Privacy-preserving query processing over encrypted data in cloud

The query processing of relational data has been studied extensively throughout the past decade. A number of theoretical and practical solutions to query processing have been proposed under various scenarios. With the recent popularity of cloud computing, data owners now have the opportunity to outsource not only their data but also data processing functionalities to the cloud. Because of data security and personal privacy concerns, sensitive data (e.g., medical records) should be encrypted before being outsourced to a cloud, and the cloud should perform query processing tasks on the encrypted data only. These tasks are termed as Privacy-Preserving Query Processing (PPQP) over encrypted data. Based on the concept of Secure Multiparty Computation (SMC), SMC-based distributed protocols were developed to allow the cloud to perform queries directly over encrypted data. These protocols protect the confidentiality of the stored data, user queries, and data access patterns from cloud service providers and other unauthorized users. Several queries were considered in an attempt to create a well-defined scope. These queries included the k-Nearest Neighbor (kNN) query, advanced analytical query, and correlated range query. The proposed protocols utilize an additive homomorphic cryptosystem and/or a garbled circuit technique at different stages of query processing to achieve the best performance. In addition, by adopting a multi-cloud computing paradigm, all computations can be done on the encrypted data without using very expensive fully homomorphic encryptions. The proposed protocols\u27 security was analyzed theoretically, and its practicality was evaluated through extensive empirical results --Abstract, page iii

Confidential Machine Learning on Untrusted Platforms: a Survey

With the ever-growing data and the need for developing powerful machine learning models, data owners increasingly depend on various untrusted platforms (e.g., public clouds, edges, and machine learning service providers) for scalable processing or collaborative learning. Thus, sensitive data and models are in danger of unauthorized access, misuse, and privacy compromises. A relatively new body of research confidentially trains machine learning models on protected data to address these concerns. In this survey, we summarize notable studies in this emerging area of research. With a unified framework, we highlight the critical challenges and innovations in outsourcing machine learning confidentially. We focus on the cryptographic approaches for confidential machine learning (CML), primarily on model training, while also covering other directions such as perturbation-based approaches and CML in the hardware-assisted computing environment. The discussion will take a holistic way to consider a rich context of the related threat models, security assumptions, design principles, and associated trade-offs amongst data utility, cost, and confidentiality

Data Service Outsourcing and Privacy Protection in Mobile Internet

Mobile Internet data have the characteristics of large scale, variety of patterns, and complex association. On the one hand, it needs efficient data processing model to provide support for data services, and on the other hand, it needs certain computing resources to provide data security services. Due to the limited resources of mobile terminals, it is impossible to complete large-scale data computation and storage. However, outsourcing to third parties may cause some risks in user privacy protection. This monography focuses on key technologies of data service outsourcing and privacy protection, including the existing methods of data analysis and processing, the fine-grained data access control through effective user privacy protection mechanism, and the data sharing in the mobile Internet

Secure monitoring system for industrial internet of things using searchable encryption, access control and machine learning

This thesis is an alternative format submission comprising a set of publications and a comprehensive literature review, an introduction, and a conclusion. Continuous compliance with data protection legislation on many levels in the Industrial Internet of Things (IIoT) is a significant challenge. Automated continuous compliance should also consider adaptable security compliance management for multiple users. The IIoT should automate compliance with corporate rules, regulations, and regulatory frameworks for industrial applications. Thus, this thesis aims to improve continuous compliance by introducing an edge-server architecture which incorporates searchable encryption with multi-authority access to provide access to useful data for various stakeholders in the compliance domain. In this thesis, we propose an edge lightweight searchable attribute-based encryption system (ELSA). The ELSA system leverages cloud-edge architecture to improve search time beyond a previous state-ofthe-art encryption solution. The main contributions of the first paper are as follows. First, we npresent an untrusted cloud and trusted edge architecture that processes data efficiently and optimises decision-making in the IIoT context. Second, we enhanced the search performance over the current state-of-the-art (LSABE-MA) regarding order of magnitude. We achieved this enhancement by storing keywords only on the trusted edge server and introducing a query optimiser to achieve better-than-linear search performance. The query optimiser uses k-means clustering to improve the efficiency of range queries, removing the need for a linear search. As a result, we achieved higher performance without sacrificing result accuracy. In the second paper, we extended ELSA to illustrate the correlation between the number of keywords and ELSA performance. This extension supports annotating records with multiple keywords in trapdoor and record storage and enables the record to be returned with single keyword queries. In addition, the experiments demonstrated the scalability and efficiency of ELSA with an increasing number of keywords and complexity. Based on the experimental results and feedback received from the publication and presentation of this work, we published our third technical paper. In this paper, we improved ELSA by minimising the lookup table size and summarising the data records by integrating machine-learning (ML) methods suitable for execution at the edge. This integration removes records of unnecessary data by evaluating added value to further processing. This process results in the minimisation of the lookup table size, the cloud storage, and the network traffic, taking full advantage of the edge architecture benefits. We demonstrated the mini-ELSA expanded method on two well-known IIoT datasets. Our results reveal a reduction of storage requirements by > 21% while improving execution time by > 1.39× and search time by > 50% and maintaining an optimal balance between prediction accuracy and space reduction. In addition, we present the computational complexity analysis that reinforces these experimental results

Optimum parameter machine learning classification and prediction of Internet of Things (IoT) malwares using static malware analysis techniques

Application of machine learning in the field of malware analysis is not a new concept, there have been lots of researches done on the classification of malware in android and windows environments. However, when it comes to malware analysis in the internet of things (IoT), it still requires work to be done. IoT was not designed to keeping security/privacy under consideration. Therefore, this area is full of research challenges. This study seeks to evaluate important machine learning classifiers like Support Vector Machines, Neural Network, Random Forest, Decision Trees, Naive Bayes, Bayesian Network, etc. and proposes a framework to utilize static feature extraction and selection processes highlight issues like over-fitting and generalization of classifiers to get an optimized algorithm with better performance. For background study, we used systematic literature review to find out research gaps in IoT, presented malware as a big challenge for IoT and the reasons for applying malware analysis targeting IoT devices and finally perform classification on malware dataset. The classification process used was applied on three different datasets containing file header, program header and section headers as features. Preliminary results show the accuracy of over 90% on file header, program header, and section headers. The scope of this document just discusses these results as initial results and still require some issues to be addressed which may effect on the performance measures