8,334 research outputs found
Data Leak Detection As a Service: Challenges and Solutions
We describe a network-based data-leak detection (DLD)
technique, the main feature of which is that the detection
does not require the data owner to reveal the content of the
sensitive data. Instead, only a small amount of specialized
digests are needed. Our technique – referred to as the fuzzy
fingerprint – can be used to detect accidental data leaks due
to human errors or application flaws. The privacy-preserving
feature of our algorithms minimizes the exposure of sensitive
data and enables the data owner to safely delegate the
detection to others.We describe how cloud providers can offer
their customers data-leak detection as an add-on service
with strong privacy guarantees.
We perform extensive experimental evaluation on the privacy,
efficiency, accuracy and noise tolerance of our techniques.
Our evaluation results under various data-leak scenarios
and setups show that our method can support accurate
detection with very small number of false alarms, even
when the presentation of the data has been transformed. It
also indicates that the detection accuracy does not degrade
when partial digests are used. We further provide a quantifiable
method to measure the privacy guarantee offered by our
fuzzy fingerprint framework
Security for 5G Mobile Wireless Networks
The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use cases in 5G wireless networks are then summarized. The recent development and the existing schemes for the 5G wireless security are presented based on the corresponding security services including authentication, availability, data confidentiality, key management and privacy. The paper further discusses the new security features involving different technologies applied to 5G such as heterogeneous networks, device-to-device communications, massive multiple-input multiple-output, software defined networks and Internet of Things. Motivated by these security research and development activities, we propose a new 5G wireless security architecture, based on which the analysis of identity management and flexible authentication is provided. As a case study, we explore a handover procedure as well as a signaling load scheme to show the advantage of the proposed security architecture. The challenges and future directions of 5G wireless security are finally summarized
PA-iMFL: Communication-Efficient Privacy Amplification Method against Data Reconstruction Attack in Improved Multi-Layer Federated Learning
Recently, big data has seen explosive growth in the Internet of Things (IoT).
Multi-layer FL (MFL) based on cloud-edge-end architecture can promote model
training efficiency and model accuracy while preserving IoT data privacy. This
paper considers an improved MFL, where edge layer devices own private data and
can join the training process. iMFL can improve edge resource utilization and
also alleviate the strict requirement of end devices, but suffers from the
issues of Data Reconstruction Attack (DRA) and unacceptable communication
overhead. This paper aims to address these issues with iMFL. We propose a
Privacy Amplification scheme on iMFL (PA-iMFL). Differing from standard MFL, we
design privacy operations in end and edge devices after local training,
including three sequential components, local differential privacy with Laplace
mechanism, privacy amplification subsample, and gradient sign reset.
Benefitting from privacy operations, PA-iMFL reduces communication overhead and
achieves privacy-preserving. Extensive results demonstrate that against
State-Of-The-Art (SOTA) DRAs, PA-iMFL can effectively mitigate private data
leakage and reach the same level of protection capability as the SOTA defense
model. Moreover, due to adopting privacy operations in edge devices, PA-iMFL
promotes up to 2.8 times communication efficiency than the SOTA compression
method without compromising model accuracy.Comment: 12 pages, 11 figure
Smart Metering System: Developing New Designs to Improve Privacy and Functionality
This PhD project aims to develop a novel smart metering system that plays a dual role: Fulfil basic functions (metering, billing, management of demand for energy in grids) and protect households from privacy intrusions whilst enabling them a degree of freedom. The first two chapters of the thesis will introduce the research background and a detailed literature review on state-of-the-art works for protecting smart meter data. Chapter 3 discusses theory foundations for smart meter data analytics, including machine learning, deep learning, and information theory foundations. The rest of the thesis is split into two parts, ‘Privacy’ and ‘Functionality’, respectively. In the ‘Privacy’ part, the overall smart metering system, as well as privacy configurations, are presented. A threat/adversary model is developed at first. Then a multi-channel smart metering system is designed to reduce the privacy risks of the adversary. Each channel of the system is responsible for one functionality by transmitting different granular smart meter data. In addition, the privacy boundary of the smart meter data in the proposed system is also discovered by introducing a data mining algorithm. By employing the algorithm, a three-level privacy boundary is concluded. Furthermore, a differentially private federated learning-based value-added service platform is designed to provide flexible privacy guarantees to consumers and balance the trade-off between privacy loss and service accuracy. In the ‘Functionality’ part, three feeder-level functionalities: load forecasting, solar energy separation, and energy disaggregation are evaluated. These functionalities will increase thepredictability, visibility, and controllability of the distributed network without utilizing household smart meter data. Finally, the thesis will conclude and summarize the overall system and highlight the contributions and novelties of this project
- …