Md Zakirul Alam Bhuiyan’s research while affiliated with Fordham University and other places

Detecting anomalous users in social networks is an imperative but challenging task. The increasing complexity of inter-personal behaviors and interactions further complicates the development of effective user anomaly detection techniques. Current state-of-the-art methods heavily rely on static personal features, making it difficult to quantify the hidden relevance of user behaviors through traditional feature engineering. This loss of accuracy is exacerbated by the rise of sophisticated camouflage and disguising techniques, which blur the distinction between anomalous and regular users. In this paper, we present GNNRI, an innovative framework for detecting anomalous users in social networks. Our approach leverages a network representation learning model and a heterogeneous information network (Hin) to explore hidden semantic connections from user metadata, tweets, and interaction information. We extract both user metadata and behavioral features to construct a Hin and introduce two distinct learning layers to explore explicit and implicit user relevance. First, we employ a relation-based self-attention layer to aggregate neighbor node closeness under specific relations and across different relationships. Subsequently, we apply graph convolution network-based convolutional learning layers, which enhance embedding effectiveness by capturing graph-wide node similarity. We evaluate GNNRI using real-world datasets, and our results demonstrate that it outperforms all other comparative baselines, achieving approximately 90% accuracy for user classification, with a 5–15% improvement over other GNN variants. Notably, even when using only 20% of the data for training, GNNRI achieves 87.8%, 86.57%, and 87.1% accuracy for detecting zombies, spammers, and bots, respectively.

As one of the major threats to the current DeFi (Decentralized Finance) ecosystem, reentrant attack induces data inconsistency of the victim smart contract, enabling attackers to steal on-chain assets from DeFi projects, which could terribly do harm to the confidence of the blockchain investors. However, protecting DeFi projects from the reentrant attack is very difficult, since generating a call loop within the highly automatic DeFi ecosystem could be very practicable. Existing researchers mainly focus on the detection of the reentrant vulnerabilities in the code testing, and no method could promise the non-existent of reentrant vulnerabilities. In this paper, we introduce the database lock mechanism to isolate the correlated smart contract states from other operations in the same contract, so that we can prevent the attackers from abusing the inconsistent smart contract state. Compared to the existing resolutions of front-running, code audit, and modifier, our method guarantees protection results with better flexibility. And we further evaluate our method on a number of de facto reentrant attacks observed from Etherscan. The results prove that our method could efficiently prevent the reentrant attack with less running cost.

Federated learning of deep neural networks has emerged as an evolving paradigm for distributed machine learning, gaining widespread attention due to its ability to update parameters without collecting raw data from users, especially in digital healthcare applications. However, the traditional centralized architecture of federated learning suffers from several problems (e.g., single point of failure, communication bottlenecks, etc.), especially malicious servers inferring gradients and causing gradient leakage. To tackle the above issues, we propose a robust and privacy-preserving decentralized deep federated learning (RPDFL) training scheme. Specifically, we design a novel ring FL structure and a Ring-Allreduce-based data sharing scheme to improve the communication efficiency in RPDFL training. Furthermore, we improve the process of distributing parameters of the Chinese residual theorem to update the execution process of the threshold secret sharing, supporting healthcare edge to drop out during the training process without causing data leakage, and ensuring the robustness of the RPDFL training under the Ring-Allreduce-based data sharing scheme. Security analysis indicates that RPDFL is provable secure. Experiment results show that RPDFL is significantly superior to standard FL methods in terms of model accuracy and convergence, and is suitable for digital healthcare applications.

The papers in this special section focus on the trustworthiness of artificial intelligence/machine learning models/deep learning models (AI/ML/DL) as it applies to the Industrial Internet of Things (IIot). This includes automated environments, such as smart factories, smart airports, and smart healthcare systems. AI approaches enable automation and data analytic across industrial technologies, including the IIoT, cloud and edge, and fog computing paradigms. Current ML models, such as DL still suffer from designing a generalized trustworthy architecture that reveals semantics and contexts of models and attacks threat surface. The papers in this section were inspired by the convincing challenges and necessities described above and attempt to compile research results that essentially adopts them.

In the past several years, a series of breakthrough research advancements have been achieved by leveraging wireless signals such as Wi‐Fi in various emerging applications, including healthcare, behavior recognition, positioning, and target detection. Compared to traditional human behavior sensing methods, Wi‐Fi signals human behavior sensing technology has many advantages, including non‐line‐of‐sight, sensor device‐free sensing, passive sensing, ease of deployment, and no need for lights. Data mining undoubtedly plays a critical role in making Wi‐Fi‐based human behavior detection intelligent enough to facilitate convenient services and environments. We study Wi‐Fi signals mining using the data mining process and review the developmental process of Wi‐Fi data mining. This covers the methods of Wi‐Fi data mining, including signal acquisition, preprocessing, feature extraction to training, and classification. We then propose WHSecurity, a whole home intrusion detection and tracking system that is based on all of the methods covered above. Finally, WHSecurity includes a deep learning‐based data mining process called multiview learning for the decision‐making on intrusion detection and tracking. Experimental outcomes show that the WHSecurity approach performs superior in terms of intrusion detection and tracking performance.

Nowadays, wireless radio signals are ubiquitous and are around us; some signals pass through us, and some reflect off us. Substantial advancements in recent years demonstrate that such signals are utilized for diverse emerging applications, including people activity, motion watches, healthcare, and so forth. A few questions would be that may raise severe concerns in future cybersecurity and private domains. For example, what if Wi‐Fi signals are utilized to watch a person doings and actions, which are mostly without the person's authorization and authentication. How far such signal utilization can attack privacy intrusively, silently, more particularly, what/where we do, say, command, see, write, draw, go, perform, everything can be known. In this article, we investigate watching human activities by leveraging Wi‐Fi signals and discuss a few application prototypes. We attempt to learn whether or not attackers have the ability to passively watch our Internet activity as well as physical activities and motions through Wi‐Fi. With all‐new advances, one must be aware that cyberattackers may apply unauthorized use of these advances to their benefit. We discuss some of the countermeasures and approaches to mitigate these risks with Wi‐Fi signal leveraging.

Through the collaboration of cloud and edge, cloud-edge computing allows the edge which approximates end-users undertakes those non-computationally intensive service processing of the cloud, reducing the communication overhead and satisfying the low latency requirement of Internet of Vehicle (IoV). With cloud-edge computing, the computing tasks in IoV is able to be delivered to the edge servers (ESs) instead of the cloud and rely on the deployed services of ESs for a series of processing. Due to the storage and computing resource limits of ESs, how to dynamically deploy partial services to the edge is still a puzzle. Moreover, the decision of service deployment often requires the transmission of local service requests from ESs to the cloud, which increases the risk of privacy leakage. In this article, a method for privacy-aware IoV service deployment with federated learning in cloud-edge computing, named PSDF, is proposed. Technically, federated learning secures the distributed training of deployment decision network on each ES by the exchange and aggregation of model weights, avoiding the original data transmission. Meanwhile, homomorphic encryption is adopted for the uploaded weights before the model aggregation on the cloud. Besides, a service deployment scheme based on deep deterministic policy gradient (DDPG) is proposed. Eventually, the performance of PSDF is evaluated by massive experiments.