}$

At the same time, the acquired encrypted traffic of smart home devices and cloud platforms is saved in .pcap format.

Traffic Slicing. Each operation corresponds to a data flow and is defined as an event $E_{i}^{n}$ as shown in Equation (1): 2 $\begin{matrix} E_{i}^{n} = {p_{1}, p_{2}, p_{3} \dots p_{n}} \\ p_{n} = (t_{n}, Δ t_{n}, I P_{d}, I P_{s}, l) \\ n = 2 a (a \in N^{+}), t_{n} \in [0, \infty), Δ t_{n} \in [0, \infty), l \in N^{+} \end{matrix}$

Where n is the number of packets for the event, i is the event name, and P is the packet. From the quintuple (t_n, △t_n, IP_d, IP_S, l) generated by the packet P, the time interval of the packet can be obtained: 3 $Δ t, Δ t_{n} = t_{n} - t_{n - 1}$

Where t_n is the packet reception time and t_n–1 is the last packet reception time. When Δt<m, the packet and the previous packet belong to the same event, and the value of m needs to be decided according to the network condition and the actual situation of the device.

2)

Event Classification

After obtaining all event signatures of smart home devices, events related to user privacy (e.g., switching devices on and off, setting timings, etc.) are filtered to constitute the device privacy event set. First, all device events are grouped according to the number of packets n in event $\begin{array}{l} E_{i}^{n} \end{array}$ , as shown in Equation (4): 4 $\sum_{n = 2}^{\max (n)} E_{i}^{n} = {E_{i}^{2}, E_{i}^{4}, \dots, E_{i}^{\max (n)}}, n = 2 a (a \in N^{+})$

Secondly, in order to be able to identify the privacy events from all the events, the set of names of all the events of the device is defined to be I, the set of names of the privacy events to be α, and the set of names of the non-privacy events to be β, i.e: 5 $I = α + β$

For event $E_{I}^{k}$ containing k packet, it is represented as follows: 6 $E_{I}^{k} = E_{α}^{k} + E_{β}^{k}$

Where $E_{α}^{k}$ is the set of private events and $E_{β}^{k}$ is the set of non-private events, the final goal is to identify $E_{α}^{k}$ among all the events using K-nearest neighbour algorithm.

3)

Event Input

Event input is the input events to be detected. For the case where the specific operation is not known, the encrypted traffic of smart home devices and cloud platform communication is obtained and the encrypted traffic is sliced to form the events to be detected E^k. In real life, the encrypted traffic of smart home devices and cloud platform communication is obtained by network administrators and attackers in real time. By simulating a network attacker, the encrypted traffic is acquired to form the event input. The attacker needs to satisfy one of the following conditions.

(1)

The attacker is within wireless WiFi communication range with the device, can break wep/wap encryption, and can use tools for traffic capture.

(2)

The attacker belongs to an insider and can use a traffic capture tool to obtain traffic from the gateway where the device is located.

(4)

Event Detection

Event detection is a specific implementation of privacy event identification for encrypted traffic based on event signature and event classification. Using the KNN algorithm, a classification model is built on a training sample dataset with known labels, and when there is an event input, the input event is mapped to one of the known categories [30].

Based on the event signature the traffic can be sliced and labelled to generate a stream of event data $E_{i}^{n}$ . Based on the information obtained from the quintuple, each event can be represented as a vector of 1 × n: 7 $\vec{E_{i}^{’ ’}} = [d_{1} \times l_{1}, d_{2} \times l_{2} \dots d_{n} \times l_{n}]$ i is the event name, n is the number of packets for that event, d is the packet direction, specifying the direction of packets from the cloud platform to the device d = 1, and the definition of packets from the device to the cloud platform d = –1. Take any n-dimensional event vector $\vec{E_{i}^{n}}$ as a sample corresponding to a point in the feature space, and the corresponding classification label is the name of the event i. 80% of the generated set of samples is used as a training dataset to train the model. The remaining 20% of the sample set is used as a test dataset, which is used to directly judge the effectiveness of the detection model and to improve the model before it enters the real environment. The KNN algorithm is implemented using the python library scikit-learn.

3.1.2

Communication Privacy Leakage Detection Method Implementation

This section is a concrete implementation of the privacy leakage detection method for cloud platform and mobile app communication, which is mainly divided into three parts: API acquisition, app reversal, and API testing. It is described in detail below. 1)

API Acquisition

In order to obtain the communication data, simulate the user use of the mobile App to control the smart home devices so that the control module on the mobile App can be operated as much as possible, so that it can cover as many APIs as possible.

Fiddler decrypts HTTPs packets. After opening Fiddler, you first need to configure HTTPs decryption, tools->options->https, select Decrypt HTTPs and Ignore Server Certificates, and install Fiddler’s root certificate.

FiddlerScript scripts for filtering. When the mobile app obtains device information, it needs to report the identification that represents the identity of the device (usually expressed as a string of numbers), so it is necessary to filter the API that contains the unique identification of the identity of the device in the content of the request. The FiddlerScript script uses JScript.

2)

App Reverse

Use Jeb and Jdax to analyse the generation of parameters in the HTTPs data stream in the App. Use software to open the APK file of the test app and locate the relevant programs by looking for keywords in the parameters. Trace the data flow and rely on manual analysis of decompiled code to identify the method for parameter generation.

3)

API Testing

API testing is to test APs that contain private information one by one and detect whether they have privacy leakage due to unstrict verification of user rights.

Dynamically hijacking the running methods and changing the parameters or return values of the methods is done by the Xposed framework during the testing process. After modifying the module using the Xposed framework, it needs to be compiled and run, and the Android system needs to be restarted. The module takes effect after the system is restarted. When running the APK file after the Hook, the code will be executed first, and the parameters to be sent in the HTTPs packets will be modified according to the procedure. During this period, you can monitor whether the Hook is successful through the Android runtime log.

After successfully modifying the unique identification of the device identity, if the user requests through the API to obtain information access to other devices (the user does not bind the device), it proves that there is a privacy leakage problem in the API during the communication between the cloud platform and the mobile app. If the cloud platform detects an exception and returns an error code after the user submits a request through the API, it indicates that there is no privacy leakage problem with the API.

3.2

Smart Home Terminal Privacy Data Protection Technology

3.2.1

Basis for localised differential privacy implementation

1)

Bloom filter

Bloom filter is a more ingenious probabilistic data structure, which is more efficient and occupies less space compared to some traditional data structures such as List, Set, Map, etc. [31]. It is based on multiple predefined hash functions. The original data will be processed using the hash function to obtain the corresponding hash value, for the defined length of m - bit storage space M, will be obtained for each hash value in M the corresponding position is set to 1, if it is already a 1 does not need to be processed again, for the other bits in M are all set to 0 [32]. In the query operation, the string to be detected also need to use the same set of hash functions to get the hash value, check whether the corresponding position in M is all 1. If there is a bit of 0, this means that the string must not exist. If all are 1, it means that the string may exist.

If you want to map a value to a Bloom filter, you need to use several different hash functions to generate different hash values, and for each hash value corresponding bit position is 1.

2)

Introduction to the RAPPOR algorithm [33]

Single-valued frequency statistics, as the name suggests, means that a user can send only one variable value at a time, and among the localised differential privacy methods, the RAPPOR method is a representative of the single-valued frequency statistics method, which uses the form of a string to represent the value of a variable. Assuming that the size of the number of users is represented by n and the ind user u_i corresponds to a value of X_iϵX for some sensitive data and |X| = k, the frequency of X_i now needs to be statistically analysed.

X represents the age, the age value of a certain user is X_i = 45, first of all, the Bloom Filter technique is used for hash mapping, the age value is represented by a vector B = (0,1)^h of length h, and at the same time, it is necessary to record the mapping matrix between the string and the Bloom string, and then the random response technique is used, based on the corresponding function of the vector B to flip each bit bit, to get the result of the permanent random response B′ The perturbation function is shown in (8) and f ϵ [0,1] indicates the range of values of the probability: 8 $p (B_{i^{’}} = x) {\begin{array}{l} 0.5 f & x = 1 \\ 0.5 f & x = 0 \\ 1 - f & x = B_{i} \end{array}$

Next, a second perturbation is applied to each bit of vector B′ to obtain the instantaneous random response result s. The function of the second perturbation is as follows, where pϵ[0,1] and qϵ[0,1] denote the probability of setting S_i to 1 when B′ takes the values of 0 and 1, respectively: 9 $P (S_{i} = 1) = {\begin{matrix} p i f B_{i}^{^{’}} = 1 \\ q i f B_{i}^{^{’}} = 0 \end{matrix}$

Each user sends the final perturbation result S to a third-party server, which corrects and counts the number of occurrences of 1 in each bit, and uses Lasso regression to obtain the frequency distribution of age values based on the mapping matrix.

3.2.2

Construction of localised differential privacy preserving model

In this chapter, based on RAPPOR, the Bloom filter is improved by taking a partial perturbation of the original bit array, i.e., the middle part of the original data is not noised and only the remaining part is perturbed, so that an approximate grouping of the initial data can be made.

The first operation to be performed is to assume that the user uploaded data is D_i = <channel,time>. According to the k hash functions set, the initial data is processed using the given hash function, mapped to the Bloom filter each generated hash value pointing to a bit bit set to 1. All the uploaded data is processed using this method.

Secondly, for the data, in order to be able to group the original data, so the perturbation bits are not

Secondly, for D_i(channel) data, in order to be able to group the original data, so the perturbation bit cannot be too long, but if it is too short then it affects the effect of privacy protection. With usual experience, based on the length h of the Bloom filter, take the middle h₂ length of bits as the invariant term, and randomly flip the rest of the bits in the generated Bloom filter array to generate a new array. For D_i(time) data, it is straightforward to randomly flip all the bits.

Then, a new array of equal length to the array in the previous step is requested and each bit is initialised to 0. The corresponding bits of the new array are then initialised according to each bit obtained in the previous step, with the intervening h₂ length of bits remaining unchanged throughout for D_i(channel) data, and without this restriction for D_i(time) data.

Finally, the user uploads the results to a third-party server, which groups the original data according to the length of the bits in the middle of D_i(channel) and h₂, and then analyses the statistics of D_i(time). The third-party server counts the number of times a 1 appears in each bit, and then completes the task of frequency statistics through the mapping matrix and Lasso regression to obtain the correlation information between D_i(channel) and D_i(time), thus achieving the goal of statistics. The goal of the statistics is achieved.

3.3

Smart Home Interface Data Transmission Confidentiality Technology

Aiming at the high computational overhead caused by the use of too many hash functions and signature certificate algorithms for secure transmission in the smart home environment, this paper proposes a lightweight data security transmission scheme based on Chaotic Logistic and RC4 stream cipher [34].

3.3.1

Lightweight ECDH-based key negotiation scheme

A smart home system is a combination of many sensor nodes that have limited computing power and low storage capacity. These devices have smart features that provide convenient services such as automatically adjusting the temperature to make the home environment more livable, triggering the air conditioner to turn on when someone walks into the room, and controlling the lights to go off when someone leaves.

1)

Smart Home Model Architecture

The smart home architecture considered in this scenario involves three main entities: sensor nodes, smart home server and user client. Some reasonable security assumptions are given below for the completeness of the scheme and better discussion and analysis.

Both the central server and the token authentication server are trusted entities. Both entities have sufficient computing power and storage capacity. It is our assumption that the communication channel between the token authentication server and the central server is secure, allowing the central server to query some necessary information from the token authentication server. An encrypted channel is used for communication between the token authentication server and the sensor nodes. In this scheme, the main issues we consider are the authentication of sensor nodes and the security of communication between sensor nodes and the central server, where the sensor nodes are not trusted entities and have limited computational and storage capabilities.

2)

Smart home device registration

Prior to device registration, the token authentication server and the sensor node pre-distribute a pair of symmetric encryption keys. This symmetric encryption key is used to encrypt the transmission of data between the two entities, and the sensor node is pre-distributed with a unique identity ID_sv. The symmetric encryption key is different for each sensor node and is used only to encrypt registration information.

3)

Authentication and key negotiation

The sensor node and the central server select an elliptic curve Ep(a,b), y² = x³+ax+b(modp), where P is the base point of that elliptic curve.

The key negotiation phase generates a shared key between the sensor node (SN) and the central server (CS). The secure shared key is used for data transmission. This phase consists of following three steps.

(1)

Step 1. After the registration of the sensor node (SN), initialisation parameters are obtained including sensor node identity D_SN, sensor authentication token token_SN and Chinese remainder theorem parameter m₁, m₂. The sensor node computes the most important message authentication code Q_SN = h(token_SN || D_SN || STAMP_pl) and the current packet hash digest HD_pl, where the subscript variable pl denotes the first stage of key negotiation. Then, the sensor node sends the necessary parameters Q_SN,ID_SN,STAMP_pl,HD_pl to the central server. After the central server receives these parameters, it computes Q_SN = h(token_SN || D_SN || STAMP_pl) and verifies the formula Q_SN = Q_SN1. If this formula is not equal, it indicates that the authentication message is incorrect and the key negotiation step will stop immediately. Otherwise, the central server will continue with the next step.

(2)

Step 2. After successful authentication, the central server generates two pairs of public and private keys (F, f) and (R, r). Subsequently, the central server selects a random number a₁(0<a₁<m₁) and sends the parameters to the sensor node F, R, a₁, STAMP_p2, HD_p2.

(3)

Step 3. When the sensor node receives the parameters from the central server (CS), the sensor node generates a pair of public and private keys (E, e) and selects a random number a₂(0<a₂<m₂) after which it computes HD_p3 = h(E□a₂,□token_sN□STAMP_p3). Then, the sensor node sends these parameters E, a₂, STAMP_p3, HD_p3 to the central server. Finally, both parties can use the known parameters to compute the same shared key.

The proof of key negotiation computation for this scheme is as follows.

The sensor node computes the shared key as follows: 10 $\begin{matrix} γ = h a s h (H D_{p 1} □ H D_{p 2} □ H D_{p 3}) \\ M = m_{1}^{*} m_{2}, M_{i} = M / m_{i}, y_{i} = 1 / M_{i} (mod m_{i}) (1 \leq i \leq 2) \\ x \equiv a_{1} y_{1} M_{1} + a_{2} y_{2} M_{2} (mod M) \\ S K_{S N} = e (F x + γ R) \end{matrix}$

The central server calculates the shared key as follows: 11 $\begin{matrix} γ = h a s h (H D_{p 1} □ H D_{p 2} □ H D_{p 3}) \\ M = m_{1}^{*} m_{2}, M_{i} = M / m_{i}, y_{i} = 1 / M_{i} (\mod m_{i}) (1 \leq i \leq 2) \\ x \equiv a_{1} y_{1} M_{1} + a_{2} y_{2} M_{2} (\mod M) \\ S K_{C S} = E (f x + γ r) \end{matrix}$

Therefore, the sensor nodes and the central server can obtain the same shared key in our proposed key negotiation scheme, and there is a strong correlation between the shared key and the parameters in the key agreement. In this paper, we will use the combination of the ECDH algorithm and the Chinese remainder theorem to achieve secure key negotiation.

3.3.2

Chaotic Logistic and RC4 based secure transmission scheme

This part is the main data transmission part, including the encryption module and decryption module. The initiation of encryption and decryption is bi-directional. It can be that the intelligent terminal sends encrypted data to the central server, or the central server sends encrypted data to the intelligent terminal. The two cases are reciprocal, and the following uses the example of an intelligent terminal sending encrypted packets to the central server to accurately introduce the process. 1)

Encryption module

In the key synchronisation module, both parties have the same number of transmission rounds and initialisation parameters of the key generator, and the encryption mechanism uses one encryption at a time, so the key for encrypting packets under each transmission round is different and needs to be re-calculated, and the number of transmission rounds will be increased by one for each additional transmission. Firstly, the intelligent terminal collects the data in transmission round number τ and converts it into a vector M=(m₁,…,m_n), then uses the initialisation parameter r,Enkey_t of the chaotic logistic encryption key generator to bring it into the chaotic logistic formula, and brings the transmission round number t+1 to get the key for this encrypted data Enkey_t+1 = r*Enkey_t(1 – Enkey_t). Then calculate the message digest key, bring the obtained RC4 stream cipher initialization parameter seed_rc4 and the current transmission round number t + 1 into the RC4 stream cipher algorithm to get the message digest key Di_key_t+1 = RC4(seed,t +1). After that, calculate the data ciphertext, the encryption method adopts the symmetric encryption algorithm AES, and the calculation formula is EM₃ = En_{Enkeγ_i+1}(M□STAMP₅,□D_SN□t+1), and then calculate the message authentication code HD₃=MAC_{Di_kϖγ_,i+1}(Token_SN□STAMP₅D_SN□t+1□EM₃), and the algorithm of generating the message authentication code is the hash function with the key, and the key here is the previously calculated message digest key Di_key_t+1. The smart terminal will then send the message authentication code HD₃, the ciphertext EM₃, the timestamp, the number of rounds transmitted t+1 and the device ID to the central server.

2)

Decryption module

After the central server receives the data packet from the intelligent terminal, it firstly authenticates whether the data packet is complete and whether the identity is legal or not, and the central server inquires the identity authentication code Token_sv corresponding to the device ID, the initialization parameter of the Chaotic Logistic Encryption Generator and the initialization parameter of the RC4 Streaming Cipher-based Digest Key Generator, calculates the Message Digest Key Di_key_t+1=RC4(seed,t+1) under the current transmission round t+1, and then calculates the Message Authentication Code HD_c3=MAC_{Di_k5y_i+1}(Token_SN□STAMP₅□D_SN□t+1□EM₃), and then compare whether Equation HD_c3=HD₃ is equal, if it is equal, it represents that the identity of this packet is legitimate and the packet is complete, and the following decryption operation is carried out, otherwise, discard the packet and stop the following steps immediately. After successful authentication, the central server calculates the encryption key Enkey_t+1=r*Enkey_t(1–Enkey_t) under the current transmission round t+1 and decrypts the ciphertext to get plaintext M = DE_KEY_RRG(EM₃). This completes the secure decryption of the packet.

4

Application of privacy-protecting technologies in smart home environments

In order to ensure the effectiveness and reliability of the proposed smart home privacy protection technology, this chapter applies the proposed privacy protection technology to a real smart home environment. With the permission of the owner of a smart home in community A, the smart home privacy protection technology proposed in this paper is installed and set up in his home (referred to as “Room A”) to collect relevant data generated in a real smart home environment. The house is a three-bedroom, two-bathroom house with an area of 128 square meters.

The data processing system is Windows 10, and the PHP language is used to process the data, standardise the data in Txt format and that format, and then store them in a unified MySQL database, which facilitates the reading and manipulation of the data in the experiment.

4.1

Assessment of platform privacy breach detection techniques

In this section, the above proposed privacy leakage detection techniques for smart home platforms are tested, and in order to facilitate the evaluation of their detection performance, this paper uses precision rate, accuracy rate and false alarm rate as the evaluation indexes for the metrics, and PCA, BP, SVM and ELM algorithms are selected as comparisons. The detection performance of different privacy leakage detection techniques is specifically shown in Figure 1. From the figure, it can be seen that the privacy leakage detection technique proposed in this paper for the smart home platform has the lowest false alarm rate of 3.6% compared to PCA, BP, SVM, and ELM, and the accuracy rate has been improved by 4.2%, 10.18%, 27.35%, and 17.66% compared to them, respectively, with an accuracy rate of 97.8%. From the accuracy rate value, the privacy leakage detection technique in this paper achieves the best result among the five methods, with an accuracy rate of 98.8%.

4.2

Assessment of terminal privacy data protection technologies

In order to judge the terminal data reception and protection capability of the smart home terminal privacy data protection technology based on the RAPPOR algorithm proposed in this paper under different transmission pressures, this section conducts 10 groups of experiments in the experimental environment of living room A. In increments of 100 or 50, groups of messages such as 100, 200, 300, and so on, with the highest number of messages being 3,000, are transmitted. Only when the data in the smart home terminal is successfully decrypted and verified, and meets the user’s permissions, can the message transmission be successfully recorded. The experimental results are specifically shown in Fig. 2. The experimental results show that in the case of data flow direction “device → mobile application”, when the number of telegrams is less than 500, the success rate of the smart home terminal’s message processing is 100%, the success rate of the number of telegrams in the range of 600~1600 slightly decreases to 99%, and when the number of telegrams reaches 2500, the success rate decreases to 97%. Similarly, in the case where the data flow direction is “mobile application→devic”, the success rate of message processing of the terminal drops to the lowest 97% when the number of messages reaches 2300. The experimental results show that the success rate of message processing has no obvious direct relationship with the direction of data flow, and as the number of continuously transmitted messages increases, the terminal privacy data protection technology in this paper is still able to maintain a high success rate of message processing.

4.3

Technical assessment of the confidentiality of interface data transmission

This section evaluates the performance of the Chaotic Logistic and RC4 based data transmission schemes in the data transmission confidentiality techniques for smart home interfaces proposed in this paper in terms of computational overhead and also compares them with other methods such as Logistic, FPGA, LoRa, OFDM, ECC, ZYNQ, M-LVDS, DSP, and so on. The computational overhead of each transmission secrecy technique in the authentication phase is calculated separately, and the specific results are shown in Table 1. From the data in the table, it can be seen that the computational overhead of FPGA, OFDM, and ZYNQ is the largest among all methods, and the total computational overhead reaches 57.285 ms, 20.959 ms, and 25.678 ms. Except for these three methods, the total computational overhead of other methods is within 1 ms, and the total computational overhead of the data transmission confidentiality technique in this paper is the lowest, which is only 0.068 ms.

Table 1.

Computational overhead

Method	User(ms)	Server(ms)	Registration center(ms)	Total cost(ms)
Logistic	0.076	0.044	-	0.119
FPGA	25.086	32.199	-	57.285
LoRa	0.075	0.058	0.150	0.283
OFDM	10.497	10.462	-	20.959
ECC	0.090	0.064	0.149	0.303
ZYNQ	12.727	12.951	-	25.678
M-LVDS	0.086	0.054	-	0.139
DSP	0.076	0.037	-	0.113
Methods of this article	0.030	0.039	-	0.068

4.4

Evaluation of Smart Home Privacy Protection System

In this section, two parameters, ACA and FVR, are introduced.ACA, as a parameter to measure the privacy protection effect, takes a value in the range of [0,1], and the closer the ACA is to 0, it represents the better the privacy protection effect of the smart home privacy protection system.FVR, on the other hand, is the ratio of the amount of noisy data to the amount of real sensor-perceived data in the unit of time of the smart home privacy protection system, and a higher value of FVR represents the higher energy consumption. The higher FVR value indicates higher energy consumption. Before experimenting with Room A, the ACA and FVR values of the original smart home privacy protection system in Room A (referred to as the “initial smart home system”) were recorded under different conditions. After the experiment starts, the privacy protection technology proposed in this paper is used to adjust and configure the smart home privacy protection system in room A, and the changes in ACA and FVR values are also recorded and compared with the data of the initial smart home system. The smart home privacy protection system in room A, which is adjusted and configured with the privacy protection technology proposed in this paper, is referred to as the “new smart home system”.

4.4.1

Comparison of privacy protection effects

In this subsection, we will explore the change of privacy protection effect between the initial smart home system and the new smart home system, applying the techniques in this paper as the amount of noise data increases, i.e., the FVR value grows. The density plot of the privacy protection effect is specifically shown in Fig. 3, where System1 and System2 represent the initial smart home system and the new smart home system, respectively. It can be seen that with the growth of the FVR value, both the initial smart home system and the new smart home system, the privacy protection effect is gradually enhanced, i.e., the ACA value shows a stable decreasing trend, but the latter privacy protection effect, i.e., the ACA value, decreases more and is closer to 0. When the FVR value reaches 27, the ACA value of the initial smart home system is 0.236, while the ACA value of When the FVR value reaches 27, the ACA value of the initial smart home system is 0.236, while the ACA value of the new smart home system applying this paper’s technology is only 0.045, which is 0.191 less than that of the initial smart home system. Compared to the initial smart home system, the new smart home system using this paper’s privacy-protecting technology achieves a better privacy-protecting effect.

4.4.2

Comparison of energy consumption

The energy consumption comparison between the initial smart home system and the new smart home system applying the techniques in this paper is carried out by comparing the magnitude of the noise data addition (i.e., FVR value) with the same privacy protection effect (i.e., the same ACA value). The energy consumption comparison between the initial smart home system and the new smart home system is specifically shown in Table 2. Without considering the delay, it can be clearly seen that the energy consumption of the new smart home system is significantly lower than that of the initial smart home system. The ACA value is approximately close to 0, the better the privacy protection effect, and the larger the difference between the FVR values of the initial smart home system and the new smart home system. When the ACA value is 0.9, the difference between the FVR values of the two is 2.05, and when the ACA value is 0.1, the difference between the two increases to 12.05. Obviously, the energy consumption of the new smart home system with the application of privacy protection technology in this paper has significantly improved and is better than the initial smart home system.

Table 2.

Energy consumption contrast

ACA	FVR
ACA	System1	System2	Difference value
0.1	29.98	17.93	12.05
0.2	22.17	12.26	9.91
0.3	18.54	9.88	8.66
0.4	13.92	6.57	7.35
0.5	10.05	3.85	6.2
0.6	8.54	2.51	6.03
0.7	6.18	2.12	4.06
0.8	4.23	1.57	2.66
0.9	2.93	0.88	2.05

5

Strategies for optimising group intelligence in smart home environments

In the above analysis, the validity and reliability of the smart home privacy protection technology proposed in this paper have been fully tested, providing strong support for optimizing group intelligence. Combined with the smart home privacy protection technology studied in this paper, this chapter will further propose in-depth strategies for optimizing group intelligence in the smart home environment. 1)

Group awareness enhancement

Establish a sound privacy protection policy and user protection agreement to enhance the group’s awareness of privacy security and protection.

2)

Combination of technical means and group management measures

In addition to protecting user privacy at an objective level through the use of privacy protection technology in this paper, group management measures should be formulated by combining the joint efforts of smart home manufacturers, policy administrators, and consumers, and group wisdom should be brought into play to jointly supervise the privacy protection work in the smart home environment.

3)

Laws, regulations and standards development

Under the impetus of group wisdom, the formulation of laws, regulations, and standards related to privacy protection in the smart home industry should be promoted to strengthen the protection of personal privacy.

6

Conclusion

In order to optimize the group intelligence in the privacy protection of the smart home environment, this paper proposes the key technology of smart home privacy protection from the three levels of “terminal device—data transmission interface—application platform.” With the permission of the owner of a smart home in community A, the application of this paper’s privacy protection technology is carried out in his residence.

The accuracy, precision and false alarm rate of the proposed privacy leakage technology for smart home platforms are 98.8%, 97.8% and 3.6%, respectively, and the detection performance is better than that of the PCA, BP, SVM and ELM algorithms for comparison.

In the case of different data flow, with the increase of the number of newspaper entries and the success rate of this paper’s smart home terminal privacy data protection technology decreasing to 97% at the lowest, it is still able to maintain a high message processing success rate.

This paper proposes a smart home interface data transmission privacy technology that has a computational overhead of only 0.068ms during the authentication phase, and its performance is superior to other comparative methods.

The overall evaluation of the smart home privacy protection system applying the privacy protection technique in this paper shows that as the FVR value grows, the new smart home system applying the technique in this paper has a greater decrease in the ACA value, which is closer to 0. It has a stronger privacy protection effect compared to the initial smart home system, and its energy consumption is significantly lower than that of the initial smart home system.

Idioma:: Inglés

Calendario de la edición:: 1 veces al año
Temas de la revista:: Ciencias de la vida, Ciencias de la vida, otros, Matemáticas, Matemáticas aplicadas, Matemáticas generales, Física, Física, otros

RSS Feed de revista

A group intelligence optimisation method for privacy protection problems in smart home environments

Jiaze Yu

Publicado en línea: 03 feb 2025

Recibido: 04 oct 2024

Aceptado: 02 ene 2025

DOI: https://doi.org/10.2478/amns-2025-0028

Palabras claveAPI technique, Hook technique, RAPPOR algorithm, Chaotic Logistic, Smart Home

© 2025 Jiaze Yu, published by Sciendo

This work is licensed under the Creative Commons Attribution 4.0 International License.

Palabras clave
API technique, Hook technique, RAPPOR algorithm, Chaotic Logistic, Smart Home