k-Nearest Neighbor Classification over Semantically Secure Encrypted Relational Data

Data Mining has wide applications in many areas such as banking, medicine, scientific research and among government agencies. Classification is one of the commonly used tasks in data mining applications. For the past decade, due to the rise of various privacy issues, many theoretical and practical solutions to the classification problem have been proposed under different security models. However, with the recent popularity of cloud computing, users now have the opportunity to outsource their data, in encrypted form, as well as the data mining tasks to the cloud. Since the data on the cloud is in encrypted form, existing privacy preserving classification techniques are not applicable. In this paper, we focus on solving the classification problem over encrypted data. In particular, we propose a secure k-NN classifier over encrypted data in the cloud. The proposed k-NN protocol protects the confidentiality of the data, user's input query, and data access patterns. To the best of our knowledge, our work is the first to develop a secure k-NN classifier over encrypted data under the semi-honest model. Also, we empirically analyze the efficiency of our solution through various experiments.Comment: 29 pages, 2 figures, 3 tables arXiv admin note: substantial text overlap with arXiv:1307.482

Vulnerability Assessment and Privacy-preserving Computations in Smart Grid

Modern advances in sensor, computing, and communication technologies enable various smart grid applications which highlight the vulnerability that requires novel approaches to the field of cybersecurity. While substantial numbers of technologies have been adopted to protect cyber attacks in smart grid, there lacks a comprehensive review of the implementations, impacts, and solutions of cyber attacks specific to the smart grid.In this dissertation, we are motivated to evaluate the security requirements for the smart grid which include three main properties: confidentiality, integrity, and availability. First, we review the cyber-physical security of the synchrophasor network, which highlights all three aspects of security issues. Taking the synchrophasor network as an example, we give an overview of how to attack a smart grid network. We test three types of attacks and show the impact of each attack consisting of denial-of-service attack, sniffing attack, and false data injection attack.Next, we discuss how to protect against each attack. For protecting availability, we examine possible defense strategies for the associated vulnerabilities.For protecting data integrity, a small-scale prototype of secure synchrophasor network is presented with different cryptosystems. Besides, a deep learning based time-series anomaly detector is proposed to detect injected measurement. Our approach observes both data measurements and network traffic features to jointly learn system states and can detect attacks when state vector estimator fails.For protecting data confidentiality, we propose privacy-preserving algorithms for two important smart grid applications. 1) A distributed privacy-preserving quadratic optimization algorithm to solve Security Constrained Optimal Power Flow (SCOPF) problem. The SCOPF problem is decomposed into small subproblems using the Alternating Direction Method of Multipliers (ADMM) and gradient projection algorithms. 2) We use Paillier cryptosystem to secure the computation of the power system dynamic simulation. The IEEE 3-Machine 9-Bus System is used to implement and demonstrate the proposed scheme. The security and performance analysis of our implementations demonstrate that our algorithms can prevent chosen-ciphertext attacks at a reasonable cost

Privacy in the Genomic Era

Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with traits and certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward

Privacy-preserving query processing over encrypted data in cloud

The query processing of relational data has been studied extensively throughout the past decade. A number of theoretical and practical solutions to query processing have been proposed under various scenarios. With the recent popularity of cloud computing, data owners now have the opportunity to outsource not only their data but also data processing functionalities to the cloud. Because of data security and personal privacy concerns, sensitive data (e.g., medical records) should be encrypted before being outsourced to a cloud, and the cloud should perform query processing tasks on the encrypted data only. These tasks are termed as Privacy-Preserving Query Processing (PPQP) over encrypted data. Based on the concept of Secure Multiparty Computation (SMC), SMC-based distributed protocols were developed to allow the cloud to perform queries directly over encrypted data. These protocols protect the confidentiality of the stored data, user queries, and data access patterns from cloud service providers and other unauthorized users. Several queries were considered in an attempt to create a well-defined scope. These queries included the k-Nearest Neighbor (kNN) query, advanced analytical query, and correlated range query. The proposed protocols utilize an additive homomorphic cryptosystem and/or a garbled circuit technique at different stages of query processing to achieve the best performance. In addition, by adopting a multi-cloud computing paradigm, all computations can be done on the encrypted data without using very expensive fully homomorphic encryptions. The proposed protocols\u27 security was analyzed theoretically, and its practicality was evaluated through extensive empirical results --Abstract, page iii

EXPLORING CONFIDENTIALITY AND PRIVACY OF IMAGE IN CLOUD COMPUTING

With the increasing popularity of cloud computing, clients are storing their data in cloud servers and are using “software as a service” for computing services. However, clients’ data may be sensitive, critical, and private, and processing such data with cloud servers may result in losing data privacy or compromising data confidentiality. Some cloud servers may be dishonest, while malicious entities may compromise others. In order to protect data privacy and confidentiality, clients need to be able to hide their actual data values and send the obfuscated values to cloud servers. This thesis deals with the outsourcing of computing to cloud servers, in which clients’ images can be computed and stored. This thesis proposes a technique that obfuscates images before sending them to servers, so these servers can perform computations on images without knowing the actual images. The proposed technique is expected to ensure data privacy and confidentiality. Servers will not be able to identify an individual whose images are stored and manipulated by the server. In addition, our approach employs an obfuscating technique to maintain the confidentiality of images, allowing cloud servers to compute obfuscated data accurately without knowing the actual data value, thus supporting privacy and confidentiality. The proposed approach is based on the Rabin block cipher technique, which has some weaknesses, however. The main drawback is its decryption technique, which results in four values, and only one of these values represents the actual value of plain data. Another issue is that the blocking technique requires a private key for each block that requires a high-computing effort; requiring one private key for each block of data demands that a great number of keys be stored by the client. As a result, it decreases the robustness of the Rabin block cipher. This thesis proposes additional techniques to overcome some of the weaknesses of the Rabin block cipher by introducing some new features, such as tokenization, a digit counter, and a set of blocks. The new technique increases the privacy of data and decreases the computational complexity by requiring fewer private keys. The new features have been implemented in image processing in order to demonstrate their applicability. However, in order to apply our approach to images, we must first apply some preprocessing techniques on images to make them applicable to being obfuscated by our proposed obfuscating system

Using Spammers\u27 Computing Resources for Volunteer Computing

Spammers are continually looking to circumvent counter-measures seeking to slow them down. An immense amount of time and money is currently devoted to hiding spam, but not enough is devoted to effectively preventing it. One approach for preventing spam is to force the spammer\u27s machine to solve a computational problem of varying difficulty before granting access. The idea is that suspicious or problematic requests are given difficult problems to solve while legitimate requests are allowed through with minimal computation. Unfortunately, most systems that employ this model waste the computing resources being used, as they are directed towards solving cryptographic problems that provide no societal benefit. While systems such as reCAPTCHA and FoldIt have allowed users to contribute solutions to useful problems interactively, an analogous solution for non-interactive proof-of-work does not exist. Towards this end, this paper describes MetaCAPTCHA and reBOINC, an infrastructure for supporting useful proof-of-work that is integrated into a web spam throttling service. The infrastructure dynamically issues CAPTCHAs and proof-of-work puzzles while ensuring that malicious users solve challenging puzzles. Additionally, it provides a framework that enables the computational resources of spammers to be redirected towards meaningful research. To validate the efficacy of our approach, prototype implementations based on OpenCV and BOINC are described that demonstrate the ability to harvest spammer\u27s resources for beneficial purposes

Efficient and Secure Delegation of Exponentiation in General Groups to a Single Malicious Server

Group exponentiation is an important and relatively expensive operation used in many public-key cryptosystems and, more generally, cryptographic protocols. To expand the applicability of these solutions to computationally weaker devices, it has been advocated that this operation is delegated from a computationally weaker client to a computationally stronger server. Solving this problem in the case of a single, possibly malicious, server, has remained open since the introduction of a formal model. In previous work we have proposed practical and secure solutions applicable to two classes of specific groups, related to well-known cryptosystems. In this paper, we investigate this problem in a general class of multiplicative groups, possibly going beyond groups currently subject to quantum cryptanalysis attacks. Our main results are efficient delegation protocols for exponentiation in these general groups. The main technique in our results is a reduction of the protocol's security probability (i.e., the probability that a malicious server convinces a client of an incorrect exponentiation output) that is more efficient than by standard parallel repetition. The resulting protocols satisfy natural requirements such as correctness, security, privacy and efficiency, even if the adversary uses the full power of quantum computers. In particular, in our protocols the client performs a number of online group multiplications smaller by 1 to 2 orders of magnitude than in a non-delegated computation

Secure multi-party based cloud computing framework for statistical data analysis of encrypted data

Secure Multi-party Computation (SMC) is a paradigm used to accomplish a common computation among multiple users while keeping the data of each party secret from others. In recent years there has been a keen interest among the research community to look for techniques that can be adopted for the evolvement of SMC based solutions for improving its e ciency and performance. Cloud computing is a next generation computing solution in the eld of Information and Communication Technology (ICT) which allows its users to use high speed infrastructure and services provided by Cloud Service Providers (CSP) in a cost e ective manner with a higher availability. There- fore, deployment of cloud based architecture for SMCs would aid in improving its performance and e ciency. However, cloud based solutions raises concerns over secu- rity of users' private data, since data is handled by an external party that cannot be trusted. Hence, it is necessary to incorporate necessary security measures to ensure the security of users' private data. In this master's thesis we have addressed this issue by proposing a Secure Multi- party based Cloud Computing Framework which can ensure security, privacy and anonymity of users private data. In order to achieve this, we have formulated a case involving sales data analysis of a certain organization through computing statistical parameters of sales persons private sales data on a cloud environment. Furthermore, we have implemented a prototype of the proposed security framework which aids us to evaluate its performance. Moreover, considering the results that we have obtained, it is conclusive that cloud platforms can be successfully deployed to improve e ciency of SMCs while ensuring the security of users' private data; which in turn provides evidence for the practicability of multi-party based cloud computing solutions