Abstract
Privacy is becoming a crucial requirement in many machine learning systems. In this paper we introduce an efficient and secure distributed K-Means algorithm, that is robust to non-IID data. The base idea of our proposal consists in each client computing the K-Means algorithm locally, with a variable number of clusters. The server will use the resultant centroids to apply the K-Means algorithm again, discovering the global centroids. To maintain the client's privacy, homomorphic encryption and secure aggregation is used in the process of learning the global centroids. This algorithm is efficient and reduces transmission costs, since only the local centroids are used to find the global centroids. In our experimental evaluation, we demonstrate that our strategy achieves a similar performance to the centralized version even in cases where the data follows an extreme non-IID form.

Abstract
In this article, we investigate the secure spectral efficiency of an ultrareliable low-latency communication system, where communications occur with short packets due to delay constraints, so that a finite blocklength formulation is considered. In addition, we assume that no feedback channel is available to implement automatic repeat request schemes, so that packet replication (PR) and interface diversity (ID) strategies are used to improve performance, which are then compared in terms of physical-layer security while considering a Nakagami-m fading channel. Furthermore, we assume no knowledge of the instantaneous channel state information at Alice, neither with respect to Bob nor Eves, while the position of multiple colluding eavesdroppers are specified according to a Poisson point process. Numerical results show that the joint optimization of the blocklength, the transmit power, and the amount of information bits per codeword are crucial to maximize the secure spectral efficiency. In addition, we also show that ID outperforms the PR strategy in most scenarios when the number of replications/interfaces increases.

Abstract
Polar codes have been shown to provide an effective mechanism for achieving physical-layer security over various wiretap channels. A majority of these schemes require channel state information (CSI) at the encoder for both intended receivers and eavesdroppers. In this paper, we consider a polar coding scheme for secrecy over a Gaussian wiretap channel when no CSI is available. We show that the availability of a shared keystream between friendly parties allows polar codes to be used for both secure and reliable communications, even when the eavesdropper knows a large fraction of the keystream. The scheme relies on a predetermined strategy for partitioning the bits to be encoded into a set of frozen bits and a set of information bits. The frozen bits are filled with bits from the keystream, and we evaluate the security gap when the cyclic redundancy check-aided successive cancellation list decoder is used at both receivers in the wiretap channel model.

Abstract
A B S T R A C T Power Distribution Systems usually rely on closed and fixed communication networks due to the strict requirements they must comply with. With the appearance of new communication technologies that can contribute to the assurance of those requirements (for example, 5G), open networks can be used for such systems, decreasing the overall cost of maintaining and upgrading the communication network. Although, shifting from closed communication environments to networks integrated with the Internet using 5G communication environments can expose these systems to severe threats, since they were developed to operate under closed networks not addressing security by default. This paper analyses the security requirements for Power Distribution Systems operating on open networks, identifying the gap between such systems and the existing security mechanisms. From this analysis, we present a solution based on low cost off-the-shelf hardware, composed by a security library and a bridging device, intended to act as a security gateway for Intelligent Electronic Devices (IEDs) in Power Distribution Systems. We also evaluate the functionality of our security gateway, and analyse its impact on the stringent performance requirements of such systems.

Abstract
Modern communications have moved away from point-to-point models to increasingly heterogeneous network models. In this article, we propose a novel controller-based architecture to deploy adaptive causal network coding in heterogeneous and highly meshed communication networks. Specifically, we consider using the software-defined network as the main controller. We first present an architecture for highly meshed heterogeneous multi-source multi-destination networks that represent the practical communication networks encountered in the fifth generation of wireless networks and beyond. Next, we present a promising solution to deploy network coding over the new architecture. We also present a new controller-based setting with which network coding modules communicate to attain the required information. Finally, we briefly discuss how the proposed architecture and network coding solution provide a good opportunity for future technologies.

Abstract
Software Defined Networking (SDN) facilitates the orchestration and configuration of network resources in a flexible and scalable form, where policies are managed by controller components that interact with network elements through multiple interfaces. The ubiquitous adoption of SDN leads to the availability of multiple SDN controllers, which have different characteristics in terms of performance and security support. SDN controllers are a common target in network attacks since their compromise leads to the capability of impairing the entire network. Thus, the choice of a SDN controller must be a meticulous process from early phases (design to production). CROCUS, herein proposed, provides a mechanism to enable an objective assessment of the security support of SDN controllers. CROCUS relies on the information provided by the Common Vulnerability Scoring System (CVSS) and considers security features derived from scenarios with stringent security requirements. Considering a vehicular communication scenario supported by multiple technologies, we narrow the selection of SDN controllers to OpenDayLight and ONOS choices. The results put in evidence that both controllers have security features relevant for demanding scenarios with ONOS excelling in some aspects.