1,704 research outputs found
A Secure Federated Data-Driven Evolutionary Multi-objective Optimization Algorithm
Data-driven evolutionary algorithms usually aim to exploit the information
behind a limited amount of data to perform optimization, which have proved to
be successful in solving many complex real-world optimization problems.
However, most data-driven evolutionary algorithms are centralized, causing
privacy and security concerns. Existing federated Bayesian algorithms and
data-driven evolutionary algorithms mainly protect the raw data on each client.
To address this issue, this paper proposes a secure federated data-driven
evolutionary multi-objective optimization algorithm to protect both the raw
data and the newly infilled solutions obtained by optimizing the acquisition
function conducted on the server. We select the query points on a randomly
selected client at each round of surrogate update by calculating the
acquisition function values of the unobserved points on this client, thereby
reducing the risk of leaking the information about the solution to be sampled.
In addition, since the predicted objective values of each client may contain
sensitive information, we mask the objective values with Diffie-Hellmann-based
noise, and then send only the masked objective values of other clients to the
selected client via the server. Since the calculation of the acquisition
function also requires both the predicted objective value and the uncertainty
of the prediction, the predicted mean objective and uncertainty are normalized
to reduce the influence of noise. Experimental results on a set of widely used
multi-objective optimization benchmarks show that the proposed algorithm can
protect privacy and enhance security with only negligible sacrifice in the
performance of federated data-driven evolutionary optimization.Comment: This paper has been accepted by IEEE Transactions on Emerging Topics
in Computational Intelligence journa
The New South Wales iVote System: Security Failures and Verification Flaws in a Live Online Election
In the world's largest-ever deployment of online voting, the iVote Internet
voting system was trusted for the return of 280,000 ballots in the 2015 state
election in New South Wales, Australia. During the election, we performed an
independent security analysis of parts of the live iVote system and uncovered
severe vulnerabilities that could be leveraged to manipulate votes, violate
ballot privacy, and subvert the verification mechanism. These vulnerabilities
do not seem to have been detected by the election authorities before we
disclosed them, despite a pre-election security review and despite the system
having run in a live state election for five days. One vulnerability, the
result of including analytics software from an insecure external server,
exposed some votes to complete compromise of privacy and integrity. At least
one parliamentary seat was decided by a margin much smaller than the number of
votes taken while the system was vulnerable. We also found protocol flaws,
including vote verification that was itself susceptible to manipulation. This
incident underscores the difficulty of conducting secure elections online and
carries lessons for voters, election officials, and the e-voting research
community
- …