90,152 research outputs found
Pretty Private Group Management
Group management is a fundamental building block of today's Internet
applications. Mailing lists, chat systems, collaborative document edition but
also online social networks such as Facebook and Twitter use group management
systems. In many cases, group security is required in the sense that access to
data is restricted to group members only. Some applications also require
privacy by keeping group members anonymous and unlinkable. Group management
systems routinely rely on a central authority that manages and controls the
infrastructure and data of the system. Personal user data related to groups
then becomes de facto accessible to the central authority. In this paper, we
propose a completely distributed approach for group management based on
distributed hash tables. As there is no enrollment to a central authority, the
created groups can be leveraged by various applications. Following this
paradigm we describe a protocol for such a system. We consider security and
privacy issues inherently introduced by removing the central authority and
provide a formal validation of security properties of the system using AVISPA.
We demonstrate the feasibility of this protocol by implementing a prototype
running on top of Vuze's DHT
Peer-to-Peer Secure Multi-Party Numerical Computation Facing Malicious Adversaries
We propose an efficient framework for enabling secure multi-party numerical
computations in a Peer-to-Peer network. This problem arises in a range of
applications such as collaborative filtering, distributed computation of trust
and reputation, monitoring and other tasks, where the computing nodes is
expected to preserve the privacy of their inputs while performing a joint
computation of a certain function. Although there is a rich literature in the
field of distributed systems security concerning secure multi-party
computation, in practice it is hard to deploy those methods in very large scale
Peer-to-Peer networks. In this work, we try to bridge the gap between
theoretical algorithms in the security domain, and a practical Peer-to-Peer
deployment.
We consider two security models. The first is the semi-honest model where
peers correctly follow the protocol, but try to reveal private information. We
provide three possible schemes for secure multi-party numerical computation for
this model and identify a single light-weight scheme which outperforms the
others. Using extensive simulation results over real Internet topologies, we
demonstrate that our scheme is scalable to very large networks, with up to
millions of nodes. The second model we consider is the malicious peers model,
where peers can behave arbitrarily, deliberately trying to affect the results
of the computation as well as compromising the privacy of other peers. For this
model we provide a fourth scheme to defend the execution of the computation
against the malicious peers. The proposed scheme has a higher complexity
relative to the semi-honest model. Overall, we provide the Peer-to-Peer network
designer a set of tools to choose from, based on the desired level of security.Comment: Submitted to Peer-to-Peer Networking and Applications Journal (PPNA)
200
A Privacy-Preserving Hybrid Federated Learning Framework for Financial Crime Detection
The recent decade witnessed a surge of increase in financial crimes across
the public and private sectors, with an average cost of scams of $102m to
financial institutions in 2022. Developing a mechanism for battling financial
crimes is an impending task that requires in-depth collaboration from multiple
institutions, and yet such collaboration imposed significant technical
challenges due to the privacy and security requirements of distributed
financial data. For example, consider the modern payment network systems, which
can generate millions of transactions per day across a large number of global
institutions. Training a detection model of fraudulent transactions requires
not only secured transactions but also the private account activities of those
involved in each transaction from corresponding bank systems. The distributed
nature of both samples and features prevents most existing learning systems
from being directly adopted to handle the data mining task. In this paper, we
collectively address these challenges by proposing a hybrid federated learning
system that offers secure and privacy-aware learning and inference for
financial crime detection. We conduct extensive empirical studies to evaluate
the proposed framework's detection performance and privacy-protection
capability, evaluating its robustness against common malicious attacks of
collaborative learning. We release our source code at
https://github.com/illidanlab/HyFL .Comment: PETs prize challenge versio
Collaborative Edge Computing in Mobile Internet of Things
The proliferation of Internet-of-Things (IoT) devices has opened a plethora of opportunities for smart networking, connected applications and data driven intelligence. The large distribution of IoT devices within a finite geographical area and the pervasiveness of wireless networking present an opportunity for such devices to collaborate. Centralized decision systems have so far dominated the field, but they are starting to lose relevance in the wake of heterogeneity of the device pool. This thesis is driven by three key hypothesis: (i) In solving complex problems, it is possible to harness unused compute capabilities of the device pool instead of always relying on centralized infrastructures; (ii) When possible, collaborating with neighbors to identify security threats scales well in large environments; (iii) Given the abundance of data from a large pool of devices with possible privacy constraints, collaborative learning drives scalable intelligence.
This dissertation defines three frameworks for these hypotheses; collaborative computing, collaborative security and collaborative privacy intelligence. The first framework, Opportunistic collaboration among IoT devices for workload execution, profiles applications and matches resource grants to requests using blockchain to put excess capacity at the edge to good use. The evaluation results show app execution latency comparable to the centralized edge and an outstanding resource utilization at the edge. The second framework, Integrity Threat Identification for Distributed IoT, uses a new spatio-temporal algorithm, based on Local Outlier Factor (LOF) uniquely using mean and variance collaboratively across spatial and temporal dimensions to identify potential threats. Evaluation results on real world underground sensor dataset (Thoreau) show good accuracy and efficiency. The third frame- work, Collaborative Privacy Intelligence, aims to understand privacy invasion by reverse engineering a user’s privacy model using sensors data, and score the level of intrusion for various dimensions of privacy. By having sensors track activities, and learning rule books from the collective insights, we are able to predict ones privacy attributes and states, with reasonable accuracy. As the Edge gains more prominence with computation moving closer to the data source, the above frameworks will drive key solutions and research in areas of Edge federation and collaboration
Peer-to-Peer Secure Multi-Party Numerical Computation
We propose an efficient framework for enabling secure multi-party numerical
computations in a Peer-to-Peer network. This problem arises in a range of
applications such as collaborative filtering, distributed computation of trust
and reputation, monitoring and numerous other tasks, where the computing nodes
would like to preserve the privacy of their inputs while performing a joint
computation of a certain function.
Although there is a rich literature in the field of distributed systems
security concerning secure multi-party computation, in practice it is hard to
deploy those methods in very large scale Peer-to-Peer networks. In this work,
we examine several possible approaches and discuss their feasibility. Among the
possible approaches, we identify a single approach which is both scalable and
theoretically secure.
An additional novel contribution is that we show how to compute the
neighborhood based collaborative filtering, a state-of-the-art collaborative
filtering algorithm, winner of the Netflix progress prize of the year 2007. Our
solution computes this algorithm in a Peer-to-Peer network, using a privacy
preserving computation, without loss of accuracy.
Using extensive large scale simulations on top of real Internet topologies,
we demonstrate the applicability of our approach. As far as we know, we are the
first to implement such a large scale secure multi-party simulation of networks
of millions of nodes and hundreds of millions of edges.Comment: 10 pages, 2 figures, appeared in the 8th IEEE Peer-to-Peer Computing,
Aachen, Germany, Sept. 200
Authentication and authorisation in entrusted unions
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two pilot studies in two different domains, viz, Bio-security incident management and Ambient Assisted Living (eHealth). Interim results in terms of security requirements, privacy preserving authentication, and authorisation are reported
- …