16 research outputs found
Analytical and numerical studies of photo-injected charge transport in molecularly-doped polymers
The mobility of photo-injected charge carriers in molecularly-doped polymers (MDPs) exhibits a commonly observed, and nearly universal Poole-Frenkel field dependence, µ ~ exp [square root (ß0E)], that has been shown to arise from the correlated Gaussian energy distribution of transport sites encountered by charges undergoing hopping transport through the material. Analytical and numerical studies of photo-injected charge transport in these materials are presented here with an attempt to understand how specific features of the various models developed to describe these systems depend on the microscopic parameters that define them. Specifically, previously published time-of-flight mobility data for the molecularly doped polymer 30% DEH:PC (polycarbonate doped with 30 wt.% aromatic hydrazone DEH) is compared with direct analytical and numerical predictions of five disorder-based models, the Gaussian disorder model (GDM) of Bäassler, and four correlated disorder models introduced by Novikov, et al., and by Parris, et al. In these numerical studies, disorder parameters describing each model were varied from reasonable starting conditions, in order to give the best overall fit. The uncorrelated GDM describes the Poole-Frenkel field dependence of the mobility only at very high fields, but fails for fields lower than about 64 V/µm. The correlated disorder models with small amounts of geometrical disorder do a good over-all job of reproducing a robust Poole-Frenkel field dependence, with correlated disorder theories that employ polaron transition rates showing qualitatively better agreement with experiment than those that employ Miller-Abrahams rates. In a separate study, the heuristic treatment of spatial or geometric disorder incorporated in existing theories is critiqued, and a randomly-diluted lattice gas model is developed to describe the spatial disorder of the transport sites in a more realistic way --Abstract, page iii
Intertwining Order Preserving Encryption and Differential Privacy
Ciphertexts of an order-preserving encryption (OPE) scheme preserve the order
of their corresponding plaintexts. However, OPEs are vulnerable to inference
attacks that exploit this preserved order. At another end, differential privacy
has become the de-facto standard for achieving data privacy. One of the most
attractive properties of DP is that any post-processing (inferential)
computation performed on the noisy output of a DP algorithm does not degrade
its privacy guarantee. In this paper, we intertwine the two approaches and
propose a novel differentially private order preserving encryption scheme,
OP. Under OP, the leakage of order from the ciphertexts is
differentially private. As a result, in the least, OP ensures a
formal guarantee (specifically, a relaxed DP guarantee) even in the face of
inference attacks. To the best of our knowledge, this is the first work to
intertwine DP with a property-preserving encryption scheme. We demonstrate
OP's practical utility in answering range queries via extensive
empirical evaluation on four real-world datasets. For instance, OP
misses only around in every correct records on average for a dataset
of size with an attribute of domain size and
ShadowNet: A Secure and Efficient System for On-device Model Inference
With the increased usage of AI accelerators on mobile and edge devices,
on-device machine learning (ML) is gaining popularity. Consequently, thousands
of proprietary ML models are being deployed on billions of untrusted devices.
This raises serious security concerns about model privacy. However, protecting
the model privacy without losing access to the AI accelerators is a challenging
problem. In this paper, we present a novel on-device model inference system,
ShadowNet. ShadowNet protects the model privacy with Trusted Execution
Environment (TEE) while securely outsourcing the heavy linear layers of the
model to the untrusted hardware accelerators. ShadowNet achieves this by
transforming the weights of the linear layers before outsourcing them and
restoring the results inside the TEE. The nonlinear layers are also kept secure
inside the TEE. The transformation of the weights and the restoration of the
results are designed in a way that can be implemented efficiently. We have
built a ShadowNet prototype based on TensorFlow Lite and applied it on four
popular CNNs, namely, MobileNets, ResNet-44, AlexNet and MiniVGG. Our
evaluation shows that ShadowNet achieves strong security guarantees with
reasonable performance, offering a practical solution for secure on-device
model inference.Comment: single column, 21 pages (29 pages include appendix), 12 figure
Identifying and Mitigating the Security Risks of Generative AI
Every major technical invention resurfaces the dual-use dilemma -- the new
technology has the potential to be used for good as well as for harm.
Generative AI (GenAI) techniques, such as large language models (LLMs) and
diffusion models, have shown remarkable capabilities (e.g., in-context
learning, code-completion, and text-to-image generation and editing). However,
GenAI can be used just as well by attackers to generate new attacks and
increase the velocity and efficacy of existing attacks.
This paper reports the findings of a workshop held at Google (co-organized by
Stanford University and the University of Wisconsin-Madison) on the dual-use
dilemma posed by GenAI. This paper is not meant to be comprehensive, but is
rather an attempt to synthesize some of the interesting findings from the
workshop. We discuss short-term and long-term goals for the community on this
topic. We hope this paper provides both a launching point for a discussion on
this important topic as well as interesting problems that the research
community can work to address
Optical Character Recognition from Text Image
Abstract: Optical Character Recognition (OCR) is a system that provides a full alphanumeric recognition of printed or handwritten characters by simply scanning the text image. OCR system interprets the printed or handwritten characters image and converts it into corresponding editable text document. The text image is divided into regions by isolating each line, then individual characters with spaces. After character extraction, the texture and topological features like corner points, features of different regions, ratio of character area and convex area of all characters of text image are calculated. Previously features of each uppercase and lowercase letter, digit, and symbols are stored as a template. Based on the texture and topological features, the system recognizes the exact character using feature matching between the extracted character and the template of all characters as a measure of similarity
Data privacy in trigger-action systems
Trigger-action platforms (TAPs) allow users to connect independent web-based or IoT services to achieve useful automation. They provide a simple interface that helps end-users create trigger-compute-action rules that pass data between disparate Internet services. Unfortunately, TAPs introduce a large-scale security risk: if they are compromised, attackers will gain access to sensitive data for millions of users. To avoid this risk, we propose eTAP, a privacy-enhancing trigger-action platform that executes trigger-compute-action rules without accessing users\u27 private data in plaintext or learning anything about the results of the computation. We use garbled circuits as a primitive, and leverage the unique structure of trigger-compute-action rules to make them practical. We formally state and prove the security guarantees of our protocols. We prototyped eTAP, which supports the most commonly used operations on popular commercial TAPs like IFTTT and Zapier. Specifically, it supports Boolean, arithmetic, and string operations on private trigger data and can run 100% of the top-500 rules of IFTTT users and 93.4% of all publicly-available rules on Zapier. Based on ten existing rules that exercise a wide variety of operations, we show that eTAP has a modest performance impact: on average rule execution latency increases by 70 ms (55%) and throughput reduces by 59%