SG 1

This article has been accepted for publication in a future issue of this journal, but has not been
fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2019.2957404, IEEE
Transactions on Industrial Informatics
1
A Low-Overhead, Confidentiality-Assured, and

Authenticated Data Acquisition Framework for IoT
Yushu Zhang, Member, IEEE, Qi He, Guo Chen, Senior Member, IEEE, Xinpeng Zhang, Senior Member, IEEE,
and Yong Xiang, Senior Member, IEEE
Abstract—In the face of several critical issues during data grid (SG) that are frequently uploaded and downloaded all
acquisition in industrial informatics based applications, like the time. The acquisition of these media data depends on a
Internet of Thing (IoT) and smart grid, this work has proposed wide range of sensors, which work uninterruptedly daily to
a novel framework based on compressive sensing (CS) and
cascade chaotic system (CCS). This framework can ensure be responsible for sampling various types of data including
low overhead, confidentiality, and authentication. Based on CS image, audio, video, temperature, humidity, electric power,
and CCS, three technologies including CCS-driven CS, CCS- biomedical signals such as electrocardiograph (ECG) and
driven local perturbation, and authentication mechanism are electromyography (EMG), etc. However, there exist several
introduced in the proposed data acquisition framework. CCS- critical issues to be addressed.
driven CS generates the measurement matrix with chaotic initial
conditions and avoids the transmission of large-size measurement The first issue is the requirement of low-power dissipation
matrix. CCS-driven local perturbation only perturbs a small to save resources for sensors. The emergence of compressive
number of elements in the original measurement matrix for sensing (CS) theory [1]–[3] provides an effective means of
each sampling and avoids the re-generation of large-size mea- addressing this issue. CS takes advantage of the sparsity of
surement matrix. The authentication mechanism employs the a signal to simultaneously sample and compress the signal
authentication password and the access password to deal with
the passive tampering attack and the active tampering attack, and efficiently reconstruct it by solving underdetermined linear
respectively. Moreover, the permutation-diffusion structure is systems. In comparison with Shannon-Nyquist sampling theo-
used to encrypt the obtained measurements to enhance the rem, CS requires fewer samples for an efficient reconstruction.
security. Both theoretical and experimental analyses validate Thus, CS can cut down the overhead of computing resources
low overhead, confidentiality, and effective authentication of the if applied to sensors. Meanwhile, the compression contributes
proposed data acquisition framework for a number of industrial
informatics based applications like IoT. to decrease the occupation of storage space for sensors. The
low-overhead sampling and compression capacity fit well with
Index Terms—Data acquisition, compressive sensing, low over-
restricted computing and storage resources in sensors and
head, confidentiality, authentication.
therefore CS has widespread applications in wireless sensor
networks [4]–[8].
I. I NTRODUCTION Moreover, it is essential to protect the signal confiden-
I n the present era of Big Data and Artificial Intelligence,

acquiring and analyzing mass data have become an es-
sential condition and a fundamental problem of promoting
tiality from information leakage. The traditional method is
to encrypt the sampled signal using encryption techniques
before transmission. Nevertheless, this two-step workaround
technological progress in related fields. There are emerging has to consume more resources, which is unfavorable for
and accumulating large amounts of media data in public and sensors. A good trick is that the confidentiality protection is
private networks such as Internet of Things (IoT) and smart automatically embedded in sampling without the increase in
cost. CS can be such a good trick, since it can carry the secrecy
This work was supported in part by National Key R&D Program of China
under Grant 2017YFB0802300, in part by the Chongqing Key Laboratory of if random measurement matrix is regarded as a key [9]–
Mobile Communications Technology under Grant cqupt-mct-201901, in part [13]. As a result, some works exploited CS for low-cost and
by the Six Talents Peak Project of Jiangsu Province under Grant RJFW-027, confidentiality-preserving sampling layout in IoT [14]–[18]
in part by the National Natural Science Foundation of China under Grants
61572253, U1636206, and 61525203, in part by Australian Research Council and SG [19]–[22]. Xue et al. proposed a CS-based sampling
under grants DP180103217 and IH180100020, and in part by funding from and compression scheme for cloud-enabled IoT systems and
the UNSW Digital Grid Futures Institute, UNSW, Sydney, under a cross this scheme provides a secure interaction between IoT devices
disciplinary fund scheme.
Corresponding author: Guo Chen. and the cloud using three layers of encryption including
Y. Zhang is with the College of Computer Science and Technology, Nanjing random compressed encryption, statistical decryption, and raw
University of Aeronautics and Astronautics and the Collaborative Innovation data decryption [14]. Zhang et al. took chaotic CS theory as the
Center of Novel Software Technology and Industrialization, Nanjing 211106,
China (e-mail: yushu@nuaa.edu.cn) underlying encryption mechanism to attain low-overhead data
Q. He is with the School of Cyber Science and Technology, Beihang acquisition while still maintaining data secrecy for multimedia
University, Beijing 100191, China (e-mail: tsj2569420026@163.com) IoT [15]. Dautov and Tsouri designed a lightweight encryption
G. Chen is with the School of Electrical Engineering and Telecommunica-
tions, University of New South Wales, Sydney, NSW 2052, Australia (e-mail: scheme based on CS and linear feedback shift register for
guo.chen@unsw.edu.au) ECG signals in wireless body area networks [16]. Peng et al.
X. Zhang is with the School of Computer Science, Fudan University, presented a secure data transmission approach with the help
Shanghai 201203, China (e-mail: zhangxinpeng@fudan.edu.cn)
Y. Xiang is with the School of Information Technology, Deakin University, of chaos-based CS theory in wireless body-to-body networks
Victoria 3125, Australia (e-mail: yxiang@deakin.edu.au) [17] and applied semitensor CS for flexible and secure data
1551-3203 (c) 2019 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2019.2957404, IEEE
2
transmission in wireless body area networks [18]. Gao et al. experimental analysis validate the features of low overhead,
secured data transmission and enhanced the efficiency with the confidentiality protection, and authentication for the proposed
CS sampling in SG [19]. Choi et al. put forward CS-based framework.
meter reading random access in smart utility network [20]. Contributions of this work are summarized as follows:
Chiu et al. suggested a CS-based joint data compression and • Propose a low-overhead, confidentiality-assured, and au-
encryption algorithm to simultaneously guarantee metering thenticated data acquisition framework for IoT.
data fidelity and secrecy in wireless energy auditing networks • Introduce CCS-driven CS for low-complexity sampling
[21], [22]. and compression.
However, the energy consumption issue still exists in the • Design CCS-driven local perturbation to reduce energy
above mentioned works, in which the measurement matrix consumption drastically.
needs to be updated every time for more secure signal sam- • Build up authentication mechanisms to prevent the tam-
pling. On one hand, the measurement matrix is huge and its pering attack actively and passively.
size requires being much larger than the signal size. On the • Validate the proposed data acquisition framework theo-
other hand, generating such a measurement matrix certainly retically and experimentally.
consumes large amount of resources. In addition, the issue of
The rest of this work proceeds as follows. The next section
authentication is neglected.
is preliminaries about CS and CCS. Section III introduce
Attackers may poses a hazard to a legitimate recipient by
three several key technologies including CCS-driven CS,
tampering the signal during transmission, which is even more
CCS-driven local perturbation, and authentication mechanism.
awful than not receiving the signal. Therefore, the message au-
Based on these three technologies, Section IV presents the
thentication is essential for the received signal for the integrity
overall service model framework and the data acquisition
purpose. An authentication mode for CS imaging was designed
framework. Section V is about theoretical analyses in terms of
in [23], in which the authors took full advantage of CS
complexity analysis, key size analysis, and further discussions
framework to generate the verification sequence. This mode is
on local perturbation. Experimental analyses include local
different from the general Hash function based authentication
perturbation analysis, authentication analysis, and comparative
modes in [24]–[26], since they exploited the authentication
analysis of the relevant works are described in Section VI. The
with the original information and cannot tolerate little change.
last section concludes this study.
However, this mode does not require the original information
already in the receiver’ hand and has the robustness of
tolerating some changes. Further, it was incorporated in CS- II. P RELIMINARIES
based encryption to become an authenticated-encryption mode
A. Compressive Sensing
[23] and was improved in terms of the shortcomings including
training method, tag extraction, and verification [27]. However, In the field of signal processing, an original signal is
they did not involve the issue of power dissipation under the sampled on the sampling side and then needs to be recovered
background of IoT and SG. Meanwhile, they did not take into on the receiving side. To guarantee an accurate reconstruction,
consideration the active tampering attack that is launched by there is a specific requirement for the sampling rate. The
illegal users who tamper the ciphertext in some way when classic Nyquist sampling theorem states that the sampling
accessing it. rate over twice the signal bandwidth can ensure a perfect
To simultaneously overcome the above-mentioned three is- signal reconstruct from its samples on the receiving side.
sues, we propose a low-overhead, confidentiality-assured, and However, natural signals often have strong correlation and
authenticated data acquisition framework for IoT based on CS periodicity and therefore the sampling rate can be moderately
and cascade chaotic system (CCS), which can well address the reduced. As CS theory pointed out, the signal can still be
issues mentioned above. We introduce several key technologies efficiently reconstructed at a high probability under certain
including CCS-driven CS, CCS-driven local perturbation, and conditions if sampled at a lower rate than what the sampling
authentication mechanism. CCS-driven CS avoids the trans- theorem states [1]–[3]. The CS can exploit sampling and com-
mission of large-size measurement matrix and has the capacity pression simultaneously under sub-Nyquist rate and breaks
of low-complexity sampling and compression. Furthermore, the limitation of Nyquist sampling theorem. Meanwhile, the
CCS-driven local perturbation avoids the re-generation of compression operation can be integrated during the process
large-size measurement matrix for every sampling, instead, of signal sampling, which differs from a common sampling
only by slightly perturbing the original measurement matrix. and compression framework that acquires samples through
The local perturbation can attain the same security level as obeying Nyquist sampling theorem and subsequently performs
the whole generation. In the authentication mechanism, the the compression.
authentication password and the access password are designed Assume that there exists a one-dimensional (1D) signal x ∈
to cope with the passive tampering attack and the active RN and it can be sparsified by an N × N orthogonal matrix
tampering attack, respectively. Based on these three technolo- Ψ, where Ψ = [Ψ1 , Ψ2 , · · · , ΨN ]T . The sparsification process
gies, the proposed data acquisition framework overcomes the is formulated as
existing issues in the relevant works. In addition, the structure N
of permutation-diffusion is employed to encrypt the obtained
X
x= sj Ψij = Ψs, (1)
measurements to enhance the security. Theoretical analysis and j=1
3
where s is a vector of size N × 1. s is said to be K− sparse if III. S EVERAL K EY T ECHNOLOGIES

it contains K non-zero entries at most. In CS theory, one can In this section, several key technologies are introduced to be
exploit an M × N (M < N ) matrix that is incoherent with Ψ used in the data acquisition framework to ensure low overhead,
to linearly measure an original signal as follows confidentiality, and authentication.
y = fx = fΨs = Θs, (2)
A. CCS-Driven CS
where f and Θ (Θ = fΨ) are called the measurement matrix
and the sensing matrix, respectively. Θ is used for signal Compressive sensing can be regarded as a cryptosystem
reconstruction. Here, in order for a high-quality reconstruction when random measurement matrix is used as a key and this
from the measurements, the sensing matrix requires satisfying kind of cryptosystem has been widely investigated in [9], [11],
the restricted isometry property (RIP) [3] [13], [32]. In CS cryptosystem, the signal to be sampled and
2 2 2
the measurements sampled are the plaintext and ciphertext,
(1 − δK ) ksk2 ≤ kΘsk2 ≤ (1 + δK ) ksk2 , (3) respectively. The measurement process and the reconstruction
if there exists δK ∈ (0, 1) such that the above formula process correspond to the encryption algorithm and the decryp-
holds. As can be seen, the size of a signal is reduced to N tion algorithm, respectively. The CS cryptosystem belongs to
from M , therefore achieving signal sampling and compression a kind of private-key cipher but has some differences. For
simultaneously based on CS theory. Some common random example, the key of which the measurement matrix plays
measurement matrices include Gaussian matrix, Bernoulli ma- the role has much greater size than the plaintext, unlike the
trix, circulant matrix, etc. The theory of CS demonstrates that traditional private-key cipher in which the size of key is no
a high-dimensional signal, which is randomly sampled in the greater than that of the plaintext. In addition, the decrypted
encoder, can be reconstructed from very few high-dimensional ciphertext is not fully the same as the original plaintext due
measurements at the expense of high computation complexity to the reconstruction robustness of CS and the decryption has
in the decoder. Essentially, computational complexity is trans- a much higher computational complexity than the encryption.
ferred from the encoder to the decoder, which is very signicant The asymmetry of the complexity between the encryption side
for the resource-constrained sensing applications like IoT. and the decryption side is caused by the own structure of CS,
i.e., the low-complexity sampling is at the cost of the high
B. Cascade Chaotic System reconstruction complexity. In spite of the difference of the
decrypted ciphertext with the original plaintext, it does not
Chaos theory describes the pseudo-random behavior of dy- affect the practical use of the signal because of the redundancy.
namical systems. Chaotic system possesses the characteristics More importantly, it can make the CS encryption become a
of the sensitivity to initial conditions and values, unpredictabil- type of robust encryption, which is tolerant to a certain level
ity, ergodicity, etc. These characteristics, especially the sensi- of noise.
tivity to initial parameters, match well with the requirement However, a drawback is the size of key, which leads to
of the key sensitivity in cryptography. The high sensitivity an excess of transmission resources consumed, especially, to
means the large enough key space and the sequence generated frequently share the key between the encryption side and the
by the chaotic system has strong pseudo-randomness, which decryption side. To address this drawback, chaos-based CS
make it have tremendous potentials in the encryption aspect was introduced in [12], [17], [33]–[35]. The chaotic system
[28]–[30]. An excellent two-dimensional (2D) chaotic system is iterated many times to generate the sequence and then it is
called cascade chaotic system (CCS) [31] is formulated as assembled into a complete measurement matrix, which often

v1 v2 ci (1 − v2 ci ), ci < 0.5 has almost the same performance as Gaussian random matrix.
ci+1 = , (4)
v1 v2 (1 − ci )(1 − v2 (1 − ci )), ci ≥ 0.5 In our study, CCS is employed to control the generation of
where the system is chaotic when v1 ∈ [3.57, 4] and v2 ∈ Bernoulli matrix and then used for the measurement matrix.
(1, 2]. For a given initial parameter, the system needs to be first It avoids the transmission of the large-size measurement
iterated a certain number of times to generate more pseudo- matrix and saves the channel resources, since only the initial
random sequence when using the chaotic sequence. conditions of CCS including v1 ,v2 and c0 need to be shared
The CCS is a family of 2D chaotic maps by combining any between the encrytor and the decryptor. CCS-driven CS also
two existing 1D chaotic maps. It can overcome the limitation fully possesses the secrecy feature of CCS.
of chaotic performance of one-dimensional (1D) chaotic maps
and the implementation difficulty of high-dimensional chaotic B. CCS-Driven Local Perturbation
maps simultaneously. Compared with the existing chaotic Bernoulli matrix is taken as the measurement matrix f ,
maps, the CCS is more unpredictable and have better chaotic where each element fij ∈ [−1, +1], 1 6 i 6 M , 1 6 j 6 N .
performance, more parameters, and more complex chaotic In CCS-driven CS, each signal sampling requires re-generating
properties. Thus, it benefits chaos-based applications. In par- a measurement matrix according to traditional chaos-based CS
ticular, in the field of pseudorandom number generator, it can schemes. In other terms, each fij would be re-assigned, which
generate strong pseudorandom sequences and be potential in still leads to consuming too many resources due to generating
cryptographic applications. Specifically, two 1D chaotic maps such a large-scale measurement matrix every time. Meanwhile,
including Tent map and Logistic map, i.e., Tent-Logistic map, re-generating a Bernoulli matrix, in fact, only updates one-
are used in the proposed framework. half elements, since it can be understood as the fact that each
4
element −1 or +1 flips its sign at a one-half probability. the perturbation factor directly affects the security. Enlarging
Thus, some flipping operations are in vain and even energy- the perturbation factor can provide the larger number of mea-
wasting. To cope with this issue, we adopt the idea of local surement matrices, thereby better resisting similarity attack
perturbation inspired by multi-class CS encryption mode [10], and exhaustive attack. Yet, the larger δ means to sacrifice
in which a measurement matrix after the local perturbation is more energy. In practical use, there is a trade-off between
demonstrated to attain the same level of security assurance as security and energy. We select δ as small as possible in the
a re-generated measurement matrix when attackers perform premise of security guarantee, which is specifically discussed
the reconstruction with the measurement matrix before the in experiment.
local perturbation. Each measurement matrix generation only The proposed local perturbation algorithm is shown in
flips the signs of a small number of elements and it is easily Algorithm 1, in which f loor (·) represents the function of
understood as Fig. 1. Note that, the initial measurement matrix rounding down. The basic idea can be interpreted as the
shared between the encryptor and the decryptor can be fixed following procedures. Firstly, CCM is iterated with initial keys
and public, which differs traditional chaos-based CS schemes to generate a sequence {cLP 2δ
i }i=1 of length 2δ. Then the first
where it is generated by chaos. δ entries in this sequence is mapped to the interval [1, M ] and
the last δ entries is mapped to the interval [1, N ]. These two
newly mapped sequences {Cir }δi=1 and {Cic }δi=1 constitute δ
pairs (i0 , j 0 ) one-to-one that correspond to the indices of the
elements to be flipped in f. According these δ pairs, one
can perform the perturbation and finally obtain the perturbed
matrix fLP .
Algorithm 1 CCS-Driven Local Perturbation
Input: parameters v1LP ∈ [3.57, 4] and v2LP ∈ (1, 2], initial
value cLP
0 , perturbation factor δ, and original measurement
matrix.
Fig. 1. A schematic diagram for the local perturbation. Output: the perturbed measurement matrix f LP .
1: Iterate CCM with v1LP , v2LP , and cLP 0 to generate a
For the measurement matrix f, there exist 2M N different sequence {cLP 2δ
i }i=1 .
forms of matrices in theory, therefore the upper limit is 2: Calculate {Cir }δi=1 ← {f loor(cLP δ c δ
i ×M )+1}i=1 , {Ci }i=1
LP 2δ
2M N − 1 for the space of the measurement matrix locally ← {f loor(ci × N ) + 1}i=δ+1
perturbed. Assume the set of the perturbed matrix be repre- 3: for i ← 1 : δ
sented as Vf = {f1 , f2 , · · · , fT }, where fl , 1 ≤ l ≤ T , 4: i0 ← Cir , j 0 ← Cic
denotes the perturbed matrix and T stands for the cardinality 5: Flip f i0 ,j 0
of the set. Let δ entries flip in a matrix, then the number 6: end for
of perturbed matrices is CM δ 7: f LP ← f
N , meaning that the number of
any δ combinations in M N The cardinality of Vf is
entries.
M
PN δ
formulated as T = . However, in case of secu- C. Authentication Mechanism
δ=1 MN
rity, not all the perturbed matrices can be suitable for being Data tampering brings huge security risk for all intents
used as the measurement matrix, since some matrices slightly and purposes, since these data such as EVG and EMG are
perturbed are easily suffered from similarity attack that the closely bound up with people’s life and usage. Thus, it is
attackers reveal the plaintext using the original measurement essential to authenticate the received data to guarantee the
matrix. On the other hand, some of the perturbed matrices integrity. The traditional solution is to introduce message
when not following the Bernoulli distribution cannot be used authentication code (MAC) obtained from the original data, but
as the measurement matrix. Thus, the number Tf of effective to directly obtain MAC is impossible due to the particularity
matrices that are able to play the role of the measurement of CS. The best way is to generate MAC during the sampling
matrix in Tf will be declined. process. However, the standard MAC is still incompetent, since
Apparently, Tf is related to the perturbation factor δ. If an the avalanche effect requires the received data to be fully
encryption scheme
! specifies the perturbation factor, one have identical to the original data while the reconstructed data in CS
δ theory have some difference more or less with the real data.
Tf 6 . According to the property of the combination
MN Meanwhile, the non-linear operation in the standard MAC does
not mesh with the linear sampling mode. To this end, Wu
!
δ
increases as δ increases when δ ∈ 1, M2N

function, and Ruland proposed a novel authentication mechanism for
MN
CS imaging [23], [27] and this mechanism can well protect
δ ∈ M2N , M N . Accord-

and decreases as δ decreases when the integrity from tampering. Yet, the value order extraction
ingly, we only set δ ∈ 1, M2N by default from the viewpoint

! function in this authentication mechanism has a very high
δ computational complexity, which is impractical for resource-
of the key space. It can be observed from Tf 6 that
MN limited application scenarios.
5
In this paper, an efficient authentication mechanism based sensitivity of chaotic initial conditions and perturbation factor
on CCS is designed. The basic idea is to generate an authenti- determine the diversity of the access password, which has the
cation matrix and then exploit it to sampling the signal, just as effect of ‘one-time pad’. Secondly, the length of the access
the measurement matrix samples the signal. The sampled result password can be flexibly defined. For example, l = 256 and
is called authentication password used for authentication. The the data amount of 256 bits cannot lead to the burden for
details of the authentication matrix generation are shown communication. Meanwhile, the generation of access password
in Algorithm 2, in which several key points are illustrated is irreversible and this does not expose the information of the
as follows. Firstly, MAU represents the row number of the perturbed measurement matrix.
authentication matrix fAU , which is set to be much smaller
than 2K and M . λ1 and λ2 represent very small integers Algorithm 3 Access Password Generation
in the absolute form such as 2 and -3 and each element Input: the perturbed measurement matrix f LP .
of fAU is either λ1 or λ2 . The authentication sampling is Output: access password y AC .
fAU x and the generated authentication password is marked 1: f LP ← f LP + 1
as y AU . Apparently, the authentication matrix does not yield 2: for j ← 1 : N
the conditions of the measurement matrix regardless of the 3: πj ← f LP LP LP
1,j ⊕ f 2,j ⊕ · · · ⊕ f M,j
element value or the size so that the authentication sampling 4: end for
is a one-way process. 5: Ai ← π(i−1)×Ni +1 π(i−1)×Ni +2 · · · π(i−1)×N +Ni
6: ai ← Ai
Algorithm 2 CCS-Driven Authentication Matrix 7: y AC ← a1 |a2 · · · |al
Input: parameters v1AU ∈ [3.57, 4] and v2AU ∈ (1, 2], and
initial value cAU
0 .
Output: authentication matrix f AU .
1: Iterate CCM with v1AU , v2AU , and cAU to generate a IV. DATA ACQUISITION F RAMEWORK
0
N MAu
sequence {cAUi } i=1 . In this section, a low-overhead, confidentiality-assured, and
2: for i ← 1 : N MAu authenticated data acquisition framework for IoT is proposed,
3: if cAU
i < 0.5 which is based on the above mentioned techniques includ-
4: cAU
i ← λ1 ing CCS-driven CS, CCS-driven local perturbation, and au-
5: else thentication mechanism. The utilization of CCS-driven CS
6: cAU
i ← λ2 not only maintains the intrinsic characteristic of CS-based
7: end if low-complexity sampling, but also overcomes the defect of
8: end for transmitting large measurement matrix. Based on CCS-driven
N MAu
9: Rearrange {cAU i }i=1 to obtain C AU of size MAU × N local perturbation, one can build up the perturbed Bernoulli
from the upper left to the lower right. measurement used for data sampling, which not only protects
10: f AU ← C AU the data confidentiality because of CCS-based secrecy fea-
tures, but also further reduces the computation cost using the
Authentication is a passive post-defense behavior, as it can- local perturbation. Meanwhile, the authentication mechanism
not prevent tampering proactively. Some illegal users without is incorporated into the sampling process. The authentication
the decryption keys would possibly tamper the ciphertext in matrix and the perturbed measurement matrix are separately
some way when accessing it, although they cannot obtain the responsible for generating the authentication password and the
correct ciphertext through decryption. In order to be against access password to obstruct the tampering attack. Note that,
this active tampering attack, an accompanied access password for security consideration, the keys v1LP , v2LP , cLP AU AU
0 ,v1 , v2 ,
AU
for the authentication password needs to be designed. The and c0 should be updated for every sampling or at least
access password is allowed to be a very small size of random periodically. In addition, the proposed acquisition framework
character sequence no more than the size of the authentication can be used in many scenarios. For example, a possible
password. Taking into account the computation resources, overall service model framework is shown in Fig. 2, in which
we harness the perturbed measurement matrix to control the the acquired data are stored in media cloud. Authentication
generation of the access password, as is shown in Algorithm 3. password and access password can guarantee the security of
For the perturbed measurement matrix, each element is firstly data access for users such as traffic monitoring center, hospital,
added to 1. A binary sequence π of length N is generated and power plant.
by bit-wise XORing all the elements in each column. Further, The procedures of the proposed data sampling framework
this sequence is partitioned into l small sequences Ai of length are summarized as follows.
Nl , where Nl = [N/l], and each small sequence is converted Step 1. Invoke Algorithm 1 to output f LP .
into a hexadecimal number ai . Finally, the access password is AU
Step 2. Invoke Algorithm 2 toLPoutput
f . LP
output, i.e., y AC = a1 |a2 · · · |al . f y
Step 3. Acquire x with to output .
Algorithm 3 possesses two significant advantages. Firstly, f AU y AU
the access password is directly generated by using the ex- Step 4. Invoke Algorithm 3 to output y AC .
isting perturbed measurement matrix rather than adding new Moreover, the structure of permutation-diffusion is intro-
keys to construct new information. For every sampling, the duced to further encrypt the obtained measurements y LP , since
6
Fig. 2. The overall service model framework.
the linearity of CS is not secure enough. Permutation-diffusion Algorithm 4 CCS-Driven Permutation Matrices
is a classic structure widely used in encryption algorithms Input: parameters v1P ∈ [3.57, 4] and v2P ∈ (1, 2], initial value
[36]. Permutation focuses on permuting the locations of the cP L
0 , and identity matrices I , I
R
elements of y LP while diffusion is aimed at altering the values Output: left permutation matrix ΛL and right permutation
of the elements of y LP . Specifically, bilateral scrambling and matrix ΛR
bi-level masking are proposed for achieving permutation and 1: Iterate CCM with v1P , v2P , and cP
0 to generate a sequence
diffusion, respectively. The bilateral scrambling is formulated {CiP }4M
i=1
as 2: Calculate {CiP }4M P
i=1 ← {f loor(ci × M ) + 1}i=1
4M
Pj M
yPLP = ΛL y LP ΛR , (5) P 4M
3: Quarter {Ci }i=1 into four sequences {Ci }i=1 , j =
1, 2, 3, 4
where ΛL and ΛR represent left permutation matrix and right 4: for i ← 1 : M
permutation matrix, respectively, in which there is only one ‘1’ 5: iL ← CiP1 , j L ← CiP2 , iR ← CiP3 , j R ← CiP4
in both each row and each column and others are all ‘0’s [37]. 6: Exchange the iL th row and the j L th row in I L
The permuted result yPLP is further exploited by the bi-level 7: Exchange the iR th column and the j R th column in I R
masking 8: end for
LP
yP,D = αΥm . × yPLP + βΥα , (6) 9: ΛL ← I L , ΛR ← I R
LP
where .× denotes the dot product and yP,D is the final
encryption result. α and β are adjustment coefficients. Υm Algorithm 5 CCS-Driven Penalty Factors
and Υα are multiplicative penalty vector and additive penalty
vector, respectively. The generation of both permutation ma- Input: parameters v1D ∈ [3.57, 4] and v2D ∈ (1, 2], and initial
trices and penalty factors is controlled by CCM, as shown value cD0
in Algorithm 4 and Algorithm 5. To better understand the Output: multiplicative penalty vector Υm and additive
encryption operations including confidentiality-assured data penalty vector Υα
1: Iterate CCM with v1D , v2D , and cD
0 to generate a sequence
acquisition framework and subsequent permutation-diffusion
based encryption scheme, an encryption flow chart is visually {cD } 2M
i i=1
Dj M
2: Bisecting {cD 2M
i }i=1 into two sequences {ci }i=1 , j = 1, 2
depicted in Fig. 3. D1 M D2 M
3: Υm ← {ci }i=1 , Υα ← {ci }i=1
After finishing the encryption operations, one can send
LP
the encrypted result yP,D together with the corresponding
authentication password y , and access password y AC to
AU
media cloud for storage and management [38]. When a user and then the decrypted result is x̄ = Ψs̄. Solving this problem
LP
requires the data, he firstly acquires ȳP,D from the media can leverage many existing algorithms such as orthogonal
cloud through verifying the access password y AC . ȳP,DLP
is not matching pursuit [39], gradient projection [40], and nonconvex
LP LP
necessarily identical to yP,D , since the original yP,D has been minimization [41].
LP
possibly tampered. Thus, we let ȳP,D represent the acquired Furthermore, the user can calculate out the real authentica-
data from the media cloud. After verifying the legality, the tion password ȳ AU by using the following formula
LP
user decrypts ȳP,D through solving a optimization problem
LP
min s̄ ȳP,D = f LP Ψs̄ (7) ȳ AU = f AU x̄ (8)
7
Let ω be the computation precision, then the key space size

will be ω 9 . In general, this size is great enough to resist the
exhaustive attack. For example, ω = 1016 , then the size is
ω 9 = 1016×9 > 2432 .
C. Further Discussions on Local Perturbation

The local perturbation method mentioned above resorts to
additional incentive mechanism by virtue of CCS. There also
exist some adaptive methods that only rely on the in-house
information of the measurement matrix to achieve the local
perturbation. Two alternatives are presented in the followings.
One alternative is subblock permutation perturbation. Assume
Fig. 3. The flow chart of sampling framework. that f S1 , f S2 are two subblocks from the original mea-
surement matrix f and they can be randomly selected and
are equal in size. They can be exchanged with each other,
and authenticate whether the difference value
which can be understood in Fig. 4. The subblock permutation
vAU = ρ ȳ AU − y AU 1 < v̂AU

(9) perturbation is finally achieved by selecting and exchanging
one or more pairs of such subblocks. The other alternative is
or not, where ρ is an adjustment coefficient and k·k1 represents subblock diffusion perturbation. As such, there are two sub-
L1 norm. The threshold value v̂AU is determined by the blocks f S1 , f S2 . Each element f Si,j1 in f S1 is re-assigned as
empirical knowledge. The reconstruction cannot recover the
a new value that is a product of f Si,j1 and f Si,j2 , as illustrated in
original signal absolutely and thus there is always some
Fig. 5. The subblock diffusion perturbation is finally realized
difference between x̄ and x more or less. The threshold value
by processing one or more pairs of such subblocks. However,
v̂AU should be set to be a very small number rather than zero.
these two perturbation methods cannot control the perturbation
If vAU ≥ v̂AU , we affirm that the tamper cannot be tolerated
factor δ accurately in advance, since they need to calculate the
and ρ is able to help adjust the toleration degree.
factor afterwards passively. Meanwhile, the perturbation effect
does not possess the globality due to the operation between
V. T HEORETICAL A NALYSIS subblocks. They can attain a quick but rough perturbation
A. Complexity Analysis effect and can be adopted when no longer requiring an accurate
In the sampling framework, the complexities of four steps, perturbation factor in advance.

in turn, are O (τ M N ), O M AU N , O M + M AU N ,
and O (M N ), respectively, where τ represents the perturbation
rate of the perturbation factor δ to the total number M N of
the elements in f, i.e., τ = δ/M N . The total complexity
is O (M N ) and thus the proposed sampling framework still
mains the low-complexity feature that CS itself possesses.
In the permutation-diffusion structure, their complexities are
both O (N ), and this means that the introduced encryption
does not lead to the increase of the complexity but ensures
a high security level. For the decryption (reconstruction), the
complexity is often high and is determined by CS itself. If the Fig. 4. A schematic diagram for the subblock permutation perturbation.
user’s computation resource is limited, he or she outsources the
reconstruction process to the platform like public clouds with
abundant resource (in a privacy-preserving possibly), which
is not our focus and is out of this work. The complexity of
authentication is O (M N ) and it is acceptable for the user.
B. Key Size Analysis

In the overall service model framework, all the keystreams
are always controlled by CCS and the security depends on
the initial conditions of CCS. All the keys involved are the
initial conditions v1LP , v2LP , cLP
0 in the perturbation, the initial
Fig. 5. A schematic diagram for the subblock diffusion perturbation.
conditions v1AU , v2AU , cAU 0 in the authentication, the initial
conditions v1P , v2P , cP 0 in the permutation, and the initial
conditions v1D , v2D , cD in the diffusion. The authentication key VI. P ERFORMANCE A NALYSIS
0
does not belong to the encryption key and thus the encryption Low-performance hardware and software platforms can
keys consist of v1LP , v2LP , cLP P P P D D D
0 , v1 , v2 , c0 , v1 , v2 , and c0 . better cater to the real environment in IoT. Accordingly,
8
TABLE I the MSE is increased to 22793 correspondingly. Without the

AUTHENTICATION R ESULTS perturbation, the PSNR and MSE of the reconstructed image
are 32.4539 dB and 36.9566, respectively. Thus, a reasonable
Images Difference value Results
perturbation rate can be selected between 10% and 15%.
Fireballon 8.7977 −
Tampered by adding a big balloon 105.5779 Success
The ECG signal is tested at the perturbation rates 0.1%,
Tampered by adding a small balloon 30.4498 Success 1%, and 5%. The results are shown in Fig. 7. Both the
Tampered by adding a kite 95.7146 Success original signal and the corresponding reconstructed signal
Tampered by adding a hide kite 46.3625 Success
also appear in a single figure for the convenience of visual
comparison, as shown in Figs. 7(a, b, c). It can be found that
the reconstruction quality of ECG signal is rapidly declined
the computer processor AMD a6-3420m (2GB RAM) and with a tiny perturbation. When the perturbation rate is greater
MATLAB2011b are adopted. To richly investigate the perfor- than 1%, the ARSNR will be reduced to 15.1192 below and
mance of the proposed framework, two kinds of representative the reconstructed ECG exhibits a severe distortion. Without
data are tested, i.e., 256×256 image “fire balloon” and ECG the perturbation, the ARSNR of the reconstructed image is
data from MIT PhysioNet database (No. 0109). Experimental 25.0648 dB. Hence, the perturbation rate for ECG can be
analyses include local perturbation analysis and authentication restricted to a low-value range.
analysis. For the electronic power data, 86 values (unit: watt) are
selected from meters and each one is a mean value with
A. Local Perturbation Analysis one-minute time interval. Figs. 8(a-c) respectively display the
A reasonable perturbation degree should be set in practical original electronic power data, the difference value of elec-
application. A very small degree of perturbation is possibly tronic power with one minute, and the reconstructed electronic
insecure against illegal eavesdroppers who get useful knowl- power data. It can be deduced from Fig. 8(c) that the electric
edge of plaintext using the original measurement matrix to meter data can be well reconstructed by utilizing the difference
decrypt the ciphertext. On the other hand, a too large degree values with the sparsity in time domain. In addition, observing
of perturbation would result in the waste of computation Fig. 8(b) can get knowledge that the largest spike signal occurs
resource, losing the value of local perturbation. The sampling in the horizontal axis value ‘11’. Through looking up the
rate is fixed as 50% and then we explore the effect of electric meter ID database, one can find that this spike signal
different perturbation rates τ to the reconstructed image that is caused by the printer. Other several spike values come
is recovered by using the original measurement matrix. The from hardware devices like network server. It coincides with
effect for three kinds of data is assessed by PSNR and MSE practical power application scenarios, since these devices have
[42], ARSNR [10], and MAE [43], respectively, defined as the feature of peak load concentration while for other devices
such as common lamps, the electric quantity consumption has
2552
P SN R = 10log10 N1 PN2
, an uniform change with time. Figs. 8(d-f) respectively display
1
P 2 the reconstructed difference values of electronic power with
N1 ×N2 [x̄image (i, j) − ximage (i, j)] different perturbation rates. It can be easily know that a slight
i=1 j=1
(10) perturbation, e.g., 1%, gives rise to a big deviation. Therefore,
N1 X N2 to set a slight perturbation is enough for the electronic power
1 X 2
M SE = [x̄image (i, j) − ximage (i, j)] , data.
N1 × N2 i=1 j=1
The above experimental results focus on the sampling
(11)
ECG 2 ! rate 50%. For different rates, the setting of perturbation rate
x
ARSN R = 10log10 2
2 , (12) requires further adjustment through empirical analyses. To
kx̄ECG − xECG k2 sum up, the setting of perturbation rate changes with different
sampling rates and different kinds of signals in practical. It
L
1 X x̄meter − xmeter ,
is verified that only the local perturbation of the original
M AE = (13)
N3 i=1 1 measurement matrix for each sampling, instead of regenerating
the measurement matrix, maintains the same security level
where x̄image , x̄ECG , and x̄meter represent the reconstructed whereas saves large amount of computation resources.
signals and ximage , xECG , and xmeter correspond to the
original signals. N1 × N2 represents the size of image. N3
is the number of tested ammeters. B. Authentication Analysis
For the fire balloon image, the perturbation rate is taken The fire balloon tampered is used to validate the effec-
as 1%, 5%, 10%, 15%, 20%, and 25%, and the reconstructed tiveness of the proposed authentication mechanism, since it
images are shown in Fig. 6. As can be seen from Fig. 6, is more convenient for perceptual intuition, as shown in Fig.
the reconstructed image is almost unintelligible when the 9, in which the fire balloon is tampered by adding big fire
perturbation rate is greater than 10%. One cannot speculate balloon, small fire balloon, kite, and hide kite, respectively.
the useful information from the reconstructed image when The authenticated results are listed in Table I. Without the
the perturbation rate reaches 15%. Besides, the PSNR is tamper, the difference value is 8.7977, thus the threshold
quickly decreased to 4.5529 for the perturbation rate 10% and value v̂AU can be set to 10. If the different value is greater
9
(a) (b) (c) (d) (e) (f)

Fig. 6. Reconstructed images with different perturbation rates (a) 1%-20.3781 dB-596.0328, (b) 5%-10.1236 dB-6320.1, (c) 10%-4.5529 dB-22793, (d)
15%-1.7765 dB-43195, (e) 20%-0.9727 dB-51977, and (f) 25%-0.3059 dB-60602.
150 200 300

Reconstruction Reconstruction Reconstruction
100 Original Original Original
200
100
50
0 100
0
-50
ECG Value
ECG Value
ECG Value
0
-100 -100
-100
-150
-200
-200 -200
-250
-300
-300
-300
-350 -400 -400

0 200 400 600 800 1000 1200 0 200 400 600 800 1000 1200 0 200 400 600 800 1000 1200
Sampling Point Sampling Point Sampling Point
(a) (b) (c)

Fig. 7. Reconstructed ECG signals with different perturbation rates (a) 0.1%-21.0761 dB, (b) 1%-15.1192 dB, and (c) 5%-7.9758 dB.
900 100 900

Reconstruction
800 800 Original
80
Difference Value Of Electronic Power
700 700
Original Electronic Power Data
Electronic Power Data
600 60 600
500 500
40
400 400
300 20 300
200 200
0
100 100
0 -20 0
0 10 20 30 40 50 60 70 80 90 0 10 20 30 40 50 60 70 80 90 0 10 20 30 40 50 60 70 80 90
Electronic Meter ID Electronic Meter ID Electronic Meter ID
(a) (b) (c)

100 100 100
Reconstruction Reconstruction Reconstruction
Original Original Original
80
80
60
60 50
40
40
20
20 0
0
0
-20
-20 -40 -50

0 10 20 30 40 50 60 70 80 90 0 10 20 30 40 50 60 70 80 90 0 10 20 30 40 50 60 70 80 90
Electronic Meter ID Electronic Meter ID Electronic Meter ID
(d) (e) (f)

Fig. 8. Original and reconstructed electrical power data with different perturbation rates (a) original electronic power data, (b) difference value of electronic
power with one minute, (c) reconstructed electronic power data without perturbation, (d) reconstructed data with 1% perturbation rates, (e) reconstructed data
with 15% perturbation rates, and (f) reconstructed data with 30% perturbation rates.
10
TABLE II
T HE ACCESS PASSWORD TEST
Perturbation rates 0.01% 0.1% 1% 5% 10% 20% 30%

780882C6 780882C6 78000EC6 240A6B5C 069C1AE0 98E4D2BB B07BA31C 3306ECDF
D3912E9E D3812E9E D3D1AF9A 8AE88E8D 9D15F761 909E5613 C778CC99 979548D5
6BF27A9B 6BF27A9B 6BE27A9B 224E663E 080E2E78 21DFF11E 25B31BA2 725E7524
B956A7BA B956A7BA B956B7BA F5FFA33F 2BDEF06F CF2EC346 E2EA6787 3C61D8ED
Access password
5FDE81DB 5FDF81DB 7F4E83CB D34ADE88 38D0BFD1 85EE6CA9 89AAFA71 F46B4103
C394F691 C394F691 E39C7791 875CB097 109A1BF2 A841AA7E 06D72E17 09036C4A
9C429A83 9C429A83 9C4ADE01 11501A94 9D09D896 241C4212 A12C67DC 7B3A33ED
8BAEE0D8 8BAEE8D8 8B8E64C0 25AAE878 CE0340C6 3A188A52 8B76480F 22BE90DD
Change rate 4.6875% 42.1875% 89.0625% 93.75% 93.75% 93.75% 89.0625%
(a) (b) (c) (d)

Fig. 9. Tampered fire balloon by adding (a) big fire balloon, (b) small fire balloon, (c) kite, and (d) hide kite.
than this threshold value, then it is demonstrated that the fire can be divided into three aspects for comparison in terms of
balloon has been ever tampered. As shown in Table I, four overhead, confidentiality, and authentication. The results of
kinds of tamper are successfully found. However, in general, comprehensive comparison are shown in Table III. It can be
the threshold value cannot be exactly defined because of the seen from Table III, relevant research usually involves only one
robustness of CS, especially for different sampling rates and or two of three characteristics while the proposed framework
various kinds of images. Therefore, the threshold value is an possesses these three characteristics simultaneously.
empirical value through a great number of tests in a specific
The authors in [4]–[8], [14]–[22] claimed the low-overhead
application scenario and it is suitable for heavy tampering.
data sampling because of the utilization of CS. In fact, the
The access password is from the perturbed measurement
overhead problem of generating the measurement matrix once
matrix and thus requires test in terms of different perturbation
still existed in these works, since the key management leads
rates. The rest results are shown in Table II, in which the
to huge energy consumption. In the references [4]–[8], [14]–
output of assess password is 256 bits. When the perturba-
[22], a hundred percent of entries in the measurement matrix
tion rates are 0.01%, 0.1%, 1%, 5%, 10%, 20%, and 30%,
require re-generation for each sampling, but it is enough for
the rates of change from the original access password are
the proposed framework to only update a small percentage of
4.6875%, 42.1875%, 89.0625%, 93.75%, 93.75%, 93.75%,
entries with the help of the local perturbation theory while not
and 89.0625%, respectively. It indicates the sensitive change of
compromising the confidentiality. The specific comparisons
access password even if the perturbation rate is 0.01% and the
can be referred to Table IV, in which the existing works
proactive tampering attack can be easily prevented. Moreover,
require 100% entry update in the measurement matrix for
the line graph of perturbation and access password is depicted
different types of data while the proposed framework keeps a
in Fig. 10. As can be inferred from Fig. 10, the rate of change
tiny percentage as a whole. Thus, the overhead can be further
has a weakening trend with the perturbation rate. As before,
reduced drastically.
the recommended range of the reasonable perturbation rate is
[0.1, 0.15]. The perturbation rate of the measurement matrix is With respect to the confidentiality guarantee, the references
usually larger than this range and the access password is fully [4]–[8] did not consider it and the references [14]–[22] con-
effective in actual range. sidered the confidentiality-preserving data acquisition. The
references [14], [16], [19]–[22] are only based on the secrecy
of CS sampling. To enhance the secrecy, the authors in [15],
C. Comparative Analysis of the Relevant Works [17], [18] introduced the permutation-diffusion encryption
The proposed data acquisition framework simultaneously operation after the CS sampling. However, the introduced
possesses three characteristics including low overhead, confi- operation should not lead to the excessive overhead and thus
dentiality guarantee, and effective authentication. The relevant a lightweight permutation-diffusion mode is appropriate to
works involve the references [4]–[8], [14]–[23], [27], which balance confidentiality and overhead. The references [15], [17]
11
90 100
80
Changing Rate Of Authentication Password

Changing Rate Of Authentication Password
98
70
96
60
50 94
40 92
30
90
20
88
10
0 86
0 0.2 0.4 0.6 0.8 1 0 10 20 30 40 50
Perturbation Rate Perturbation Rate
(a) (b)
Fig. 10. The line graph between perturbation and access password.
TABLE III
A L IST OF C HARACTERISTIC C OMPARISON OF R ELEVANT W ORKS
Low overhead Confidentiality guarantee Effective authentication

[4]–[8] ! # #
[14]–[22] ! ! #
[23], [27] # # !
The proposed framework ! ! !
TABLE IV
T HE P ERCENTAGE OF E NTRIES IN THE M EASUREMENT M ATRIX FOR E ACH S AMPLING
Image signals ECG signals Electrical power data

[4]–[8], [14]–[22] 100% 100% 100%
The proposed framework 10%∼15% 1%∼5% 5%∼10%
utilized time-consuming nonlinear exclusive OR operations and the confidentiality is validated by both key size analysis
for better encryption effect. Both the reference [18] and the theoretically and local perturbation analysis experimentally.
proposed framework adopted the real-time linear processing The authentication effect is shown in the experimental authen-
structure while not compromising the encryption effect. There- tication analysis.
fore, the proposed framework has a good trade-off between
confidentiality and overhead. VII. C ONCLUDING R EMARKS
The references [4]–[8], [14]–[22] cannot detect the tamper-
In this work, we have proposed a low-overhead,
ing behaviours, since the authentication mechanism is miss-
confidentiality-assured, and authenticated media data acqui-
ing. The references [23], [27] introduced the authentication
sition framework for IoT based on CS and CCS. Firstly,
mechanism, but no low-overhead and confidentiality-assured
three technologies including CCS-driven CS, CCS-driven local
techniques are involved. Meanwhile, compared with [23], [27],
perturbation, and authentication mechanism have been intro-
the proposed framework designed a new access password in
duced. Based on these three technologies, a novel sampling
the authentication mechanism to actively resist the tampering
framework and an overall service framework have been de-
attack.
signed, where the permutation-diffusion based encryption is
To sum up, the present data acquisition framework for used for security enhancement. Theoretical analyses verify that
IoT is the first work that simultaneously takes overhead, the proposed sampling framework has a very low computation
confidentiality, and authentication into consideration. The low complexity and has a very large key space. Meanwhile, there
overhead is verified by the theoretical complexity analysis, are two alternative local perturbation methods discussed. In
12
experimental analyses, it was shown that the local perturba- [20] J. Choi, K. Lee, Y. Lee, and N. Y. Yu, “Secure compressive random
tion of the original measurement matrix maintains the same access for meter reading in smart grid using multi-antenna access point,”
in IEEE Int. Conf. Smart Grid Commun. (SmartGridComm). IEEE,
security level as the re-generation of the measurement matrix 2016, pp. 116–121.
whereas saving large amount of computation resources. The [21] S.-Y. Chiu, H. H. Nguyen, R. Tan, D. K. Yau, and D. Jung, “JICE: Joint
authentication is effective to prevent the passive tampering data compression and encryption for wireless energy auditing networks,”
in 12th Annual IEEE Int. Conf. Sens. Commun. Network. (SECON).
attack and the active tampering attack separately by using the IEEE, 2015, pp. 453–461.
authentication password and the access password. In brief, [22] R. Tan, S.-Y. Chiu, H. H. Nguyen, D. K. Yau, and D. Jung, “A joint
theoretical and experimental analyses verify low overhead, data compression and encryption approach for wireless energy auditing
networks,” ACM Trans. Sensor Networks (TOSN), vol. 13, no. 2, p. 9,
confidentiality, and effective authentication. 2017.
[23] T. Wu and C. Ruland, “Authenticated compressive sensing imaging,” in
Int. Symp. Network. Comput. Commun. (ISNCC). IEEE, 2017, pp. 1–6.
R EFERENCES [24] M. Tagliasacchi, G. Valenzise, and S. Tubaro, “Hash-based identification
of sparse image tampering,” IEEE Trans. Image Process., vol. 18, no. 11,
[1] E. J. Candès, J. Romberg, and T. Tao, “Robust uncertainty principles: pp. 2491–2504, 2009.
Exact signal reconstruction from highly incomplete frequency informa- [25] X. Zhang, Z. Qian, Y. Ren, and G. Feng, “Watermarking with flexible
tion,” IEEE Trans. Inf. Theory, vol. 52, no. 2, pp. 489–509, 2006. self-recovery quality based on compressive sensing and compositive
[2] D. L. Donoho, “Compressed sensing,” IEEE Trans. Inf. Theory, vol. 52, reconstruction,” IEEE Trans. Inf. Forensics Security, vol. 6, no. 4, pp.
no. 4, pp. 1289–1306, 2006. 1223–1232, 2011.
[3] E. J. Candès and T. Tao, “Decoding by linear programming,” IEEE [26] Y. Li and P. Wang, “Robust image hashing based on low-rank and
Trans. Inf. Theory, vol. 51, no. 12, pp. 4203–4215, Dec. 2005. sparse decomposition,” in Proc. IEEE Int. Conf. Acoustics Speech Signal
[4] Y. Zheng, N. Cao, T. Wimalajeewa, and P. K. Varshney, “Compressive Process. (ICASSP). IEEE, 2016, pp. 2154–2158.
sensing based probabilistic sensor management for target tracking in [27] T. Wu and C. Ruland, “An improved authenticated compressive sensing
wireless sensor networks,” IEEE Trans. Signal Process., vol. 63, no. 22, imaging,” in Proc. IEEE 12th Int. Conf. Semantic Comput. (ICSC).
pp. 6049–6060, 2015. IEEE, 2018, pp. 164–171.
[5] H. Zhu, M. Zhang, Y. Suo, T. D. Tran, and J. Van der Spiegel, “Design of [28] F. Chen, K.-W. Wong, X. Liao, and T. Xiang, “Period distribution of
a digital address-event triggered compressive acquisition image sensor,” generalized discrete arnold cat map for n = pe ,” IEEE Trans. Inf.
IEEE Trans. Circuits Syst. I: Regular Papers, vol. 63, no. 2, pp. 191–199, Theory, vol. 58, no. 1, pp. 445–452, 2012.
2016. [29] G. Millérioux, J. M. Amigó, and J. Daafouz, “A connection between
[6] G. Yang, V. Y. Tan, C. K. Ho, S. H. Ting, and Y. L. Guan, “Wireless chaotic and conventional cryptography,” IEEE Trans. Circ. syst. I
compressive sensing for energy harvesting sensor nodes,” IEEE Trans. Regular papers, vol. 55, no. 6, p. 1695, 2008.
Signal Process., vol. 61, no. 18, pp. 4491–4505, 2013. [30] Z. Hua and Y. Zhou, “Image encryption using 2D Logistic-adjusted-Sine
[7] X. Wu, Y. Xiong, P. Yang, S. Wan, and W. Huang, “Sparsest random map,” Inf. Sci., vol. 339, pp. 237–253, 2016.
scheduling for compressive data gathering in wireless sensor networks,” [31] Y. Zhou, Z. Hua, C.-M. Pun, and C. P. Chen, “Cascade chaotic system
IEEE Trans. Wireless Commun., vol. 13, no. 10, pp. 5867–5877, 2014. with applications,” IEEE Trans. Cybernetics, vol. 45, no. 9, pp. 2001–
[8] Z. Qin, J. Fan, Y. Liu, Y. Gao, and G. Y. Li, “Sparse representation 2012, 2015.
for wireless communications: A compressive sensing approach,” IEEE [32] T. Bianchi and E. Magli, “Analysis of the security of compressed sensing
Signal Process. Mag., vol. 35, no. 3, pp. 40–58, 2018. with circulant matrices,” in IEEE Int. Workshop Inf. Forensics Security
[9] Y. Rachlin and D. Baron, “The secrecy of compressed sensing mea- (WIFS). IEEE, 2014, pp. 173–178.
surements,” in Proc. 46th Ann. Allerton Conf. Comm. Contr. Comput. [33] L. Yu, J. P. Barbot, G. Zheng, and H. Sun, “Compressive sensing with
IEEE, 2008, pp. 813–817. chaotic sequence,” IEEE Signal Process. Lett., vol. 17, no. 8, pp. 731–
[10] V. Cambareri, M. Mangia, F. Pareschi, R. Rovatti, and G. Setti, “Low- 734, 2010.
complexity multiclass encryption by compressed sensing,” IEEE Trans. [34] N. Zhou, S. Pan, S. Cheng, and Z. Zhou, “Image compression–
Signal Process., vol. 63, no. 9, pp. 2183–2195, 2015. encryption scheme based on hyper-chaotic system and 2D compressive
[11] L. Y. Zhang, K.-W. Wong, Y. Zhang, and J. Zhou, “Bi-level protected sensing,” Opt. Laser Techno., vol. 82, pp. 121–133, 2016.
compressive sampling,” IEEE Trans. Multimed., vol. 18, no. 9, pp. 1720– [35] H. Gan, Z. Li, J. Li, X. Wang, and Z. Cheng, “Compressive sensing using
1732, 2016. chaotic sequence based on chebyshev map,” Nonlinear Dyn., vol. 78,
[12] Y. Zhang, J. Zhou, F. Chen, L. Y. Zhang, K.-W. Wong, X. He, and no. 4, p. 2429–2438, 2014.
D. Xiao, “Embedding cryptographic features in compressive sensing,” [36] Z.-L. Zhu, W. Zhang, K.-W. Wong, and H. Yu, “A chaos-based sym-
Neurocomput., vol. 205, pp. 472–480, 2016. metric image encryption scheme using a bit-level permutation,” Inf. Sci.,
[13] T. Bianchi, V. Bioglio, and E. Magli, “Analysis of one-time random vol. 181, no. 6, pp. 1171–1186, 2011.
projections for privacy preserving compressed sensing,” IEEE Trans. [37] H. V. Henderson and S. R. Searle, “The vec-permutation matrix, the vec
Inf. Forensics Security, vol. 11, no. 2, pp. 313–327, 2016. operator and kronecker products: A review,” Linear Multilinear Algebra,
[14] W. Xue, C. Luo, G. Lan, R. K. Rana, W. Hu, and A. Seneviratne, vol. 9, no. 4, pp. 271–288, 1981.
“Kryptein: a compressive-sensing-based encryption scheme for the in- [38] C. Wang, B. Zhang, K. Ren, and J. M. Roveda, “Privacy-assured
ternet of things,” in Proc. 16th ACM/IEEE Int. Conf. Inf. Process. Sensor outsourcing of image reconstruction service in cloud,” IEEE Trans.
Networks (IPSN), 2017, pp. 169–180. Emerg. Topics Comput., vol. 1, no. 1, pp. 166–177, 2013.
[15] Y. Zhang, Q. He, Y. Xiang, L. Y. Zhang, B. Liu, J. Chen, and Y. Xie, [39] J. A. Tropp and A. C. Gilbert, “Signal recovery from random measure-
“Low-cost and confidentiality-preserving data acquisition for internet of ments via orthogonal matching pursuit,” IEEE Tran. Inf. Theory, vol. 53,
multimedia things,” IEEE Internet Things J., vol. 5, no. 5, pp. 3442– no. 12, pp. 4655–4666, 2007.
3451, 2018. [40] M. A. Figueiredo, R. D. Nowak, and S. J. Wright, “Gradient projection
[16] R. Dautov and G. R. Tsouri, “Securing while sampling in wireless for sparse reconstruction: Application to compressed sensing and other
body area networks with application to electrocardiography,” IEEE J. inverse problems,” IEEE J. Selec. Top. Signal Process., vol. 1, no. 4,
Biomedical Health Inf., vol. 20, no. 1, pp. 135–142, 2016. pp. 586–597, 2007.
[17] H. Peng, Y. Tian, J. Kurths, L. Li, Y. Yang, and D. Wang, “Secure and [41] R. Chartrand, “Exact reconstruction of sparse signals via nonconvex
energy-efficient data transmission system based on chaotic compressive minimization,” IEEE Signal Process. Lett., vol. 14, no. 10, pp. 707–
sensing in body-to-body networks,” IEEE Trans. Biomedical Circ. Syst., 710, 2007.
vol. 11, no. 3, pp. 558–573, 2017. [42] A. Hore and D. Ziou, “Image quality metrics: PSNR vs. SSIM,” in Proc.
[18] L. Li, L. Liu, H. Peng, Y. Yang, and S. Cheng, “Flexible and secure 20th Int. Conf. Pattern Recogn. (ICPR). IEEE, 2010, pp. 2366–2369.
data transmission system based on semitensor compressive sensing in [43] E. J. Coyle and J.-H. Lin, “Stack filters and the mean absolute error
wireless body area networks,” IEEE Internet Things J., vol. 6, no. 2, pp. criterion,” IEEE Trans. Acoustics Speech Signal Process., vol. 36, no. 8,
3212–3227, 2019. pp. 1244–1254, 1988.
[19] J. Gao, X. Zhang, H. Liang, and X. S. Shen, “Joint encryption and
compressed sensing in smart grid data transmission,” in IEEE Global
Commun. Conf. (GLOBECOM). IEEE, 2014, pp. 662–667.
13
Yushu Zhang (M’17) received the Ph.D. Degree Yong Xiang (SM’12) received the Ph.D. degree in
from the College of Computer Science, Chongqing the Electrical and Electronic Engineering from The
University, Chongqing, China, in Dec. 2014. He University of Melbourne, Australia. He is a Profes-
held various research positions at the City University sor at the School of Information Technology, Deakin
of Hong Kong, Southwest University, University University, Australia. His research interests include
of Macau, and Deakin University. He is now a information security and privacy, signal and image
Professor with College of Computer Science and processing, data analytics and machine intelligence,
Technology, Nanjing University of Aeronautics and Internet of Things, and blockchain. He has published
Astronautics, China. His research interests include 5 monographs, over 140 refereed journal articles,
multimedia security, artificial intelligence, cloud and numerous conference papers in these areas. He
computing security, big data security, IoT security, is the Senior Area Editor of IEEE Signal Processing
and blockchain. He is an Editor of Signal Processing. Letters and the Associate Editor of IEEE Access. He has served as Honorary
Chair, Program Chair, TPC Chair, Symposium Chair, and Track Chair for a
number of international conferences.
Qi He is currently pursuing the Ph.D. degree in the

School of Cyber Science and Technology, Beihang
University, Beijing, China. His research interests in-
clude multimedia security, cloud computing security,
big data security, and IoT security.
Guo Chen received the Ph.D. degree in Electrical

Engineering from the University of Queensland,
Brisbane, Australia in 2010. Now he is an UNSW
Scientia Fellow and Lecturer at School of Electrical
Engineering and Telecommunications, the Univer-
sity of New South Wales, Sydney, Australia. Previ-
ously, he held academic positions at the Australian
National University, the University of Sydney, and
the University of Newcastle. His research interests
include sustainable energy system modelling, artifi-
cial intelligence and neural networks, optimization
and control, and their applications in smart grid and smart home. He is
an editor of IEEE Transactions on Smart Grid. He was the recipient of the
Australian Research Council Discovery Early Career Researcher Award (ARC
DECRA) Fellowship during 2016-2018.
Xinpeng Zhang received the B.S. degree in com-

putational mathematics from Jilin University, China,
in 1995, and the M.E. and Ph.D. degrees in com-
munication and information system from Shanghai
University, China, in 2001 and 2004, respectively.
Since 2004, he was with the faculty of the School
of Communication and Information Engineering,
Shanghai University, where he is currently a Pro-
fessor. He is also with the faculty of the School of
Computer Science, Fudan University. He was with
The State University of New York at Binghamton as
a Visiting Scholar from 2010 to 2011, and also with Konstanz University as
an experienced Researcher, sponsored by the Alexander von Humboldt Foun-
dation from 2011 to 2012. His research interests include multimedia security,
image processing, and digital forensics. He has published over 200 papers in
these areas. He was an Associate Editor of the IEEE TRANSACTIONS ON
INFORMATION FORENSICS AND SECURITY from 2014 to 2017.

SG 1

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

SG 1

Caricato da

Copyright:

Formati disponibili

This article has been accepted for publication in a future issue of this journal, but has not been

A Low-Overhead, Confidentiality-Assured, and

I n the present era of Big Data and Artificial Intelligence,

where s is a vector of size N × 1. s is said to be K− sparse if III. S EVERAL K EY T ECHNOLOGIES

Fig. 2. The overall service model framework.

Let ω be the computation precision, then the key space size

C. Further Discussions on Local Perturbation

B. Key Size Analysis

TABLE I the MSE is increased to 22793 correspondingly. Without the

(a) (b) (c) (d) (e) (f)

150 200 300

-350 -400 -400

(a) (b) (c)

900 100 900

Electronic Power Data

(a) (b) (c)

Difference Value Of Electronic Power

Difference Value Of Electronic Power

-20 -40 -50

(d) (e) (f)

Perturbation rates 0.01% 0.1% 1% 5% 10% 20% 30%

(a) (b) (c) (d)

Changing Rate Of Authentication Password

Low overhead Confidentiality guarantee Effective authentication

Image signals ECG signals Electrical power data

Qi He is currently pursuing the Ph.D. degree in the

Guo Chen received the Ph.D. degree in Electrical

Xinpeng Zhang received the B.S. degree in com-

Potrebbero piacerti anche