Jian Liu, Sara Ramezanian

Similar documents
Securing Cloud-assisted Services

arxiv: v4 [cs.cr] 17 Feb 2017

Demo Day 2015 N. Asokan, Tuomas Aura, Valtteri Niemi

Hardening Fingerprint Authentication Systems Using Intel s SGX Enclave Technology. Interim Progress Report

Machine Learning on Encrypted Data

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware

Kiss, Ágnes; Liu, Jian; Schneider, Thomas ; Asokan, N.; Pinkas, Benny Private Set Intersection for Unequal Set Sizes with Mobile Applications

Usable PIR. Network Security and Applied. Cryptography Laboratory.

How I Learned to Stop Worrying and Love the Internet of Things

TRUSTED COMPUTING TECHNOLOGIES

CSC 5930/9010 Cloud S & P: Cloud Primitives

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware

Security Using Digital Signatures & Encryption

Insight Frequently Asked Questions version 2.0 (8/24/2011)

Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices

Cache Side Channel Attacks on Intel SGX

Building Trust Despite Digital Personal Devices

SMART DEVICES: DO THEY RESPECT YOUR PRIVACY?

Report: Privacy-Preserving Classification on Deep Neural Network

Privacy Protected Spatial Query Processing

Private Set Intersection for Unequal Set Sizes with Mobile Applications

A Developer's Guide to Security on Cortex-M based MCUs

Phishing in the Age of SaaS

Cooperative Private Searching in Clouds

Information Security Research and Education at Aalto. N. Asokan

SentinelOne Technical Brief

HOST Authentication Overview ECE 525

Analysis of Partially and Fully Homomorphic Encryption

CLUSTERING is one major task of exploratory data. Practical Privacy-Preserving MapReduce Based K-means Clustering over Large-scale Dataset

AIT 682: Network and Systems Security

Authentication. Identification. AIT 682: Network and Systems Security

A Proposed Standard for Entity Attestation draft-mandyam-eat-00. Laurence Lundblade. November 2018

Breaking Hardware Wallets

BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX

A HIGH-PERFORMANCE OBLIVIOUS RAM CONTROLLER ON THE CONVEY HC-2EX HETEROGENEOUS COMPUTING PLATFORM

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

Privacy-Preserving Using Data mining Technique in Cloud Computing

Advanced Android Security APIs. KeyStore and Crypto VPN

Artificial Intelligence Drives the next Generation of Internet Security

Remote Data Checking: Auditing the Preservation Status of Massive Data Sets on Untrusted Store

Isolating Operating System Components with Intel SGX

Encrypted Deep Learning: A Guide to Privacy Preserving Speech Processing

Delegated Access for Hadoop Clusters in the Cloud

CIS 4360 Secure Computer Systems SGX

SE Labs Test Plan for Q Endpoint Protection : Enterprise, Small Business, and Consumer

Mohamed Grissa, Student Member, IEEE, Attila A. Yavuz, Member, IEEE, and Bechir Hamdaoui, Senior Member, IEEE

DISCLOSURE PROTECTION OF SENSITIVE ATTRIBUTES IN COLLABORATIVE DATA MINING V. Uma Rani *1, Dr. M. Sreenivasa Rao *2, V. Theresa Vinayasheela *3

Efficient Private Information Retrieval

Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. Yuanzhong Xu, Weidong Cui, Marcus Peinado

MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth Low-Energy. Yan Michalevsky, Suman Nath, Jie Liu

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Preserving Data Privacy in the IoT World

International Journal of Computer Science Trends and Technology (IJCST) Volume 5 Issue 4, Jul Aug 2017

Secure Role-Based Access Control on Encrypted Data in Cloud Storage using ARM

Securing IoT with the ARM mbed ecosystem

SGX BigMatrix A Practical Encrypted Data Analytic Framework with Trusted Processors

Security in Data Science

US Census Bureau Workshop on Multi-party Computing. David W. Archer, PhD 16-Nov-2017

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute

A Comparison Study of Intel SGX and AMD Memory Encryption Technology

Key Security Issues for implementation of Digital Currency, including ITU-T SG17 activities

ECE646 Fall Lab 1: Pretty Good Privacy. Instruction

PassBio: Privacy-Preserving User-Centric Biometric Authentication

Securing INSPIREd geodata cloud services with CLARUS. INSPIRE conference 2016 (Barcelona)

Location Privacy Preservation in Database-driven Wireless Cognitive Networks through Encrypted Probabilistic Data Structures

Influential OS Research Security. Michael Raitza

Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas

Coordinated Disclosure of Vulnerabilities in AVG Antivirus Free Android

Vidder PrecisionAccess

TRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE Florian Olschewski

Coordinated Disclosure of Vulnerabilities in McAfee Security Android

Discount Kaspersky PURE 3.0 internet download software for windows 8 ]

CIS 6930/4930 Computer and Network Security. Topic 6. Authentication

Trust Enhanced Cryptographic Role-based Access Control for Secure Cloud Data Storage

Secure Multiparty Computation

Fundamentals of HW-based Security

Cisco Encrypted Traffic Analytics Security Performance Validation

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD

Level 2 Cambridge Technical in IT

Zimperium Global Threat Data

Uses of Cryptography

Sharing-based Privacy and Availability of. Laboratoire ERI C. Cloud Data Warehouses. Varunya ATTASENA Nouria HARBI Jérôme DARMONT

CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues

MOBILE THREAT LANDSCAPE. February 2018

And Then There Were More:

Symantec Ransomware Protection

COMPUTER ORGANIZATION AND DESI

THIRD PARTY AUDITING FOR SECURE DATA STORAGE IN CLOUD THROUGH DIGITAL SIGNATURE USING RSA

Privacy Preserving Ranked Multi-Keyword Search for Multiple Data Owners in Cloud Computing

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Kaspersky Small Office Security 5. Product presentation

SentinelOne Technical Brief

Privacy Preserving Collaborative Filtering

CS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong

An Introduction to Digital Identity

Securing cross-border exchange of ehealth data in the EU

Secure Remote Storage Using Oblivious RAM

Secure Multi-party Computation

Threat Modeling. Bart De Win Secure Application Development Course, Credits to

Transcription:

CloSer WP2: Privacyenhancing Technologies Jian Liu, Sara Ramezanian

Overview Seek to understand how user privacy is impacted by cloud-assisted security services Develop a suite of privacy-enhancing technologies for ensuring privacy for end user and customer and organizational data in WP1 and other scenarios 2

Overview of CloSer PETs 1. Oblivious Neural Networks 2. Private Membership Test 3. Private Graph Search 3

Oblivious Neural Networks

Oblivious Neural Networks (ONN) Cloud-based prediction are increasingly popular but risk privacy: clients need to disclose potentially sensitive input data to server. 5

Oblivious Neural Networks (ONN) Cloud-based prediction are increasingly popular but risk privacy: clients need to disclose potentially sensitive input data to server. Our solution, OMaxNets, allows a neural network model to be made privacy-preserving server learns nothing about clients' input; clients learn nothing about the model. More general and significantly faster than state-of-the-art 6

Oblivious Neural Networks (ONN) Applicable scenarios Android App reputation assessment (cf. F-Secure usage scenario) Fake base station detection (cf. Nokia usage scenario) Website reputation (cf. F-Secure usage scenario) 7

Machine learning as a service (MLaaS) input model input predictions Risk: violate clients privacy 8

Running predictions on client-side model model input model Risks: difficult to update model competitors may steal model attacker can exploit model to circumvent security applications may reveal training data 9

State-of-the-art: CryptoNets model encrypted input encrypted predictions Risks: high overhead: 297.5s and 372MB, due to fully homomorphic encryption only toy activation function, low-degree polynomials 10

Our approach encrypted input model oblivious protocols encrypted predictions Benefits Low overhead: Additively homomorphic encryption Secure two-party computation Generic Supports ReLU and Maxpooling Models Latencey (s) Message sizes (MB) Accuracy % MNIST 3.86 38.58 97.88 NORB 16.08 114.28 91.62 CIFAR-10 755.90 542.60 81.61 11

Our approach encrypted input model oblivious protocols encrypted predictions Benefits Low overhead: Additively homomorphic encryption Secure two-party computation Generic Supports ReLU and Maxpooling Models Latencey (s) Message sizes (MB) Accuracy % MNIST 3.86 38.58 97.88 NORB 16.08 114.28 91.62 CIFAR-10 755.90 542.60 81.61 Poster and demo this afternoon 12

Private Membership Test

Private membership test The problem: How to preserve end user privacy when querying cloud-hosted databases? q? x 1 x 2 x 3 x n User Lookup Server c 14

Private membership test Applicable scenarios Android App reputation assessment (cf. F-Secure usage scenario) Fake base station detection (cf. Nokia usage scenario) Website reputation (cf. F-Secure usage scenario) 15

Private Membership Test with Trusted Hardware Trusted Execution Environments (TEEs) are ubiquitous ARM TrustZone, Intel SGX, Can TEEs provide a practical solution for Private Membership Test? 16

Carousel approach REE Lookup Server TEE Dictionary provider x 1 x 2... x n Dictionary: X Encode Untrusted application y 1 y 2... y m Trusted application r = ( q Y ) Dictionary representation: Y Query representation Mobile device A h(apk) Query: q Query buffer User Response: r Response buffer Secure channel with remote attestation 17

Performance: Steady State Query Arrival Breakdown points Kinibi on ARM TrustZone Intel SGX 18

Performance: Steady State Query Arrival Breakdown points Kinibi on ARM TrustZone Intel SGX Received an Honorable Mention in the best paper competition at the ACM ASIACCS 2017, Abu Dhabi, UAE Poster this afternoon 19

c Private Membership Test with Crypto (1) q? x 1 x 2 x 3 x n k User E(x 1 ) E(x 2 ) E(x 3 ) E(x n ) {H i } 1 0 1 0 20 2 0 220 0 20

c Private Membership Test with Crypto (1) q? x 1 x 2 x 3 x n User 1 0 1 0 21 21

c Private Membership Test with Crypto (1) q? q k x 1 x 2 x 3 x n User E(q) Blind Signature 1 0 1 0 22 22

Part 2: Private Membership Test with Cryptographic Protocols

Bloom Filter and Cuckoo Filter Bloom filter and Cuckoo filter are probabilistic space-efficient data structures. Used to test whether an item is a member of a set. A query from these filters may result in False Positive (but never False Negative). Suitable to store big databases. 24

Server Private Membership Test with Homomorphic Encryption Divides its database into 2 2a different subsets. Inserts each subset into a Bloom/Cuckoo filter. Divides the filter to b fragments. Arranges b matrices of size 2 a 2 a with fragments of the filters as elements. 2 a 2 a 2 a 2 a Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 25

Private Membership Test with Homomorphic Encryption Client encrypts the indices of the item x as (α i ) and (β j ), sends these vectors to the Server. 2 a 2 a 2 a 2 a α 1 = E 1, α 2 = E 0, α 3 = E 0,, α 2 a = E 0 β 1 = E 0, β 2 = E 1, β 3 = E 0,, β 2 a = E 0 Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 26

Private Membership Test with Homomorphic Encryption Homomorphic encryption allows server to search in the matrix without knowledge of client s private key. Server sends the result to Client. Client decrypts the result. Outcome: Retrieves a Bloom/Cuckoo filter. Now, the client can query the item x through this filter. Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 27

Privacy-Preserving Anti-malware Services Scenario: A Server holds a database of 2 21 malware fingerprints. The database is approximately 40 MB. A client wants to check whether his/her file is clean, without revealing it to the server. Sara Ramezanian, Tommi Meskanen, Masoud Naderpour, Valtteri Niemi. Private Membership Test Protocols with Low Communication Complexity 28

Anti-malware Services with PMT Protocols Communication Complexities Client sends 8KB data to the Server. Server sends 16KB data to the Client. Time Complexities Client spends 1.8s to generate (α i ) and (β j ). Server spends 0.9s to calculate the result. The execution time depends on the processor which has been used to perform the computation. We used an x86-64 Intel Core i5 processor clocked at 2.7 GHz with a 4 MB L3 cache. Poster and demo this afternoon 29

Private graph search Two lists of triplets: (user, host, fingerprint) and (fingerprint, user, host) These define trust relations between users on different hosts. This database can be illustrated as a directed graph. (User,Host) Fingerprints (User,Host) 30

Private graph search What kind of paths can be found in the graph? We would like to use a cloud not allowed to know the graph. An entity is able to query the cloud if there is a path from A to B in the graph. Nobody else should learn the answer (not cloud, not graph owner). 31

Trust relations Between Users (User,Host) (User,Host) 32

Graph of User-Host pairs (User,Host) C A D B E F 33

Transitive Closure Graph of User-Host pairs (User,Host) C A D B E F 34

Transitive Closure Graph of Fingerprints The same process can be done for fingerprints: Fingerprints 35

Transitive Closure Matrix of User-Host pairs (User,Host) A B C D E F A B C D E F 1 1 1 0 0 0 0 1 1 0 0 0 0 0 1 0 0 0 0 0 1 1 1 1 0 0 0 0 1 1 0 0 0 0 0 1 A C D E B F 36

Queries on Transitive Closure 1) Encrypted graph matrix (*) There are three parties: Owner of the graph, the Querier and the Cloud (*)Meskanen, T., Liu, J., Ramezanian, S., & Niemi, V. (2015, August). Private membership test for bloom filters. In Trustcom/BigDataSE/ISPA 37

Conclusion Oblivious neural networks for privacy-preserving predictions poster / demo Two private membership test schemes for privacy-preserving malware checking Crypto based solution: poster / demo / paper (under submission) Hardware security based solution: poster / paper (AsiaCCS 17) Private graph search for cloud-assisted trust relation databases 38

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback