Jian Liu, Sara Ramezanian
|
|
- Kathleen Marsha Cross
- 5 years ago
- Views:
Transcription
1 CloSer WP2: Privacyenhancing Technologies Jian Liu, Sara Ramezanian
2 Overview Seek to understand how user privacy is impacted by cloud-assisted security services Develop a suite of privacy-enhancing technologies for ensuring privacy for end user and customer and organizational data in WP1 and other scenarios 2
3 Overview of CloSer PETs 1. Oblivious Neural Networks 2. Private Membership Test 3. Private Graph Search 3
4 Oblivious Neural Networks
5 Oblivious Neural Networks (ONN) Cloud-based prediction are increasingly popular but risk privacy: clients need to disclose potentially sensitive input data to server. 5
6 Oblivious Neural Networks (ONN) Cloud-based prediction are increasingly popular but risk privacy: clients need to disclose potentially sensitive input data to server. Our solution, OMaxNets, allows a neural network model to be made privacy-preserving server learns nothing about clients' input; clients learn nothing about the model. More general and significantly faster than state-of-the-art 6
7 Oblivious Neural Networks (ONN) Applicable scenarios Android App reputation assessment (cf. F-Secure usage scenario) Fake base station detection (cf. Nokia usage scenario) Website reputation (cf. F-Secure usage scenario) 7
8 Machine learning as a service (MLaaS) input model input predictions Risk: violate clients privacy 8
9 Running predictions on client-side model model input model Risks: difficult to update model competitors may steal model attacker can exploit model to circumvent security applications may reveal training data 9
10 State-of-the-art: CryptoNets model encrypted input encrypted predictions Risks: high overhead: 297.5s and 372MB, due to fully homomorphic encryption only toy activation function, low-degree polynomials 10
11 Our approach encrypted input model oblivious protocols encrypted predictions Benefits Low overhead: Additively homomorphic encryption Secure two-party computation Generic Supports ReLU and Maxpooling Models Latencey (s) Message sizes (MB) Accuracy % MNIST NORB CIFAR
12 Our approach encrypted input model oblivious protocols encrypted predictions Benefits Low overhead: Additively homomorphic encryption Secure two-party computation Generic Supports ReLU and Maxpooling Models Latencey (s) Message sizes (MB) Accuracy % MNIST NORB CIFAR Poster and demo this afternoon 12
13 Private Membership Test
14 Private membership test The problem: How to preserve end user privacy when querying cloud-hosted databases? q? x 1 x 2 x 3 x n User Lookup Server c 14
15 Private membership test Applicable scenarios Android App reputation assessment (cf. F-Secure usage scenario) Fake base station detection (cf. Nokia usage scenario) Website reputation (cf. F-Secure usage scenario) 15
16 Private Membership Test with Trusted Hardware Trusted Execution Environments (TEEs) are ubiquitous ARM TrustZone, Intel SGX, Can TEEs provide a practical solution for Private Membership Test? 16
17 Carousel approach REE Lookup Server TEE Dictionary provider x 1 x 2... x n Dictionary: X Encode Untrusted application y 1 y 2... y m Trusted application r = ( q Y ) Dictionary representation: Y Query representation Mobile device A h(apk) Query: q Query buffer User Response: r Response buffer Secure channel with remote attestation 17
18 Performance: Steady State Query Arrival Breakdown points Kinibi on ARM TrustZone Intel SGX 18
19 Performance: Steady State Query Arrival Breakdown points Kinibi on ARM TrustZone Intel SGX Received an Honorable Mention in the best paper competition at the ACM ASIACCS 2017, Abu Dhabi, UAE Poster this afternoon 19
20 c Private Membership Test with Crypto (1) q? x 1 x 2 x 3 x n k User E(x 1 ) E(x 2 ) E(x 3 ) E(x n ) {H i }
21 c Private Membership Test with Crypto (1) q? x 1 x 2 x 3 x n User
22 c Private Membership Test with Crypto (1) q? q k x 1 x 2 x 3 x n User E(q) Blind Signature
23 Part 2: Private Membership Test with Cryptographic Protocols
24 Bloom Filter and Cuckoo Filter Bloom filter and Cuckoo filter are probabilistic space-efficient data structures. Used to test whether an item is a member of a set. A query from these filters may result in False Positive (but never False Negative). Suitable to store big databases. 24
25 Server Private Membership Test with Homomorphic Encryption Divides its database into 2 2a different subsets. Inserts each subset into a Bloom/Cuckoo filter. Divides the filter to b fragments. Arranges b matrices of size 2 a 2 a with fragments of the filters as elements. 2 a 2 a 2 a 2 a Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 25
26 Private Membership Test with Homomorphic Encryption Client encrypts the indices of the item x as (α i ) and (β j ), sends these vectors to the Server. 2 a 2 a 2 a 2 a α 1 = E 1, α 2 = E 0, α 3 = E 0,, α 2 a = E 0 β 1 = E 0, β 2 = E 1, β 3 = E 0,, β 2 a = E 0 Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 26
27 Private Membership Test with Homomorphic Encryption Homomorphic encryption allows server to search in the matrix without knowledge of client s private key. Server sends the result to Client. Client decrypts the result. Outcome: Retrieves a Bloom/Cuckoo filter. Now, the client can query the item x through this filter. Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 27
28 Privacy-Preserving Anti-malware Services Scenario: A Server holds a database of 2 21 malware fingerprints. The database is approximately 40 MB. A client wants to check whether his/her file is clean, without revealing it to the server. Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 28
29 Anti-malware Services with PMT Protocols Communication Complexities Client sends 8KB data to the Server. Server sends 16KB data to the Client. Time Complexities Client spends 1.8s to generate (α i ) and (β j ). Server spends 0.9s to calculate the result. The execution time depends on the processor which has been used to perform the computation. We used an x86-64 Intel Core i5 processor clocked at 2.7 GHz with a 4 MB L3 cache. Poster and demo this afternoon 29
30 Private graph search Two lists of triplets: (user, host, fingerprint) and (fingerprint, user, host) These define trust relations between users on different hosts. This database can be illustrated as a directed graph. (User,Host) Fingerprints (User,Host) 30
31 Private graph search What kind of paths can be found in the graph? We would like to use a cloud not allowed to know the graph. An entity is able to query the cloud if there is a path from A to B in the graph. Nobody else should learn the answer (not cloud, not graph owner). 31
32 Trust relations Between Users (User,Host) (User,Host) 32
33 Graph of User-Host pairs (User,Host) C A D B E F 33
34 Transitive Closure Graph of User-Host pairs (User,Host) C A D B E F 34
35 Transitive Closure Graph of Fingerprints The same process can be done for fingerprints: Fingerprints 35
36 Transitive Closure Matrix of User-Host pairs (User,Host) A B C D E F A B C D E F A C D E B F 36
37 Queries on Transitive Closure 1) Encrypted graph matrix (*) There are three parties: Owner of the graph, the Querier and the Cloud (*)Meskanen, T., Liu, J., Ramezanian, S., & Niemi, V. (2015, August). Private membership test for bloom filters. In Trustcom/BigDataSE/ISPA 37
38 Conclusion Oblivious neural networks for privacy-preserving predictions poster / demo Two private membership test schemes for privacy-preserving malware checking Crypto based solution: poster / demo / paper (under submission) Hardware security based solution: poster / paper (AsiaCCS 17) Private graph search for cloud-assisted trust relation databases 38
Securing Cloud-assisted Services
Securing Cloud-assisted Services N. Asokan http://asokan.org/asokan/ @nasokan Services are moving to the cloud http://dilbert.com/strip/2012-05-25 2 Services are moving to the cloud Example: cloud-based
More informationarxiv: v4 [cs.cr] 17 Feb 2017
The Circle Game: Scalable Private Membership Test Using Trusted Hardware arxiv:160601655v4 [cscr] 17 Feb 2017 Abstract Sandeep Tamrakar Aalto University sandeeptamrakar@aaltofi Jan-Erik Ekberg Darkmatter
More informationDemo Day 2015 N. Asokan, Tuomas Aura, Valtteri Niemi
Secure Systems Groups Demo Day 2015 N. Asokan, Tuomas Aura, Valtteri Niemi State of the Union 2 Who are we? Aalto University 2 professors 1 (+1) postdocs 5 full-time & several industrial PhD students Several
More informationHardening Fingerprint Authentication Systems Using Intel s SGX Enclave Technology. Interim Progress Report
Hardening Fingerprint Authentication Systems Using Intel s SGX Enclave Technology Interim Progress Report DELL-EMC Envision the Future Competition 2018 Table of Contents List of Figures... 3 List of tables...
More informationMachine Learning on Encrypted Data
Machine Learning on Encrypted Data Kim Laine Microsoft Research, Redmond WA January 5, 2017 Joint Mathematics Meetings 2017, Atlanta GA AMS-MAA Special Session on Mathematics of Cryptography Two Tracks
More informationDemonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin
Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions Topic Prerequisites Security concepts Security-related concepts (e.g., entropy) Virtualization
More informationSlalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramèr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating
More informationKiss, Ágnes; Liu, Jian; Schneider, Thomas ; Asokan, N.; Pinkas, Benny Private Set Intersection for Unequal Set Sizes with Mobile Applications
Powered by TCPDF (www.tcpdf.org) This is an electronic reprint of the original article. This reprint may differ from the original in pagination and typographic detail. Kiss, Ágnes; Liu, Jian; Schneider,
More informationUsable PIR. Network Security and Applied. Cryptography Laboratory.
Network Security and Applied Cryptography Laboratory http://crypto.cs.stonybrook.edu Usable PIR NDSS '08, San Diego, CA Peter Williams petertw@cs.stonybrook.edu Radu Sion sion@cs.stonybrook.edu ver. 2.1
More informationHow I Learned to Stop Worrying and Love the Internet of Things
SESSION ID: SSC-W07 How I Learned to Stop Worrying and Love the Internet of Things Steven Sprague CEO Rivetz Corp @skswave The Big Shift Known Networks Ports Firewalls Packets SSL Known Devices Identity
More informationTRUSTED COMPUTING TECHNOLOGIES
TRUSTED COMPUTING TECHNOLOGIES TEE = Trusted Execution Environment Mandatory reading Innovative Instructions and Software Model for Isolated Execution, Frank McKeen, Ilya Alexandrovich, Alex Berenzon,
More informationCSC 5930/9010 Cloud S & P: Cloud Primitives
CSC 5930/9010 Cloud S & P: Cloud Primitives Professor Henry Carter Spring 2017 Methodology Section This is the most important technical portion of a research paper Methodology sections differ widely depending
More informationSlalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramèr (joint work with Dan Boneh) Stanford security lunch June 13 th Trusted execution of ML: 3 motivating
More informationSecurity Using Digital Signatures & Encryption
Email Security Using Digital Signatures & Encryption CONTENTS. Introduction The Need for Email Security Digital Signatures & Encryption 101 Digital Signatures & Encryption in Action Selecting the Right
More informationInsight Frequently Asked Questions version 2.0 (8/24/2011)
Insight Frequently Asked Questions version 2.0 (8/24/2011) Insight Overview 1. What is a reputation system and how does it work? Insight, our reputation system, leverages anonymous telemetry data from
More informationHardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices
Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices Yeongpil Cho 1 Junbum Shin 2, Donghyun Kwon 1, MyungJoo Ham2 2, Yuna Kim 2, Yunheung Paek
More informationCache Side Channel Attacks on Intel SGX
Cache Side Channel Attacks on Intel SGX Princeton University Technical Report CE-L2017-001 January 2017 Zecheng He Ruby B. Lee {zechengh, rblee}@princeton.edu Department of Electrical Engineering Princeton
More informationBuilding Trust Despite Digital Personal Devices
Building Trust Despite Digital Personal Devices OpenIT - 07.03.2014 by Javier González Javier González - jgon@itu.dk Philippe Bonnet - phbo@itu.dk Digital Society Distrust Users Personal Information! Information
More informationSMART DEVICES: DO THEY RESPECT YOUR PRIVACY?
SMART DEVICES: DO THEY RESPECT YOUR PRIVACY? Systems and Mobile Research Lab, Department of Computer Science and Engineering INDIAN INSTITUTE OF TECHNOLOGY KHARAGPUR Presenter: Sandip Chakraborty sandipc@cse.iitkgp.ac.in
More informationReport: Privacy-Preserving Classification on Deep Neural Network
Report: Privacy-Preserving Classification on Deep Neural Network Janno Veeorg Supervised by Helger Lipmaa and Raul Vicente Zafra May 25, 2017 1 Introduction In this report we consider following task: how
More informationPrivacy Protected Spatial Query Processing
Privacy Protected Spatial Query Processing Slide 1 Topics Introduction Cloaking-based Solution Transformation-based Solution Private Information Retrieval-based Solution Slide 2 1 Motivation The proliferation
More informationPrivate Set Intersection for Unequal Set Sizes with Mobile Applications
Private Set Intersection for Unequal Set Sizes with Mobile Applications Ágnes Kiss (TU Darmstadt) Jian Liu (Aalto University) Thomas Schneider (TU Darmstadt) N. Asokan (Aalto University) Benny Pinkas (Bar-Ilan
More informationA Developer's Guide to Security on Cortex-M based MCUs
A Developer's Guide to Security on Cortex-M based MCUs 2018 Arm Limited Nazir S Arm Tech Symposia India Agenda Why do we need security? Types of attacks and security assessments Introduction to TrustZone
More informationPhishing in the Age of SaaS
Phishing in the Age of SaaS AN ESSENTIAL GUIDE FOR BUSINESSES AND USERS The Cloud Security Platform Q3 2017 intro Phishing attacks have become the primary hacking method used against organizations. In
More informationCooperative Private Searching in Clouds
Cooperative Private Searching in Clouds Jie Wu Department of Computer and Information Sciences Temple University Road Map Cloud Computing Basics Cloud Computing Security Privacy vs. Performance Proposed
More informationInformation Security Research and Education at Aalto. N. Asokan
Information Security Research and Education at Aalto N. Asokan http://asokan.org/asokan/ @nasokan About me Professor, Aalto University, from Aug 2013 Professor, University of Helsinki, 2012-2017 IEEE Fellow
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.
More informationHOST Authentication Overview ECE 525
Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time
More informationAnalysis of Partially and Fully Homomorphic Encryption
Analysis of Partially and Fully Homomorphic Encryption Liam Morris lcm1115@rit.edu Department of Computer Science, Rochester Institute of Technology, Rochester, New York May 10, 2013 1 Introduction Homomorphic
More informationCLUSTERING is one major task of exploratory data. Practical Privacy-Preserving MapReduce Based K-means Clustering over Large-scale Dataset
1 Practical Privacy-Preserving MapReduce Based K-means Clustering over Large-scale Dataset Jiawei Yuan, Member, IEEE, Yifan Tian, Student Member, IEEE Abstract Clustering techniques have been widely adopted
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 6. Authentication Instructor: Dr. Kun Sun Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationAuthentication. Identification. AIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 6. Authentication Instructor: Dr. Kun Sun Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationA Proposed Standard for Entity Attestation draft-mandyam-eat-00. Laurence Lundblade. November 2018
A Proposed Standard for Entity Attestation draft-mandyam-eat-00 Laurence Lundblade November 2018 1 EAT Overall System Entity (e.g., Chip, Device ) Immutable private key for signing. Stored securely on
More informationBreaking Hardware Wallets
Breaking Hardware Wallets Breaking Bitcoin September 2017 Nicolas Bacca @btchip Why Hardware Wallets? - high level overview YES NO Public data Do you want to send 1.337 BTC to 1UnREADABLE Operations on
More informationBUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX FLORIAN KERSCHBAUM, UNIVERSITY OF WATERLOO JOINT WORK WITH BENNY FUHRY (SAP), ANDREAS FISCHER (SAP) AND MANY OTHERS DO YOU TRUST YOUR CLOUD SERVICE
More informationA HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM
A HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM BASED ON PHANTOM: PRACTICAL OBLIVIOUS COMPUTATION IN A SECURE PROCESSOR FROM CCS-2013! Martin Maas, Eric
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationPrivacy-Preserving Using Data mining Technique in Cloud Computing
Cis-601 Graduate Seminar Privacy-Preserving Using Data mining Technique in Cloud Computing Submitted by: Rajan Sharma CSU ID: 2659829 Outline Introduction Related work Preliminaries Association Rule Mining
More informationAdvanced Android Security APIs. KeyStore and Crypto VPN
Advanced Android Security APIs KeyStore and Crypto VPN 1 KEYCHAIN AND CRYPTO APIS Like any other OS: support for crypto operations - SecureRandom: generate cryptographically secure random data E.g., seeding
More informationArtificial Intelligence Drives the next Generation of Internet Security
Artificial Intelligence Drives the next Generation of Internet Security Sam Lee Regional Director sam.lee@cujo.com Copyright 2017 CUJO LLC, All rights reserved. Artificial Intelligence Leads the Way Copyright
More informationRemote Data Checking: Auditing the Preservation Status of Massive Data Sets on Untrusted Store
Remote Data Checking: Auditing the Preservation Status of Massive Data Sets on Untrusted Store Randal Burns randal@cs.jhu.edu www.cs.jhu.edu/~randal/ Department of Computer Science, Johns Hopkins Univers
More informationIsolating Operating System Components with Intel SGX
SysTEX 16 Trento, Italy Isolating Operating System Components with Intel SGX Lars Richter, Johannes Götzfried, Tilo Müller Department of Computer Science FAU Erlangen-Nuremberg, Germany December 12, 2016
More informationEncrypted Deep Learning: A Guide to Privacy Preserving Speech Processing
Encrypted Deep Learning: A Guide to Privacy Preserving Speech Processing Nigel Cannings CTO nigel.cannings@intelligentvoice.com www.intelligentvoice.com @intelligentvox #GTC17 For $100 What is this encrypted
More informationDelegated Access for Hadoop Clusters in the Cloud
Delegated Access for Hadoop Clusters in the Cloud David Nuñez, Isaac Agudo, and Javier Lopez Network, Information and Computer Security Laboratory (NICS Lab) Universidad de Málaga, Spain Email: dnunez@lcc.uma.es
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationSE Labs Test Plan for Q Endpoint Protection : Enterprise, Small Business, and Consumer
Keywords: anti-malware; compliance; assessment; testing; test plan; template; endpoint; security; SE Labs SE Labs and AMTSO Preparation Date : July 20, 2017 Documentation Source Dates : June 2017 Version
More informationMohamed Grissa, Student Member, IEEE, Attila A. Yavuz, Member, IEEE, and Bechir Hamdaoui, Senior Member, IEEE
IEEE TRANSACTIONS ON COGNITIVE COMMUNICATIONS AND NETWORKING, VOL. 3, NO. 2, JUNE 2017 255 Location Privacy Preservation in Database-Driven Wireless Cognitive Networks Through Encrypted Probabilistic Data
More informationDISCLOSURE PROTECTION OF SENSITIVE ATTRIBUTES IN COLLABORATIVE DATA MINING V. Uma Rani *1, Dr. M. Sreenivasa Rao *2, V. Theresa Vinayasheela *3
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 5 May, 2014 Page No. 5594-5599 DISCLOSURE PROTECTION OF SENSITIVE ATTRIBUTES IN COLLABORATIVE DATA MINING
More informationEfficient Private Information Retrieval
Efficient Private Information Retrieval K O N S T A N T I N O S F. N I K O L O P O U L O S T H E G R A D U A T E C E N T E R, C I T Y U N I V E R S I T Y O F N E W Y O R K K N I K O L O P O U L O S @ G
More informationControlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. Yuanzhong Xu, Weidong Cui, Marcus Peinado
: Deterministic Side Channels for Untrusted Operating Systems Yuanzhong Xu, Weidong Cui, Marcus Peinado 2 Goal Protect the data of applications running on remote hardware 3 New tech Trusted Platform Modules
More informationMASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy. Yan Michalevsky, Suman Nath, Jie Liu
MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy Yan Michalevsky, Suman Nath, Jie Liu Motivation Private communication Anonymous messaging Secret communities Location-based
More informationLeveraging Intel SGX to Create a Nondisclosure Cryptographic library
CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December
More informationPreserving Data Privacy in the IoT World
MASSACHUSETTS INSTITUTE OF TECHNOLOGY Preserving Data Privacy in the IoT World Thomas Hardjono Alex Sandy Pentland Connection Science & Engineering Massachusetts Institute of Technology July 2016 connection.mit.edu
More informationInternational Journal of Computer Science Trends and Technology (IJCST) Volume 5 Issue 4, Jul Aug 2017
RESEARCH ARTICLE OPEN ACCESS Optimizing Fully Homomorphic Encryption Algorithm using Greedy Approach in Cloud Computing Kirandeep Kaur [1], Jyotsna Sengupta [2] Department of Computer Science Punjabi University,
More informationSecure Role-Based Access Control on Encrypted Data in Cloud Storage using ARM
Secure Role-Based Access Control on Encrypted Data in Cloud Storage using ARM Rohini Vidhate, V. D. Shinde Abstract With the rapid developments occurring in cloud computing and services, there has been
More informationSecuring IoT with the ARM mbed ecosystem
Securing IoT with the ARM mbed ecosystem Xiao Sun / Senior Applications Engineer / ARM ARM mbed Connect / Shenzhen, China December 5, 2016 Lots of interest in IoT security Researchers are looking into
More informationSGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors
UT DALLAS Erik%Jonsson%School%of%Engineering%&%Computer%Science SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors Fahad Shaon Murat Kantarcioglu Zhiqiang Lin Latifur Khan
More informationSecurity in Data Science
SDSI Nov. 2017 Security in Data Science Dan Boneh Stanford University Private genomic data analysis [Jagadeesh, Wu, Birgmeier, Boneh, Bejerano, Science, 2017] What genes causes a specific disorder? 2 v
More informationUS Census Bureau Workshop on Multi-party Computing. David W. Archer, PhD 16-Nov-2017
US Census Bureau Workshop on Multi-party Computing David W. Archer, PhD 16-Nov-2017 Census First-round Adoption Concerns Technology maturity Computational overhead Complexity of getting this stuff to work
More informationPrivacy-Preserving Computation with Trusted Computing via Scramble-then-Compute
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore The Problem Context:
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More informationKey Security Issues for implementation of Digital Currency, including ITU-T SG17 activities
ITU Workshop on FG DFC Workshop on Standards for Digital Fiat Currency (DFC) () Key Issues for implementation of Digital Currency, including ITU-T SG17 activities Heung Youl Youm, PhD. Chairman of ITU-T
More informationECE646 Fall Lab 1: Pretty Good Privacy. Instruction
ECE646 Fall 2012 Lab 1: Pretty Good Privacy Instruction PLEASE READ THE FOLLOWING INSTRUCTIONS CAREFULLY: 1. You are expected to address all questions listed in this document in your final report. 2. All
More informationPassBio: Privacy-Preserving User-Centric Biometric Authentication
1 PassBio: Privacy-Preserving User-Centric Biometric Authentication Kai Zhou and Jian Ren arxiv:1711.04902v1 [cs.cr] 14 Nov 2017 Abstract The proliferation of online biometric authentication has necessitated
More informationSecuring INSPIREd geodata cloud services with CLARUS. INSPIRE conference 2016 (Barcelona)
Securing INSPIREd geo cloud services with CLARUS INSPIRE conference 2016 (Barcelona) Increase flexibility on demand elasticity ubiquitous access Reduce costs shared resources pay as you use metering Reduce
More informationLocation Privacy Preservation in Database-driven Wireless Cognitive Networks through Encrypted Probabilistic Data Structures
This article has been accepted for publication in a future issue of this journal, but has not been fully edited Content may change prior to final publication Citation information: DOI 101109/TCCN20172702163,
More informationInfluential OS Research Security. Michael Raitza
Influential OS Research Security Michael Raitza raitza@os.inf.tu-dresden.de 1 Security recap Various layers of security Application System Communication Aspects of security Access control / authorization
More informationAuthenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas
Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas Massachusetts Institute of Technology November 8th, CCSW 2013 Cloud Storage Model
More informationCoordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android
Coordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android 5.9.4.1 1 Executive summary Researchers of MRG Effitas tested the AVG AntiVirus Free Android application. During use, we came across
More informationVidder PrecisionAccess
Vidder PrecisionAccess Transparent Multi-Factor Authentication June 2015 910 E HAMILTON AVENUE. SUITE 430. CAMPBELL, CA 95008 P: 408.418.0440 F: 408.706.5590 WWW.VIDDER.COM Table of Contents I. Overview...
More informationTRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE Florian Olschewski
TRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE 14.11.2018 Florian Olschewski 1 OUTLINE 1) Introduction 2) Trustzone 3) Threat Model 4) Overview 5) Runtime System 6) Implementation
More informationCoordinated Disclosure of Vulnerabilities in McAfee Security Android
Coordinated Disclosure of Vulnerabilities in McAfee Security Android 4.8.0.370 1 Executive summary Researchers of MRG Effitas tested the McAfee Security Android application. During use, we came across
More informationDiscount Kaspersky PURE 3.0 internet download software for windows 8 ]
Discount Kaspersky PURE 3.0 internet download software for windows 8 ] Description: Extended benefits Award-winning protection against all types of Internet threats Online shopping, banking and social
More informationCIS 6930/4930 Computer and Network Security. Topic 6. Authentication
CIS 6930/4930 Computer and Network Security Topic 6. Authentication 1 Authentication Authentication is the process of reliably verifying certain information. Examples User authentication Allow a user to
More informationTrust Enhanced Cryptographic Role-based Access Control for Secure Cloud Data Storage
1 Trust Enhanced Cryptographic Role-based Access Control for Secure Cloud Data Storage Lan Zhou,Vijay Varadharajan,and Michael Hitchens Abstract Cloud data storage has provided significant benefits by
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationFundamentals of HW-based Security
Fundamentals of HW-based Security Udi Maor CryptoCell-7xx Product Manager Systems and SW Group ARM Tech Forum 2016 - Korea Jun. 28, 2016 What is system security design? Every system design will require
More informationCisco Encrypted Traffic Analytics Security Performance Validation
Cisco Encrypted Traffic Analytics Security Performance Validation March 2018 DR180222D Miercom.com www.miercom.com Contents 1.0 Executive Summary... 3 2.0 About the Product Tested... 5 3.0 How We Did It...
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationLevel 2 Cambridge Technical in IT
Level 2 Cambridge Technical in IT Unit 2: Essentials of cyber security Sample assessment material Time: 1 hour This test is a computer based test and will be completed using Surpass on OCR Secure Assess
More informationZimperium Global Threat Data
Zimperium Global Threat Report Q2-2017 700 CVEs per Year for Mobile OS 500 300 100 07 08 09 10 11 12 13 14 15 16 17 Outdated ios Outdated ANDROID 1 of 4 Devices Introduces Unnecessary Risk 1 out of 50
More informationUses of Cryptography
Uses of Cryptography What can we use cryptography for? Lots of things Secrecy Authentication Prevention of alteration Page 1 Cryptography and Secrecy Pretty obvious Only those knowing the proper keys can
More informationSharing-based Privacy and Availability of. Laboratoire ERI C. Cloud Data Warehouses. Varunya ATTASENA Nouria HARBI Jérôme DARMONT
Laboratoire ERI C Varunya ATTASENA Nouria HARBI Jérôme DARMONT Sharing-based Privacy and Availability of Cloud Data Warehouses Introduction Business intelligence (BI) and data analytics have been an ever-growing
More informationCISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues
CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security A Brief Overview of Security & Privacy Issues 1 Topics to Be Covered Cloud computing RFID systems Bitcoin
More informationMOBILE THREAT LANDSCAPE. February 2018
MOBILE THREAT LANDSCAPE February 2018 WHERE DO MOBILE THREATS COME FROM? In 2017, mobile applications have been a target of choice for hackers to access and steal data, with 86% of mobile threats coming
More informationAnd Then There Were More:
David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationCOMPUTER ORGANIZATION AND DESI
COMPUTER ORGANIZATION AND DESIGN 5 Edition th The Hardware/Software Interface Chapter 4 The Processor 4.1 Introduction Introduction CPU performance factors Instruction count Determined by ISA and compiler
More informationTHIRD PARTY AUDITING FOR SECURE DATA STORAGE IN CLOUD THROUGH DIGITAL SIGNATURE USING RSA
THIRD PARTY AUDITING FOR SECURE DATA STORAGE IN CLOUD THROUGH DIGITAL SIGNATURE USING RSA ABSTRACT K.Govinda #1, V.Gurunathaprasad #2, H.Sathishkumar #3 Cloud computing is the way of providing computing
More informationPrivacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing
S.NO PROJECT CODE IEEE JAVA PROJECT TITLES DOMAIN 1 NEO1501 A Hybrid Cloud Approach for Secure Authorized Deduplication 2 NEO1502 A Profit Maximization Scheme with Guaranteed Quality of Service in Cloud
More informationPrivate Set Intersection for Unequal Set Sizes with Mobile Applications
Private Set Intersection for Unequal Set Sizes with Mobile Applications (Full Version) Ágnes Kiss 1, Jian Liu 2, Thomas Schneider 1, N. Asokan 2, Benny Pinkas 3 1 TU Darmstadt, Germany {agnes.kiss, thomas.schneider}@crisp-da.de
More informationKaspersky Small Office Security 5. Product presentation
Kaspersky Small Office Security 5 Product presentation CONTENTS 1 Target audience challenges and product info 3 Selling tips 2 4 Product overview Competitive overview 2 SMALL COMPANIES CHALLENGES General
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationPrivacy Preserving Collaborative Filtering
Privacy Preserving Collaborative Filtering Emily Mu, Christopher Shao, Vivek Miglani May 2017 1 Abstract As machine learning and data mining techniques continue to grow in popularity, it has become ever
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationAn Introduction to Digital Identity
1 An Introduction to Digital Identity Andreas Pfitzmann Dresden University of Technology, Department of Computer Science, D-01062 Dresden Nöthnitzer Str. 46, Room 3071 Phone: +49 351 463-38277, e-mail:
More informationSecuring cross-border exchange of ehealth data in the EU
Securing cross-border exchange of ehealth data in the EU Ioannis Komnios KONFIDO Project Coordinator EXUS Software Ltd, NCSR "Demokritos", Athens, Greece KONFIDO means Trust in Esperanto 2 KONFIDO Consortium
More informationSecure Remote Storage Using Oblivious RAM
Secure Remote Storage Using Oblivious RAM Giovanni Malloy Mentors: Georgios Kellaris, Kobbi Nissim August 11, 2016 Abstract Oblivious RAM (ORAM) is a protocol that allows a user to access the data she
More informationSecure Multi-party Computation
Secure Multi-party Computation What it is, and why you d care Manoj Prabhakaran University of Illinois, Urbana-Champaign SMC SMC SMC conceived more than 30 years back SMC SMC conceived more than 30 years
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More information