Geo-tagging and privacy-preservation in mobile cloud computing

With the emerge of the cloud computing service and the explosive growth of the mobile devices and applications, mobile computing technologies and cloud computing technologies have been drawing significant attentions. Mobile cloud computing, with the synergy between the cloud and mobile technologies, has brought us new opportunities to develop novel and practical systems such as mobile multimedia systems and cloud systems that provide collaborative data-mining services for data from disparate owners (e.g., mobile users). However, it also creates new challenges, e.g., the algorithms deployed in the computationally weak mobile device require higher efficiency, and introduces new problems such as the privacy concern when the private data is shared in the cloud for collaborative data-mining. The main objectives of this dissertation are: 1. to develop practical systems based on the unique features of mobile devices (i.e., all-in-one computing platform and sensors) and the powerful computing capability of the cloud; 2. to propose solutions protecting the data privacy when the data from disparate owners are shared in the cloud for collaborative data-mining. We first propose a mobile geo-tagging system. It is a novel, accurate and efficient image and video based remote target localization and tracking system using the Android smartphone. To cope with the smartphones' computational limitation, we design light-weight image/video processing algorithms to achieve a good balance between estimation accuracy and computational complexity. Our system is first of its kind and we provide first hand real-world experimental results, which demonstrate that our system is feasible and practicable. To address the privacy concern when data from disparate owners are shared in the cloud for collaborative data-mining, we then propose a generic compressive sensing (CS) based secure multiparty computation (MPC) framework for privacy-preserving collaborative data-mining in which data mining is performed in the CS domain. We perform the CS transformation and reconstruction processes with MPC protocols. We modify the original orthogonal matching pursuit algorithm and develop new MPC protocols so that the CS reconstruction process can be implemented using MPC. Our analysis and experimental results show that our generic framework is capable of enabling privacy preserving collaborative data-mining. The proposed framework can be applied to many privacy preserving collaborative data-mining and signal processing applications in the cloud. We identify an application scenario that requires simultaneously performing secure watermark detection and privacy preserving multimedia data storage. We further propose a privacy preserving storage and secure watermark detection framework by adopting our generic framework to address such a requirement. In our secure watermark detection framework, the multimedia data and secret watermark pattern are presented to the cloud for secure watermark detection in a compressive sensing domain to protect the privacy. We also give mathematical and statistical analysis to derive the expected watermark detection performance in the compressive sensing domain, based on the target image, watermark pattern and the size of the compressive sensing matrix (but without the actual CS matrix), which means that the watermark detection performance in the CS domain can be estimated during the watermark embedding process. The correctness of the derived performance has been validated by our experiments. Our theoretical analysis and experimental results show that secure watermark detection in the compressive sensing domain is feasible. By taking advantage of our mobile geo-tagging system and compressive sensing based privacy preserving data-mining framework, we develop a mobile privacy preserving collaborative filtering system. In our system, mobile users can share their personal data with each other in the cloud and get daily activity recommendations based on the data-mining results generated by the cloud, without leaking the privacy and secrecy of the data to other parties. Experimental results demonstrate that the proposed system is effective in enabling efficient mobile privacy preserving collaborative filtering services.Includes bibliographical references (pages 126-133)

Enabling Privacy and Trust in Edge AI Systems

Recent advances in mobile computing and the Internet of Things (IoT) enable the global integration of heterogeneous smart devices via wireless networks. A common characteristic across these modern day systems is their ability to collect and communicate streaming data, making machine learning (ML) appealing for processing, reasoning, and predicting about the environment. More recently, low network latency requirements have made offloading intelligence to the cloud undesirable. These novel requirements have led to the emergence of edge computing, an approach that brings computation closer to the device with low latency, high throughput, and enhanced reliability. Together, they enable ML-powered information processing and control pipelines spanning end devices, edge computing, and cloud environments. However, continuous collaboration between cloud, edge and device is susceptible to information leakage and loss, leading to insecure and unreliable operation. This raises an important question: how can we design, develop, and evaluate high-performing ML systems that are trustworthy and privacy-preserving in resource-constrained edge environments? In this thesis, I address this question by designing and implementing privacy-preserving and trustworthy ML systems for distributed applications. I first introduce a system that establishes trust in the explanations generated from a popular visualization technique, saliency maps, using counterfactual reasoning. Through the proposed evaluation system, I assess the degree to which hypothesized explanations correspond to the semantics of edge-based reinforcement learning environments. Second, I examine the privacy implications of personalized models in distributed mobile services by proposing time-series based model inversion attacks. To thwart such attacks, I present a distributed framework, Pelican, that learns and deploys transfer learning-based personalized ML models in a privacy preserving manner on resource-constrained mobile devices. Third, I investigate ML models that are deployed on local devices for inference and highlight the ease with which proprietary information embedded in these models can be exposed. For mitigating such attacks, I present a secure on-device application framework, SODA, which is supported by real-time adversarial detection. Finally, I present an end-to-end privacy-aware system for a real-world application to model group interaction behavior via mobility sensing. The proposed system, W4-Groups, distributes computation across device, edge, and cloud resources to strengthen its privacy and trustworthiness guarantees

Multimodal Indexable Encryption for Mobile Cloud-based Applications (Extended Version)

In this paper we propose MIE, a Multimodal Indexable Encryption framework that for the first time allows mobile applications to securely outsource the storage and search of their multimodal data (i.e. data containing multiple media formats) to public clouds with privacy guarantees. MIE is designed as a distributed framework architecture, leveraging on shared cloud repositories that can be accessed simultaneously by multiple users. At its core MIE relies on Distance Preserving Encodings (DPE), a novel family of encoding algorithms with cryptographic properties that we also propose. By applying DPE to multimodal data features, MIE enables high-cost clustering and indexing operations to be handled by cloud servers in a privacy-preserving way. Experiments show that MIE achieves better performance and scalability when compared with the state of art, with measurable impact on mobile resources and battery life

PAAL : a framework based on authentication, aggregation, and local differential privacy for internet of multimedia things

Internet of Multimedia Things (IoMT) applications generate huge volumes of multimedia data that are uploaded to cloud servers for storage and processing. During the uploading process, the IoMT applications face three major challenges, i.e., node management, privacy-preserving, and network protection. In this article, we propose a multilayer framework (PAAL) based on a multilevel edge computing architecture to manage end and edge devices, preserve the privacy of end-devices and data, and protect the underlying network from external attacks. The proposed framework has three layers. In the first layer, the underlying network is partitioned into multiple clusters to manage end-devices and level-one edge devices (LOEDs). In the second layer, the LOEDs apply an efficient aggregation technique to reduce the volumes of generated data and preserve the privacy of end-devices. The privacy of sensitive information in aggregated data is protected through a local differential privacy-based technique. In the last layer, the mobile sinks are registered with a level-two edge device via a handshaking mechanism to protect the underlying network from external threats. Experimental results show that the proposed framework performs better as compared to existing frameworks in terms of managing the nodes, preserving the privacy of end-devices and sensitive information, and protecting the underlying network. © 2014 IEEE

A framework for privacy aware design in future mobile applications

Mobile communications and applications play an important role in connecting people ubiquitously across different domain spaces due to their portable nature and easy accessibility. Mobile applications have drastically changed the way businesses are run by bringing them closer to their customers. Businesses today are connected to cloud based-tools, which makes it easier to start and run a business. Furthermore, mobile applications have changed the way we communicate with each other in our daily lives. They have increasingly been deployed by companies to help with, among other things, the management of business efficiency, ease in accessing information, simplifying communication and the provision of user-friendly applications. The number of mobile devices is increasing exponentially, it is estimated that 1.5 billion devices are available to the public worldwide. In addition, there is a multitude of operating systems running on these devices, all running on different architectures and configurations. The diversity of the different versions of applications that need to be constantly updated as they become outdated makes mobile applications highly susceptible to security and privacy flaws. Until recently, privacy has not been the main centre of interest within the design of mobile applications. Although, a number of privacy preserving solutions have been developed to improve privacy, existing research solutions adopt static design models which are not suitable for mobile applications. There is a significant gap between having common practices for designing and implementing privacy-preserving methods due to the cross-disciplinary nature of mobile applications. Most importantly, personal data are constantly collected and shared with unknown recipients. This is a challenging problem as users are not aware of how their data is used and shared without their consent. Furthermore, existing privacy policies are not stringently implemented during application development. Application designers do not comply with regulations envisaged by data protection regulation bodies. To investigate the problem domain, this thesis takes a bottom-up approach and contributes by analyzing current mobile applications to determine the integration of privacy mechanisms and privacy policies at the application level. We should however note that, the focus of this work contributes to the knowledge related to designing of holistic privacy preserving mobile applications and not the implementation aspect. Furthermore, this thesis introduces a novel privacy trade-off analysis framework that enables the design of privacy-aware applications. A privacy trade-off analysis generates a design solution that best suits an application's privacy goals and requirements. To demonstrate the privacy-aware framework, TRANK, two prototypes in the eHealth domain and the V2X Telematics domain, that integrate privacy-preserving technologies in modern mobile applications have been implemented and tested. Our implementation takes into consideration the trade-off between privacy, functionality and performance to provide a better privacy-aware application. The resulting system enables users to choose which data are to be collected about them. In this way, users can easily opt in and out of the application without having to give up all their personally identifiable information whenever they choose to, thus, enhance their overall privacy preservation. To the best of our knowledge our framework and the results in this thesis out perform the existing state of-the-art privacy preserving solutions. The privacy-enhancing technologies employed and the privacy-by-design mechanisms introduced at the initial stages of development thus, aid the improvement of privacy in mobile applications