CAPIA: Cloud Assisted Privacy-Preserving Image Annotation

Using public cloud for image storage has become a prevalent trend with the rapidly increasing number of pictures generated by various devices. For example, today\u27s most smartphones and tablets synchronize photo albums with cloud storage platforms. However, as many images contain sensitive information, such as personal identities and financial data, it is concerning to upload images to cloud storage. To eliminate such privacy concerns in cloud storage while keeping decent data management and search features, a spectrum of keywords-based searchable encryption (SE) schemes have been proposed in the past decade. Unfortunately, there is a fundamental gap remains open for their support of images, i.e., appropriate keywords need to be extracted for images before applying SE schemes to them. On one hand, it is obviously impractical for smartphone users to manually annotate their images. On the other hand, although cloud storage services now offer image annotation services, they rely on access to users\u27 unencrypted images. To fulfill this gap and open the first path from SE schemes to images, this paper proposes a cloud assisted privacy-preserving automatic image annotation scheme, namely CAPIA. CAPIA enables cloud storage users to automatically assign keywords to their images by leveraging the power of cloud computing. Meanwhile, CAPIA prevents the cloud from learning the content of images and their keywords. Thorough analysis is carried out to demonstrate the security of CAPIA. A prototype implementation over the well-known IAPR TC-12 dataset further validates the efficiency and accuracy of CAPIA

Efficient Privacy-Aware Imagery Data Analysis

The widespread use of smartphones and camera-coupled Internet of Thing (IoT) devices triggers an explosive growth of imagery data. To extract and process the rich contents contained in imagery data, various image analysis techniques have been investigated and applied to a spectrum of application scenarios. In recent years, breakthroughs in deep learning have powered a new revolution for image analysis in terms of effectiveness with high resource consumption. Given the fact that most smartphones and IoT devices have limited computational capability and battery life, they are not ready for the processing of computational intensive analytics over imagery data collected by them, especially when deep learning is involved. To resolve the bottleneck of computation, storage, and energy for these resource constrained devices, offloading complex image analysis to public cloud computing platforms has become a promising trend in both academia and industry. However, an outstanding challenge with public cloud is on the protection of sensitive information contained in many imagery data, such as personal identities and financial data. Directly sending imagery data to the public cloud can cause serious privacy concerns and even legal issues. In this dissertation, I propose a comprehensive privacy-preserving imagery data analysis framework which can be integrated in different application scenarios to assist image analysis for resource-constrained devices with efficiency, accuracy, and privacy protection. I first identify security challenges in the utilization of public cloud for image analysis. Then, I design and develop a set of novel solutions to address these challenges. These solutions will be featured by strong privacy guarantee, lightweight computation, low accuracy loss compared with image analysis without privacy protection. To optimize the communication overhead and resource utilization of using cloud computing, I investigate edge computing, which is a promising technique to ameliorate the high communication overhead in cloud-assisted architectures. Furthermore, to boost the performance of my solutions under both cloud and edge deployment, I also provide a set of pluggable enhancement modules to be applied to meet different requirements for various tasks. By exploring the features of edge computing and cloud computing, I flexibly incorporate them as a comprehensive framework to provide privacy-preserving image analysis services

Preserving Trustworthiness and Confidentiality for Online Multimedia

Technology advancements in areas of mobile computing, social networks, and cloud computing have rapidly changed the way we communicate and interact. The wide adoption of media-oriented mobile devices such as smartphones and tablets enables people to capture information in various media formats, and offers them a rich platform for media consumption. The proliferation of online services and social networks makes it possible to store personal multimedia collection online and share them with family and friends anytime anywhere. Considering the increasing impact of digital multimedia and the trend of cloud computing, this dissertation explores the problem of how to evaluate trustworthiness and preserve confidentiality of online multimedia data. The dissertation consists of two parts. The first part examines the problem of evaluating trustworthiness of multimedia data distributed online. Given the digital nature of multimedia data, editing and tampering of the multimedia content becomes very easy. Therefore, it is important to analyze and reveal the processing history of a multimedia document in order to evaluate its trustworthiness. We propose a new forensic technique called ``Forensic Hash", which draws synergy between two related research areas of image hashing and non-reference multimedia forensics. A forensic hash is a compact signature capturing important information from the original multimedia document to assist forensic analysis and reveal processing history of a multimedia document under question. Our proposed technique is shown to have the advantage of being compact and offering efficient and accurate analysis to forensic questions that cannot be easily answered by convention forensic techniques. The answers that we obtain from the forensic hash provide valuable information on the trustworthiness of online multimedia data. The second part of this dissertation addresses the confidentiality issue of multimedia data stored with online services. The emerging cloud computing paradigm makes it attractive to store private multimedia data online for easy access and sharing. However, the potential of cloud services cannot be fully reached unless the issue of how to preserve confidentiality of sensitive data stored in the cloud is addressed. In this dissertation, we explore techniques that enable confidentiality-preserving search of encrypted multimedia, which can play a critical role in secure online multimedia services. Techniques from image processing, information retrieval, and cryptography are jointly and strategically applied to allow efficient rank-ordered search over encrypted multimedia database and at the same time preserve data confidentiality against malicious intruders and service providers. We demonstrate high efficiency and accuracy of the proposed techniques and provide a quantitative comparative study with conventional techniques based on heavy-weight cryptography primitives

Differentially Private Mixture of Generative Neural Networks

Generative models are used in a wide range of applications building on large amounts of contextually rich information. Due to possible privacy violations of the individuals whose data is used to train these models, however, publishing or sharing generative models is not always viable. In this paper, we present a novel technique for privately releasing generative models and entire high-dimensional datasets produced by these models. We model the generator distribution of the training data with a mixture of $k$ generative neural networks. These are trained together and collectively learn the generator distribution of a dataset. Data is divided into $k$ clusters, using a novel differentially private kernel $k$-means, then each cluster is given to separate generative neural networks, such as Restricted Boltzmann Machines or Variational Autoencoders, which are trained only on their own cluster using differentially private gradient descent. We evaluate our approach using the MNIST dataset, as well as call detail records and transit datasets, showing that it produces realistic synthetic samples, which can also be used to accurately compute arbitrary number of counting queries.Comment: A shorter version of this paper appeared at the 17th IEEE International Conference on Data Mining (ICDM 2017). This is the full version, published in IEEE Transactions on Knowledge and Data Engineering (TKDE

Lower Bounds for Oblivious Near-Neighbor Search

We prove an $\Omega(d \lg n/ (\lg\lg n)^2)$ lower bound on the dynamic cell-probe complexity of statistically $\mathit{oblivious}$ approximate-near-neighbor search ($\mathsf{ANN}$) over the $d$-dimensional Hamming cube. For the natural setting of $d = \Theta(\log n)$, our result implies an $\tilde{\Omega}(\lg^2 n)$ lower bound, which is a quadratic improvement over the highest (non-oblivious) cell-probe lower bound for $\mathsf{ANN}$. This is the first super-logarithmic $\mathit{unconditional}$ lower bound for $\mathsf{ANN}$ against general (non black-box) data structures. We also show that any oblivious $\mathit{static}$ data structure for decomposable search problems (like $\mathsf{ANN}$) can be obliviously dynamized with $O(\log n)$ overhead in update and query time, strengthening a classic result of Bentley and Saxe (Algorithmica, 1980).Comment: 28 page

e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices

To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient's IMD and a doctor's programmer is vulnerable since once the doctor's programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients' rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme