secure data outsourcing with adversarial data dependency
play

Secure Data Outsourcing with Adversarial Data Dependency - PowerPoint PPT Presentation

May 06, 2023 •413 likes •641 views

Secure Data Outsourcing with Adversarial Data Dependency Constraints BigDataSecurity 2016 Boxiang Dong Wendy Hui Wang Jie Yang Department of Computer Science School of Software Engineering Stevens Institute of Technology South China

  1. Secure Data Outsourcing with Adversarial Data Dependency Constraints BigDataSecurity 2016 Boxiang Dong Wendy Hui Wang Jie Yang Department of Computer Science School of Software Engineering Stevens Institute of Technology South China University of Technology April 9, 2016

  2. Database-as-a-Service (DaS) Database as a Service : • Weak data owner • Computationally powerful service provider (e.g. cloud) • DaS enables the data owner to outsource the database services to a third party server. 2 / 22

  3. Data Security Issue Security The outsourced data may contain important and sensitive information. Solution The data owner encrypts the data before outsourcing. 3 / 22

  4. Security Constraint Security constraint Π Y σ C • Y is a set of attributes. • C is a conjunction of equalities of A = B or A = a . Basic encryption ¯ D Encrypt the sensitive values specified by the security constraint. NM SEX AGE DC DS NM SEX AGE DC DS Alice F 53 CPD5 HIV Alice F 53 CPD5 α Carol F 30 VPI8 Cancer Carol F 30 VPI8 Cancer Ela F 24 VPI8 Cancer Ela F 24 VPI8 γ (b) The basic encryption ¯ (a) The original dataset D D S 1 : Π DS σ NM = ′ Alice ′ S 2 : Π DS σ NM = ′ Ela ′ : sensitive data 4 / 22

  5. FD Attack Functional dependency (FD) X → Y if r 1 [ X ] = r 2 [ X ] , then r 1 [ Y ] = r 2 [ Y ] . FD attack Infer the encrypted sensitive value based on the FD. NM SEX AGE DC DS NM SEX AGE DC DS Alice F 53 CPD5 HIV Alice F 53 CPD5 α Carol F 30 VPI8 Cancer Carol F 30 VPI8 Cancer Ela F 24 VPI8 Cancer Ela F 24 VPI8 γ (b) The unsafe basic encryption ¯ (a) The original dataset D D FD : DC → DS S 1 : Π DS σ NM = ′ Alice ′ S 2 : Π DS σ NM = ′ Ela ′ : sensitive data : inference channel 5 / 22

  6. Naive Solutions 1. Encrypt all the data values. 2. Encrypt all values of the attributes that involve a FD. NM SEX AGE DC DS NM SEX AGE DC DS β δ ǫ ζ α Alice F 53 ζ α Carol F 30 η δ θ ι γ ι γ λ δ µ ι γ Ela F 24 ι γ (encryption overhead: 13) (encryption overhead: 4) : sensitive data : additional encrypted data Encryption Overhead Amount of encrypted non-sensitive values. Drawbacks Large encryption overhead. • Incur high encryption cost. • Reduce the data useability. 6 / 22

  7. Related Work Encryption in DaS model • Searchable encryption [SWP00]: can not defend against FD attack. • Homomorphic encryption [SV10]: inefficient. Inference attack in Multi-level Security Database • Database-design time [CHKP07, SO91]: over-encrypt the data. • Query-time [BFJ00]: not applicable to our scenario. K-anonymity • Suppression and generalization [Swe02, WL11]: can not defend against FD attack. 7 / 22

  8. Goal Design a scheme. • Robust against FD attack • Efficiency • Low encryption overhead NM SEX AGE DC DS Alice F 53 CPD5 α Carol F 30 Cancer ι Ela F 24 VPI8 γ (encryption overhead: 1) : sensitive data : additional encrypted data 8 / 22

  9. Sensitive/Evidence Records FD : X → Y . For all records with the same ( x , y ) values, Sensitive record S ( x , y ) • r [ Y ] is sensitive. • r [ X ] is not sensitive. Evidence record E ( x , y ) • r [ Y ] is not sensitive. • r [ X ] is not sensitive. RID NM SEX AGE DC DS r 1 Alex M 36 VPI8 Cancer Bob M 53 VPI8 Cancer r 2 r 3 Carol F 30 VPI8 Cancer r 4 Ela F 24 VPI8 γ r 5 Amy F 20 VPI8 γ S : Π DS σ AGE < 30 : sensitive data S ( VPI 8 , Cancer ) = { r 4 , r 5 } : sensitive records E ( VPI 8 , Cancer ) = { r 1 , r 2 , r 3 } : evidence records 9 / 22

  10. Encryption for One Single SC Pick the scheme which has smaller encryption overhead. Scheme 1 Pick A ∈ X , encrypt r [ A ] for r ∈ S ( x , y ) . Scheme 2 Pick A ∈ X ∪ Y , encrypt r [ A ] for r ∈ E ( x , y ) . RID NM SEX AGE DC DS RID NM SEX AGE DC DS r 1 Alex M 36 VPI8 Cancer r 1 Alex M 36 ι Cancer Bob M 53 VPI8 Cancer Bob M 53 Cancer r 2 r 2 ι r 3 Carol F 30 VPI8 Cancer r 3 Carol F 30 ι Cancer r 4 Ela F 24 ι γ r 4 Ela F 24 VPI8 γ r 5 Amy F 20 ι γ r 5 Amy F 20 VPI8 γ (Scheme 1: overhead = 2) (Scheme 2: overhead = 3) : sensitive data : additional encrypted data 10 / 22

  11. Encryption for Multiple SCs Theorem (NP-Completeness) Given a dataset D and k > 1 SCs S , the problem of finding the optimal robust scheme that enforces S on D against the FD attack is NP-complete. RID NM SEX AGE DC DS RID NM SEX AGE DC DS r 1 Joe M 28 CPD5 α r 1 Joe M 28 CPD5 HIV r 2 Alice F 24 CPD5 α r 2 Alice F 24 CPD5 α Maggy F 33 CPD5 HIV Maggy F 33 CPD5 r 3 r 3 α r 4 Phil M 43 CPD5 HIV r 4 Phil M 43 CPD5 HIV r 5 Peter M 39 CPD5 HIV r 5 Peter M 39 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 7 Steve M 31 CPD5 HIV r 7 Steve M 31 CPD5 HIV S 1 : Π DS σ AGE < 30 S 2 : Π DS σ SEX = F : sensitive data 11 / 22

  12. Encryption for Multiple SCs Theorem (NP-Completeness) Given a dataset D and k > 1 SCs S , the problem of finding the optimal robust scheme that enforces S on D against the FD attack is NP-complete. RID NM SEX AGE DC DS RID NM SEX AGE DC DS Joe M 28 CPD5 Joe M 28 CPD5 r 1 α r 1 α r 2 Alice F 24 CPD5 α r 2 Alice F 24 CPD5 α r 3 Maggy F 33 CPD5 α r 3 Maggy F 33 CPD5 α r 4 Phil M 43 CPD5 HIV r 4 Phil M 43 CPD5 HIV r 5 Peter M 39 CPD5 HIV r 5 Peter M 39 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 7 Steve M 31 CPD5 HIV r 7 Steve M 31 CPD5 HIV S ( S 1 ) = { r 1 , r 2 } S ( S 2 ) = { r 2 , r 3 } E ( S 1 ) = { r 4 , r 5 , r 6 , r 7 } E ( S 2 ) = { r 4 , r 5 , r 6 , r 7 } : sensitive data : sensitive records : evidence records 12 / 22

  13. Encryption for Multiple SCs Theorem (NP-Completeness) Given a dataset D and k > 1 SCs S , the problem of finding the optimal robust scheme that enforces S on D against the FD attack is NP-complete. Four solutions Solution 1: encrypt S ( S 1 ) and S ( S 2 ) Solution 2: encrypt S ( S 1 ) and E ( RID NM SEX AGE DC DS RID NM SEX AGE DC DS r 1 Joe M 28 β α r 1 Joe M 28 β r 2 Alice F 24 β α r 2 Alice F 24 β r 3 Maggy F 33 β α r 3 Maggy F 33 CPD5 Phil M 43 CPD5 HIV Phil M 43 HIV r 4 r 4 β r 5 Peter M 39 CPD5 HIV r 5 Peter M 39 β HIV r 6 Ray M 52 CPD5 HIV r 6 Ray M 52 β HIV Steve M 31 CPD5 HIV Steve M 31 HIV r 7 r 7 β encryption overhead = 3 encryption overhead = 6 : sensitive data : additional encrypted data 13 / 22

  14. Encryption for Multiple SCs Theorem (NP-Completeness) Given a dataset D and k > 1 SCs S , the problem of finding the optimal robust scheme that enforces S on D against the FD attack is NP-complete. Four solutions Solution 3: encrypt E ( S 1 ) and S ( S 2 ) Solution 4: encrypt E ( S 1 ) and E RID NM SEX AGE DC DS RID NM SEX AGE DC DS r 1 Joe M 28 CPD5 α r 1 Joe M 28 CPD5 r 2 Alice F 24 β α r 2 Alice F 24 CPD5 r 3 Maggy F 33 β α r 3 Maggy F 33 CPD5 Phil M 43 HIV Phil M 43 HIV r 4 β r 4 β r 5 Peter M 39 β HIV r 5 Peter M 39 β HIV r 6 Ray M 52 β HIV r 6 Ray M 52 β HIV Steve M 31 HIV Steve M 31 HIV r 7 β r 7 β encryption overhead = 6 encryption overhead = 4 : sensitive data : additional encrypted data 14 / 22

  15. Encryption for Multiple SCs We design an efficient heuristic algorithm GMM : Do Pick the option with the smallest overhead. While unsafe against FD attack RID NM SEX AGE DC DS RID NM SEX AGE DC DS Joe M 28 CPD5 Joe M 28 CPD5 r 1 α r 1 α r 2 Alice F 24 CPD5 α r 2 Alice F 24 CPD5 α r 3 Maggy F 33 CPD5 α r 3 Maggy F 33 CPD5 α Phil M 43 CPD5 HIV Phil M 43 CPD5 HIV r 4 r 4 r 5 Peter M 39 CPD5 HIV r 5 Peter M 39 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 7 Steve M 31 CPD5 HIV r 7 Steve M 31 CPD5 HIV S ( S 1 ) = { r 1 , r 2 } S ( S 2 ) = { r 2 , r 3 } E ( S 1 ) = { r 4 , r 5 , r 6 , r 7 } E ( S 2 ) = { r 4 , r 5 , r 6 , r 7 } : sensitive data : sensitive records : evidence records 15 / 22

  16. Encryption for Multiple SCs Do Pick the option with the smallest overhead. While unsafe against FD attack Step 1: encrypt S ( S 1 ) Step 2: encrypt S ( S 2 ) RID NM SEX AGE DC DS RID NM SEX AGE DC DS r 1 Joe M 28 β α r 1 Joe M 28 β α Alice F 24 Alice F 24 r 2 β α r 2 β α r 3 Maggy F 33 CPD5 α r 3 Maggy F 33 β α r 4 Phil M 43 CPD5 HIV r 4 Phil M 43 CPD5 HIV Peter M 39 CPD5 HIV Peter M 39 CPD5 HIV r 5 r 5 r 6 Ray M 52 CPD5 HIV r 6 Ray M 52 CPD5 HIV r 7 Steve M 31 CPD5 HIV r 7 Steve M 31 CPD5 HIV S ( S 2 ) = { r 3 } , E ( S 2 ) = { r 4 , r 5 , r 6 , r 7 } encryption overhead = 3 : sensitive data : additional encrypted data 16 / 22

  17. Experiment Setup • Environment Language Java Testbed 2 . 4 GHz Intel Core i 5 CPU, 4 GB RAM, Mac OS X 10.9 • Datasets: Adult UCI machine learning repository Orders TPC-H benchmark • Approaches GMM Our heuristic approach OPTIMAL The exhaustive search algorithm 17 / 22

  18. Time Performance 10 12 OPTIMAL OPTIMAL 9 GMM GMM 10 8 Time (Second) Time (Second) 7 8 6 5 6 4 4 3 2 2 1 0 0 32k 64k 128k 256k 0.3M 0.6M 0.9M 1.2M 1.5M Data Size Data Size (a) Adult dataset (b) Orders dataset 18 / 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of

Efficient Outsourcing GWAS using FHE Wenjie Lu*, Jun Sakuma * * Dept. of CS, University of Tsukuba, Japan JST CREST Secure Outsourcing GWAS Secure computation [Cloud] Outline of our solution [data holder] Secure

381 views • 19 slides
Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

1.29k views • 62 slides
Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a computationally weak client to outsource its computation to an untrusted server. = () Main security concerns: 1. Correctness:

377 views • 4 slides
Homomorphic Encryption Based Secure Genome Data Analysis Miran Kim and Kristin Lauter

Homomorphic Encryption Based Secure Genome Data Analysis Miran Kim and Kristin Lauter

Homomorphic Encryption Based Secure Genome Data Analysis Miran Kim and Kristin Lauter Seoul National University Microsoft Research iDASH Privacy&amp;Security Workshop, March 16, 2015 1 / 16 Secure Outsourcing GWAS 2 / 16 Minor

622 views • 24 slides
Thoughts on Learner Data and Motivation Learner Language Dependency Parsing and Dependency

Thoughts on Learner Data and Motivation Learner Language Dependency Parsing and Dependency

Thoughts on Learner Data and Dependency Parsing Niels Ott, Ramon Ziai, Julia Krivanek, Detmar Meurers Introduction and Thoughts on Learner Data and Motivation Learner Language Dependency Parsing and Dependency Annotation Approximated

812 views • 53 slides
Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava CCSW 2009: The ACM Cloud Computing Security Workshop 1 The Problem Providing secure and

414 views • 19 slides
A Closer Look at Adversarial Examples for Separated Data Kamalika Chaudhuri University of

A Closer Look at Adversarial Examples for Separated Data Kamalika Chaudhuri University of

A Closer Look at Adversarial Examples for Separated Data Kamalika Chaudhuri University of California, San Diego Adversarial Examples Gibbon Panda Small perturbation to legitimate inputs causing misclassification Adversarial Examples Can

1.41k views • 42 slides
Neglected topics CS 446 Adversarial examples and deep networks 1 / 23 Adversarial

Neglected topics CS 446 Adversarial examples and deep networks 1 / 23 Adversarial

Neglected topics CS 446 Adversarial examples and deep networks 1 / 23 Adversarial examples? Standard ML setup: We have training data; try to do well on withheld testing data. Adversarial/robust ML setup: We have training

672 views • 27 slides
Secure Messaging Lecture 23 Messaging Alice Bob Secure Messaging Corruption model

Secure Messaging Lecture 23 Messaging Alice Bob Secure Messaging Corruption model

Secure Messaging Lecture 23 Messaging Alice Bob Secure Messaging Corruption model Server/network is adversarial (but trusted identity registration needed) Windows of compromise when a party is under adversarial control (or readable

933 views • 14 slides
Computing How to compute with large sensitive data? Biomedical data Proprietary data Secure

Computing How to compute with large sensitive data? Biomedical data Proprietary data Secure

U SING T RUSTED E XECUTION E NVIRONMENTS O N H IGH -P ERFORMANCE C OMPUTING P LATFORMS Ayaz Akram, Anna Giannakou, Venkatesh Akella, Jason Lowe-Power, Sean Peisert Secure High-Performance Computing How to compute with large sensitive data?

514 views • 13 slides
Secure (Research) Data Desktop Stuart C. Ray, MD y, Director, Infectious Diseases Fellowship

Secure (Research) Data Desktop Stuart C. Ray, MD y, Director, Infectious Diseases Fellowship

Secure (Research) Data Desktop Stuart C. Ray, MD y, Director, Infectious Diseases Fellowship Training Program Professor of Medicine and Oncology Johns Hopkins Medical Institutions Secure (Research) Data Desktop Secure (Research) Data Desktop

306 views • 11 slides
Figure 1. Learning curves under different quality levels of training data (p is the probability

Figure 1. Learning curves under different quality levels of training data (p is the probability

Improving Data Mining via Noisy Micro-outsourcing Victor S. Sheng, Foster Provost, Panagiotis G. Ipeirotis New York University This is based on a paper that appeared as: Get Another Label? Improving Data Quality and Data Mining Using Multiple,

285 views • 3 slides
Secure Data Sharing and Distribution Platform for Integrated Big Data Utilization - Handling all

Secure Data Sharing and Distribution Platform for Integrated Big Data Utilization - Handling all

Secure Data Sharing and Distribution Platform for Integrated Big Data Utilization Oct.2015-Mar.2021 funded by Japan Science and Technology Agency Secure Data Sharing and Distribution Platform for Integrated Big Data Utilization - Handling all

312 views • 17 slides
Functional Dependency Generation and Applications in Pay As You Go Data Integration

Functional Dependency Generation and Applications in Pay As You Go Data Integration

Functional Dependency Generation and Applications in Pay As You Go Data Integration Systems Daisy Zhe Wang , Luna Dong, Anish Das Sarma, Michael J. Franklin, and Alon Halevy UC Berkeley, AT&amp;T Research, Stanford University, and Google

159 views • 15 slides
CS 1655 / Spring 2013 Secure Data Management and Web Applications 01 Data Mining and

CS 1655 / Spring 2013 Secure Data Management and Web Applications 01 Data Mining and

CS 1655 / Spring 2013 Secure Data Management and Web Applications 01 Data Mining and Knowledge Discovery Alexandros Labrinidis University of Pittsburgh CS 1655 / Spring 2013 1 Trends leading to Data Flood More data is generated:

327 views • 15 slides
CS 1655 / Spring 2010 Secure Data Management and Web Applications 01 Data Mining and

CS 1655 / Spring 2010 Secure Data Management and Web Applications 01 Data Mining and

CS 1655 / Spring 2010 Secure Data Management and Web Applications 01 Data Mining and Knowledge Discovery Alexandros Labrinidis University of Pittsburgh CS 1655 / Spring 2010 1 Trends leading to Data Flood More data is generated:

355 views • 14 slides
12/3/14 Improving Adoption Incentives The Adoption Incentive Program was extended for

12/3/14 Improving Adoption Incentives The Adoption Incentive Program was extended for

12/3/14 Community Champions Network (CCN) New Federal Funding Sources for Post-Adoption Services Joe Kroll, executive director, North American Council on Adoptable Children (NACAC) About This Webinar You will be able to see the webinar

321 views • 8 slides
CS 102 Human-Computer Interaction 1 CS102: Monsoon 2015 About this course Introductory course

CS 102 Human-Computer Interaction 1 CS102: Monsoon 2015 About this course Introductory course

CS 102 Human-Computer Interaction 1 CS102: Monsoon 2015 About this course Introductory course on Human-Computer Interaction (HCI) Required for the CS major; counts towards CS minor No pre-requisites (programming useful, but not strictly

521 views • 33 slides
Machine Learning and Computational Social Science Intersections and

Machine Learning and Computational Social Science Intersections and

Machine Learning and Computational Social Science Intersections and Collisions David Jensen Department of Computer Science University of Massachusetts Amherst 17 December 2011

582 views • 41 slides
On a Network Creation Game Joint work with Ankur Luthra, Elitza Maneva, Christos H.

On a Network Creation Game Joint work with Ankur Luthra, Elitza Maneva, Christos H.

On a Network Creation Game Joint work with Ankur Luthra, Elitza Maneva, Christos H. Papadimitriou, and Scott Shenker Context U C B E R K E L E Y C O M

760 views • 31 slides
SimpleGraphs: Degrees lastweek Multi-Graph thisweek degrees.1 degrees.2 AlbertRMeyer

SimpleGraphs: Degrees lastweek Multi-Graph thisweek degrees.1 degrees.2 AlbertRMeyer

TypesofGraphs MathematicsforComputerScience MIT 6.042J/18.062J Simple DirectedGraph Graph SimpleGraphs: Degrees lastweek Multi-Graph thisweek degrees.1 degrees.2 AlbertRMeyer April1,2013 AlbertRMeyer April1,2013

322 views • 6 slides
Description Logics Structural Description Logics Enrico Franconi franconi@cs.man.ac.uk

Description Logics Structural Description Logics Enrico Franconi franconi@cs.man.ac.uk

Description Logics Structural Description Logics Enrico Franconi franconi@cs.man.ac.uk http://www.cs.man.ac.uk/franconi Department of Computer Science, University of Manchester (1/34) Description Logics A logical reconstruction and

764 views • 41 slides
Final Exam Review Matt Gormley Lecture 29 Apr. 29, 2020 1 Reminders Homework 9: Learning

Final Exam Review Matt Gormley Lecture 29 Apr. 29, 2020 1 Reminders Homework 9: Learning

10-601 Introduction to Machine Learning Machine Learning Department School of Computer Science Carnegie Mellon University Final Exam Review Matt Gormley Lecture 29 Apr. 29, 2020 1 Reminders Homework 9: Learning Paradigms Out: Wed,

1.37k views • 120 slides
Multi- -Tool CAP Tool CAP- -Based Alert Based Alert Multi and Warning System and Warning

Multi- -Tool CAP Tool CAP- -Based Alert Based Alert Multi and Warning System and Warning

I nternational Telecom m unication Union ITU-T Multi- -Tool CAP Tool CAP- -Based Alert Based Alert Multi and Warning System and Warning System Efraim Petel President, Hormann America, Inc. I TU-T/ OASI S W orkshop and Dem onstration of

745 views • 23 slides

More recommend