Yuntao Wang’s research while affiliated with Xi’an Jiaotong-Liverpool University and other places

Federated graph attention networks (FGATs) are gaining prominence for enabling collaborative and privacy-preserving graph model training. The attention mechanisms in FGATs enhance the focus on crucial graph features for improved graph representation learning while maintaining data decentralization. However, these mechanisms inherently process sensitive information, which is vulnerable to privacy threats like graph reconstruction and attribute inference. Additionally, their role in assigning varying and changing importance to nodes challenges traditional privacy methods to balance privacy and utility across varied node sensitivities effectively. Our study fills this gap by proposing an efficient privacy-preserving FGAT (PFGAT). We present an attention-based dynamic differential privacy (DP) approach via an improved multiplication triplet (IMT). Specifically, we first propose an IMT mechanism that leverages a reusable triplet generation method to efficiently and securely compute the attention mechanism. Second, we employ an attention-based privacy budget that dynamically adjusts privacy levels according to node data significance, optimizing the privacy-utility trade-off. Third, the proposed hybrid neighbor aggregation algorithm tailors DP mechanisms according to the unique characteristics of neighbor nodes, thereby mitigating the adverse impact of DP on graph attention network (GAT) utility. Extensive experiments on benchmarking datasets confirm that PFGAT maintains high efficiency and ensures robust privacy protection against potential attacks.

With the rapid advancement and deployment of intelligent agents and artificial general intelligence (AGI), a fundamental challenge for future networks is enabling efficient communications among agents. Unlike traditional human-centric, data-driven communication networks, the primary goal of agent-based communication is to facilitate coordination among agents. Therefore, task comprehension and collaboration become the key objectives of communications, rather than data synchronization. Semantic communication (SemCom) aims to align information and knowledge among agents to expedite task comprehension. While significant research has been conducted on SemCom for two-agent systems, the development of semantic communication networks (SemComNet) for multi-agent systems remains largely unexplored. In this paper, we provide a comprehensive and up-to-date survey of SemComNet, focusing on their fundamentals, security, and privacy aspects. We introduce a novel three-layer architecture for multi-agent interaction , comprising the control layer, semantic transmission layer, and cognitive sensing layer. We explore working modes and enabling technologies, and present a taxonomy of security and privacy threats, along with state-of-the-art defense mechanisms. Finally, we outline future research directions, paving the way toward intelligent, robust, and energy-efficient SemComNet. This survey represents the first comprehensive analysis of SemComNet, offering detailed insights into its core principles as well as associated security and privacy challenges.

Federated learning (FL) has gained widespread adoption in Internet of Things (IoT) applications, promoting the evolution of IoT towards artificial intelligence of Things (AIoT). However, IoT devices are still vulnerable to various privacy inference attacks in FL. While current solutions aim to protect the privacy of devices during model training, the published model is still at risk from external privacy attacks during model deployment. To address the privacy concerns throughout the entire FL lifecycle, this paper proposes a privacy-enhanced and efficient federated knowledge transfer framework for IoT, named PEFKT, which integrates the knowledge transfer method and local differential privacy (LDP) mechanism. In PEFKT, we devise a data diversity-driven grouping strategy to tackle the non-independent and identically distributed (non-IID) issue in IoT. Additionally, we design a quality-aware soft-label aggregation algorithm to facilitate effective knowledge transfer, thereby improving the performance of the student model. Finally, we provide rigorous privacy analysis and validate the feasibility and effectiveness of PEFKT through extensive experiments on real datasets.

The rapid development of the Internet of Vehicles (IoV) has spurred innovations in Intelligent Transportation Systems (ITS), but it also faces increasingly sophisticated cybersecurity threats. Traditional defense mechanisms often fall short in handling emerging and complex attacks due to the lack of flexibility to adapt to the rapidly evolving IoV environment. An emerging solution is to employ Large Language Models (LLMs), such as ChatGPT, to enhance IoV security, which depends on the quality, quantity, and freshness of the threat data used for fine-tuning. In this paper, we introduce a collaborative vehicular threat sharing framework that utilizes vehicular honeypots to gather threat data for fine-tuning LLMs, thereby bolstering IoV security. Local differential privacy is leveraged to safeguard the vehicles’ privacy. Given that vehicles have different privacy preferences that may change over time, it is critical to design an appropriate incentive mechanism to encourage sustainable participation in the dynamic IoV environment. Moreover, since privacy preferences are the private information of the vehicles, an information asymmetry exists between the vehicles and the IDS cloud server. To address this challenge, we propose a dynamic contract-based incentive mechanism that considers the dynamically changing privacy preference during long-term participation. The optimal contract is derived to maximize the expected utility of the IDS cloud server. Extensive simulation results demonstrate the feasibility of our proposed dynamic contract based incentive mechanism and validate the effectiveness of the LLM-based threat classification in handling complex threats.

Application (App)-assisted mobile edge crowd-sensing is a promising paradigm, in which Apps are in charge of tagging the location of the sensing tasks as point-of-interest (PoI) to assist the platform in recruiting users to participate in the sensing tasks. However, there exist potential security, incentive, and privacy threats for App-assisted mobile edge crowdsensing (AMECS) due to the presence of malicious Apps, the low-quality shared sensing data, and the vulnerability of wireless communication. Therefore, we propose a differential privacy-based incentive (DPI) scheme for AMECS to provide secure and efficient crowdsensing services while protecting users’ privacy. Specifically, we first propose an App quality management mechanism to correlate the behavior of each App with its quality and then select reliable Apps based on quality thresholds to assist the platform in recruiting users. With the designed mechanism, we further present an auction game-based incentive mechanism to encourage Apps to mark the location of the sensing tasks as PoI. To protect the privacy of users, a privacy-preserving sensing data sharing algorithm is devised based on differential privacy. Further, given the difficulty of obtaining accurate network parameters in practice, a reinforcement learning-based incentive mechanism is designed to encourage users to participate in sensing tasks. Finally, simulation results and security analysis demonstrate that the proposed scheme can effectively improve the utilities of users, ensure the security of the crowdsensing process, and protect the privacy of users.

In this paper, we propose a full-duplex integrated sensing and communication (ISAC) system enabled by a movable antenna (MA). By leveraging the characteristic of MA that can increase the spatial diversity gain, the performance of the system can be enhanced. We formulate a problem of minimizing the total transmit power consumption via jointly optimizing the discrete position of MA elements, beamforming vectors, sensing signal covariance matrix and user transmit power. Given the significant coupling of optimization variables, the formulated problem presents a non-convex optimization challenge that poses difficulties for direct resolution. To address this challenging issue, the discrete binary particle swarm optimization (BPSO) algorithm framework is employed to solve the formulated problem. Specifically, the discrete positions of MA elements are first obtained by iteratively solving the fitness function. The difference-of-convex (DC) programming and successive convex approximation (SCA) are used to handle non-convex and rank-1 terms in the fitness function. Once the BPSO iteration is complete, the discrete positions of MA elements can be determined, and we can obtain the solutions for beamforming vectors, sensing signal covariance matrix and user transmit power. Numerical results demonstrate the superiority of the proposed system in reducing the total transmit power consumption compared with fixed antenna arrays.

In this paper, we investigate a secure communication architecture based on unmanned aerial vehicle (UAV), which enhances the security performance of the communication system through UAV trajectory optimization. We formulate a control problem of minimizing the UAV flight path and power consumption while maximizing secure communication rate over infinite horizon by jointly optimizing UAV trajectory, transmit beamforming vector, and artificial noise (AN) vector. Given the non-uniqueness of optimization objective and significant coupling of the optimization variables, the problem is a non-convex optimization problem which is difficult to solve directly. To address this complex issue, an alternating-iteration technique is employed to decouple the optimization variables. Specifically, the problem is divided into three subproblems, i.e., UAV trajectory, transmit beamforming vector, and AN vector, which are solved alternately. Additionally, considering the susceptibility of UAV trajectory to disturbances, the model predictive control (MPC) approach is applied to obtain UAV trajectory and enhance the system robustness. Numerical results demonstrate the superiority of the proposed optimization algorithm in maintaining accurate UAV trajectory and high secure communication rate compared with other benchmark schemes.

The rise of advanced persistent threats (APTs) has marked a significant cybersecurity challenge, characterized by sophisticated orchestration, stealthy execution, extended persistence, and targeting valuable assets across diverse sectors. Provenance graph-based kernel-level auditing has emerged as a promising approach to enhance visibility and traceability within intricate network environments. However, it still faces challenges including reconstructing complex lateral attack chains, detecting dynamic evasion behaviors, and defending smart adversarial subgraphs. To bridge the research gap, this paper proposes an efficient and robust APT defense scheme leveraging provenance graphs, including a network-level distributed audit model for cost-effective lateral attack reconstruction, a trust-oriented APT evasion behavior detection strategy, and a hidden Markov model based adversarial subgraph defense approach. Through prototype implementation and extensive experiments, we validate the effectiveness of our system. Lastly, crucial open research directions are outlined in this emerging field.

Personalized federated learning (PFL) has gained increasing attention due to its success in handling the statistical heterogeneity of participants' local data by building distinct local models for participants. However, existing PFL schemes require the identical architecture and size of participants' models, e.g., the same number of layers in convolutional neural networks (CNN). In addition, the growing privacy issues (e.g., local update leakage to the curious server in model aggregation) have not been resolved in PFL. The utilization of identical model architectures among participants reduces the cost of privacy attacks since only one uniform attack method is required to extract private information, exacerbating the privacy threat. This paper proposes a novel privacy-preserving PFL framework that supports heterogeneous model architectures and sizes in delivering personalized models for different participants. Specifically, we utilize participants' knowledge, i.e., the soft predictions of local models on a public dataset, to effectively identify participants with similar data distributions regardless of the specific model architectures used. Based on the participants' knowledge, and their computing and storage capabilities, we employ the affinity propagation (AP) algorithm to implement a multi-level participant clustering mechanism for enabling heterogeneous PFL. Since knowledge is independent of original data, it is considered privacy-preserving during the clustering process. We also devise the ring aggregation algorithm to guarantee participants' privacy during the federated training process. In this way, each participant benefits from other participants with similar data distributions privately and obtains a satisfying personalized model. Furthermore, the cross-cluster knowledge transfer method boosts the personalization performance of weak participants. Sufficient theoretical analyses prove the effectiveness and privacy-preserving capacity of the proposed scheme. Extensive experiments on three benchmark datasets also demonstrate the superiority of our proposed scheme in various settings while maintaining privacy protection, outperforming other state-of-the-art schemes.