Exploring Privacy Preservation in Outsourced K-Nearest Neighbors with Multiple Data Owners

The k-nearest neighbors (k-NN) algorithm is a popular and effective classification algorithm. Due to its large storage and computational requirements, it is suitable for cloud outsourcing. However, k-NN is often run on sensitive data such as medical records, user images, or personal information. It is important to protect the privacy of data in an outsourced k-NN system. Prior works have all assumed the data owners (who submit data to the outsourced k-NN system) are a single trusted party. However, we observe that in many practical scenarios, there may be multiple mutually distrusting data owners. In this work, we present the first framing and exploration of privacy preservation in an outsourced k-NN system with multiple data owners. We consider the various threat models introduced by this modification. We discover that under a particularly practical threat model that covers numerous scenarios, there exists a set of adaptive attacks that breach the data privacy of any exact k-NN system. The vulnerability is a result of the mathematical properties of k-NN and its output. Thus, we propose a privacy-preserving alternative system supporting kernel density estimation using a Gaussian kernel, a classification algorithm from the same family as k-NN. In many applications, this similar algorithm serves as a good substitute for k-NN. We additionally investigate solutions for other threat models, often through extensions on prior single data owner systems

Trojans in Early Design Steps—An Emerging Threat

Hardware Trojans inserted by malicious foundries during integrated circuit manufacturing have received substantial attention in recent years. In this paper, we focus on a different type of hardware Trojan threats: attacks in the early steps of design process. We show that third-party intellectual property cores and CAD tools constitute realistic attack surfaces and that even system specification can be targeted by adversaries. We discuss the devastating damage potential of such attacks, the applicable countermeasures against them and their deficiencies

PassGAN: A Deep Learning Approach for Password Guessing

State-of-the-art password guessing tools, such as HashCat and John the Ripper, enable users to check billions of passwords per second against password hashes. In addition to performing straightforward dictionary attacks, these tools can expand password dictionaries using password generation rules, such as concatenation of words (e.g., "password123456") and leet speak (e.g., "password" becomes "p4s5w0rd"). Although these rules work well in practice, expanding them to model further passwords is a laborious task that requires specialized expertise. To address this issue, in this paper we introduce PassGAN, a novel approach that replaces human-generated password rules with theory-grounded machine learning algorithms. Instead of relying on manual password analysis, PassGAN uses a Generative Adversarial Network (GAN) to autonomously learn the distribution of real passwords from actual password leaks, and to generate high-quality password guesses. Our experiments show that this approach is very promising. When we evaluated PassGAN on two large password datasets, we were able to surpass rule-based and state-of-the-art machine learning password guessing tools. However, in contrast with the other tools, PassGAN achieved this result without any a-priori knowledge on passwords or common password structures. Additionally, when we combined the output of PassGAN with the output of HashCat, we were able to match 51%-73% more passwords than with HashCat alone. This is remarkable, because it shows that PassGAN can autonomously extract a considerable number of password properties that current state-of-the art rules do not encode.Comment: This is an extended version of the paper which appeared in NeurIPS 2018 Workshop on Security in Machine Learning (SecML'18), see https://github.com/secml2018/secml2018.github.io/raw/master/PASSGAN_SECML2018.pd

Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting

Machine learning algorithms, when applied to sensitive data, pose a distinct threat to privacy. A growing body of prior work demonstrates that models produced by these algorithms may leak specific private information in the training data to an attacker, either through the models' structure or their observable behavior. However, the underlying cause of this privacy risk is not well understood beyond a handful of anecdotal accounts that suggest overfitting and influence might play a role. This paper examines the effect that overfitting and influence have on the ability of an attacker to learn information about the training data from machine learning models, either through training set membership inference or attribute inference attacks. Using both formal and empirical analyses, we illustrate a clear relationship between these factors and the privacy risk that arises in several popular machine learning algorithms. We find that overfitting is sufficient to allow an attacker to perform membership inference and, when the target attribute meets certain conditions about its influence, attribute inference attacks. Interestingly, our formal analysis also shows that overfitting is not necessary for these attacks and begins to shed light on what other factors may be in play. Finally, we explore the connection between membership inference and attribute inference, showing that there are deep connections between the two that lead to effective new attacks

Fixing the leak: unemployment incidence before and after the 2006 reform of unemployment benefits in Germany

From 2002-2004, the German government passed several laws that curtailed the generosity of the unemployment compensation system. One of the most ambitious changes was a considerable reduction in unemployment benefit entitlement lengths for older unemployed, which was effective during 2006 and 2007. We apply a difference-in-differences approach to show that the highly disputed reform induced a considerable decline in unemployment incidence among older workers. It thus sealed an important leak in the unemployment insurance system. Furthermore, we find a strong anticipation effect; unemployment entries of elderly workers peaked during the months preceding the reform. --unemployment incidence,policy evaluation,administrative data

Characterizing Location-based Mobile Tracking in Mobile Ad Networks

Mobile apps nowadays are often packaged with third-party ad libraries to monetize user data

Fixing the leak: Unemployment incidence before and after the 2006 reform of unemployment benefits in Germany

"From 2002 - 2004, the German government passed several laws that curtailed the generosity of the unemployment compensation system. One of the most ambitious changes was a considerable reduction in unemployment benefit entitlement lengths for older unemployed, which was effective during 2006 and 2007. We apply a difference-in-differences approach to show that the highly disputed reform induced a considerable decline in unemployment incidence among older workers. It thus sealed an important leak in the unemployment insurance system. Furthermore, we find a strong anticipation effect; unemployment entries of elderly workers peaked during the months preceding the reform." (Author's abstract, IAB-Doku) ((en))ältere Arbeitnehmer, arbeitsmarktpolitische Maßnahme, Arbeitslosengeld, Leistungsbezug - Dauer, Wirkungsforschung

Pipeline Risk Assessment Using Dynamic Bayesian Network (DBN) for Internal Corrosion

Pipelines are the most efficient mode of transportation for various chemicals and are considered as safe, yet pipeline incidents remain occurring. Corrosion is one of the main reasons for incidents especially in subsea pipelines due to the harsh corrosive environment that prevails. Corrosion can be attributed to 36% amongst all the causes of subsea pipeline failure. Internal corrosion being an incoherent process, one can never forecast exact occurrences inside a pipeline resulting in highly unpredictable risk. Therefore, this paper focuses on risk assessment of internal corrosion in subsea pipelines. Corrosion is time-dependent phenomena, and conventional risk assessment tools have limited capabilities of quantifying risk in terms of time dependency. Hence, this paper presents a Dynamic Bayesian Network (DBN) model to assess and manage the risk of internal corrosion in subsea. DBN possesses certain advantages such as representation of temporal dependence between variable, ability to handle missing data, ability to deal with continuous data, time- based risk update, observation of the change of variables with time and better representation of cause and effect relationship. This model aims to find the cause of internal corrosion and predict the consequence in case of pipeline failure given the reliability of safety barrier in place at each time step. It also demonstrates the variation of corrosion promoting agents, corrosion rate and safety barriers with time