the case of the fake picasso preven ng history forgery
play

The Case of the Fake Picasso! Preven&ng History Forgery with - PowerPoint PPT Presentation

Sep 10, 2023 •193 likes •414 views

The Case of the Fake Picasso! Preven&ng History Forgery with Secure Provenance Ragib Hasan * , Radu Sion + , Marianne Winsle> * Dept. of Computer Science * University of Illinois at UrbanaChampaign + Stony Brook University USENIX FAST

  1. The Case of the Fake Picasso! Preven&ng History Forgery with Secure Provenance Ragib Hasan * , Radu Sion + , Marianne Winsle> * Dept. of Computer Science * University of Illinois at Urbana‐Champaign + Stony Brook University USENIX FAST 2009 February 25, 2009

  2. Let’s play a game Real , worth $ 101.8 million Fake , listed at eBay, worth nothing Can you spot the fake Picasso ?

  3. So, how do art buyers authen&cate art? Among other things, they look at provenance records Provenance: from LaIn provenire ‘come from’, defined as “(i) the fact of coming from some par1cular source or quarter; origin, deriva1on. (ii) the history or pedigree of a work of art, manuscript, rare book, etc.; a record of the ul1mate deriva1on and passage of an item through its various owners ” (Oxford English DicIonary) In other words, who owned it, what was done to it, how was it transferred … Widely used in arts, archives, and archeology, called the Fundamental Principle of Archival. hXp://moma.org/collecIon/provenance/items/644.67.html L'ar&ste et son modèle (1928), at Museum of Modern Art

  4. Let’s consider the digital world Am I ge`ng back untampered data? Was this data created and processed by persons I trust? Unlike data processing in the past, digital To trust data we receive from others or retrieve from storage, Our life today has become increasingly dependent on digital data data can be rapidly copied, modified, and Data is generated , processed , and transmi>ed between we need to look into the integrity of both the present state and erased different systems and principals, and stored in database/ Our Most Valuable Asset is Data the past history of data storage

  5. What exactly is data provenance? DefiniIon* – DescripIon of the origins of data and the process by which it arrived at the database. [Buneman et al.] – InformaIon describing materials and transforma&ons applied to derive the data. [Lanter] – InformaIon that helps determine the deriva&on history of a data product, starIng from its original sources. [Simmhan et al.] *Simmhan et al. A Survey of Provenance in E‐Science. SIGMOD Record, 2005.

  6. Example provenance systems Simmhan et al., 2005

  7. What was the common theme of all those systems? • They were all scienIfic compuIng systems • And scienIsts trust people (more or less) • Previous research covers provenance collecIon, annotaIon, querying, and workflow, but security issues are not handled Data • For provenance in untrusted environments, we need integrity , confiden&ality and privacy guarantees So, we need provenance of provenance , i.e. a model for Secure Provenance

  8. Secure provenance means preven&ng “ undetectable history rewri&ng” • Adversaries cannot insert fake events, remove genuine events from a document’s provenance • No one can deny history of own acIons • Allow fine grained preservaIon of privacy and confidenIality of acIons – Users can choose which auditors can see details of their work – AXributes can be selecIvely disclosed or hidden without harming integrity check

  9. Usage and threat model Users : Edit documents on their • machines Documents : Are edited, transmiXed • Auditors : semi‐trusted principals to other users • All auditors can verify chain integrity Bob Charlie Alice Adversaries : insiders or outsiders • Only certain auditors can read each Provenance entry = record of a user’s • who entry modificaIons and related context • Add or remove history entries Provenance chain = chronologically • • Collude with others to add/ sorted list of entries; accompanies remove entries P Alice P Bob P Charlie the document P Alice P Bob P Charlie • Claim a chain belongs to another document • Repudiate an entry P Marvin Audrey Marvin Ragib Hasan, Radu Sion, and Marianne WinsleX, “Introducing Secure Provenance: Problems and Challenges”, ACM StorageSS 2007

  10. Previous work on integrity assurances • (Logically) centralized repository (CVS, Subversion, GIT) – Changes to files recorded – Not applicable to mobile documents • File systems with integrity assurances (SUNDR, PASIS, TCFS) – Provide local integrity checking – Do not apply to data that traverses systems • System state entanglement (Baker 02) – Entangle one system’s state with another, so others can serve as witness to a system’s state – Not applicable to mobile data • Secure audit logs / trails (Schneier and Kelsey 99), LogCrypt (Holt 2004), (Peterson et al. 2006) – Trusted notary cerIfies logs, or trusted third party given hash chain seed

  11. Our solu&on: Overview Provenance Chain … P 1 P 2 P 3 P 4 P n‐1 P n Provenance Entry U 3 W 3 K 3 C 3 Pub 3 Uid 3 Pid 3 Host 3 IP 3 Ime 3 U i = idenIty of C i = integrity W i = Encrypted K i = confidenIality the principal checksum(s) modificaIon log locks for W i (lineage)

  12. Our solu&on: Confiden&ality A single auditor ModificaIon log Encrypted ModificaIon log Issues Mul&ple auditors Encrypted ModificaIon log ModificaIon log • Each user trusts a subset of the auditors Encrypted ModificaIon log • Only the auditor(s) trusted by the user can see the user’s acIons on the document ModificaIon log Encrypted ModificaIon log Op&miza&on: Use broadcast encrypIon tree to reduce number of required keys

  13. Our solu&on: Confiden&ality … P 1 P 2 P 3 P 4 P n‐1 P n U 3 W 3 K 3 C 3 Pub 3 W i = E ki (w i )|hash(D) K i = {E ka (k i ) } k i is a secret key that authorized • • k a is the key of a trusted auditor auditors can retrieve from the field K i w i is either the diff or the set of acIons • taken on the file

  14. Our solu&on: Integrity Old Provenance Entry Old Checksum New Provenance Entry New Checksum Hash Sign C i = S private_i (hash(U i ,W i ,K i )|C i−1 )

  15. Fine grained control over confiden&ality Redacted (unclassified) Document Classified Document Provenance chain has Declassify / release sensi&ve info P 1 P 2 P 3 P 4 P 1 P 2 P 3 P 4 Dele&ng sensi&ve informa&on will break integrity checks NonsensiIve InformaIon SensiIve InformaIon Original aXributes commitment Disclosable NonsensiIve Info SensiIve info Commit(sensiIve info) provenance entry Checksum calculaIon NonsensiIve Info Commit(sensiIve info) Blinded entry disclosed to third party

  16. We can summarize provenance chains to save space, make audits fast 1:1 chain Each entry has 1 checksum, calculated from 1 previous checksum n:1 chain Each entry has n checksums, each of them calculated from 1 previous checksum We can systemaIcally remove entries from the chain while sIll being able to prove integrity of chain

  17. Our Sprov applica&on‐level library requires almost no applica&on changes – Sprov provides the file system APIs from stdio.h – To add secure provenance, simply relink applicaIons with Sprov library instead of stdio.h

  18. Experimental sekngs Crypto sekngs – 1024 bit DSA signatures – 128 bit AES encrypIon – SHA‐1 for hashes Experiment plalorm – Linux 2.6.11 with ext3 – PenIum 3.4 GHz, 2GB RAM, – Disks: Seagate Barracuda 7200 rpm, WD Caviar SE16 7200 rpm Modes – Config‐Disk : Provenance chains stored on Disk – Config‐RD: Provenance chains stored on RAM Disk buffer, and periodically saved to disk

  19. Postmark small file benchmark: Overhead < 5% for realis&c workloads • 20,000 small files (8KB‐64KB) subjected to 100% to 0% write load with the Postmark benchmark • At 100% write load, execuIon Ime overhead of using secure provenance over the no‐ provenance case is approx. 27% (12% with RD) Config‐RD • At 50% write load, overheads go down to 16% (3% with RD) • Overheads are less than 5% with 20% or less write load 100% writes, 0% writes, 0% reads 100% reads

  20. Hybrid workloads: Simula&ng real file systems File system distribu&on: – File size distribuIon in real file systems follows the log normal distribuIon [Bolosky and Douceur 99] – Median file size = 4KB , mean file size = 80KB – We created a file system with 20,000 files, using the lognormal parameters mu = 8.46, sigma = 2.4 – In addiIon, we included a few large (1GB+) files Workload – INS : InstrucIonal lab ( 1.1 % writes) [Roselli 00] – RES : A research lab ( 2.9 % writes) [Roselli 00] – CIFS‐Corp : ( 15 % writes) [Leung 08] – CIFS‐Eng : ( 17 % writes) [Leung 08] – EECS : ( 82 % writes) [Ellard 03]

  21. Typical real life workloads: 1 ‐ 13% overhead EECS EECS CIFS‐corp/eng CIFS‐corp/eng INS, RES INS, RES Config‐Disk Config‐RD INS and RES are read‐intensive (80%+ reads), so overheads are very low in both cases. • CIFS‐corp and CIFS‐eng have 2:1 raIo of reads and writes, overheads are sIll low (range • from 12% to 2.5%) • EECS has very high write load (82%+), so the overhead is higher, but sIll less than 35% for Config‐Disk, and less than 7% for Config‐RD

  22. Summary: Secure provenance possible at low cost Yes, We CAN achieve secure provenance with integrity and confidenIality assurances with reasonable overheads – For most real‐life workloads, overheads are between 1% and 15% only More info at h>p://&nyurl.com/secprov

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Picasso Sculpture Slide Commentary Slide 1: Biography Photo of Picasso Pablo Picasso is

Picasso Sculpture Slide Commentary Slide 1: Biography Photo of Picasso Pablo Picasso is

Picasso Sculpture Slide Commentary Slide 1: Biography Photo of Picasso Pablo Picasso is considered to be one of the greatest and most influential artists of the 20 th century. He is best known for his work as a painter, but he experimented

233 views • 4 slides
Results from the PICASSO experiment Berta Beltran, University of Alberta (for the PICASSO

Results from the PICASSO experiment Berta Beltran, University of Alberta (for the PICASSO

Results from the PICASSO experiment Berta Beltran, University of Alberta (for the PICASSO collaboration) Outline PICASSO principle of detection. Experimental setup &amp; Data taking. Data analysis and Results. Summary.

369 views • 22 slides
Pablo Picasso according to wikipedia ... fauvism complimentary colours bold simplified

Pablo Picasso according to wikipedia ... fauvism complimentary colours bold simplified

The Fauvist Works of Pablo Picasso according to wikipedia ... fauvism complimentary colours bold simplified strong heavy abstracted textured brush strokes wide visible paintings of Marie-Thrse Walter by Pablo Picasso circa 1932

420 views • 19 slides
THE INFLUENCE OF MODERN ART Cubism Pablo Picasso started cubism through a series of

THE INFLUENCE OF MODERN ART Cubism Pablo Picasso started cubism through a series of

THE INFLUENCE OF MODERN ART Cubism Pablo Picasso started cubism through a series of explorations using elements of ancient Iberian and African tribal art. Pablo Picasso and Georges Braque shared an interest in geometry and simultaneous

642 views • 34 slides
Automatically Evading Classifiers A Case Study on PDF Malware Classifiers Weilin Xu

Automatically Evading Classifiers A Case Study on PDF Malware Classifiers Weilin Xu

Automatically Evading Classifiers A Case Study on PDF Malware Classifiers Weilin Xu David Evans Yanjun Qi University of Virginia Machine Learning is Solving Our Problems Fake Fake Spam IDS

1.07k views • 34 slides
Monochromatic The Milliners Workshop Pablo Picasso Cerveteri Philip Guston Old Guitarist

Monochromatic The Milliners Workshop Pablo Picasso Cerveteri Philip Guston Old Guitarist

Monochromatic The Milliners Workshop Pablo Picasso Cerveteri Philip Guston Old Guitarist Pablo Picasso Sunflowers, Fourth Version Vincent Van Gogh On the Pont de lEurope Gustave Caillebotte VALUE TINT COLOR SHADE Color

576 views • 11 slides
David S. Lee, MPH Ac:vism + Public Health = Change 1

David S. Lee, MPH Ac:vism + Public Health = Change 1

5/25/16 Crea&amp;ng Change: Primary Preven&amp;on of Sexual Violence David S. Lee, MPH Director of Preven:on Services A Presenta:on for

513 views • 35 slides
TOR BROWSER FORENSICS ON WINDOWS OS MATTIA EPIFANI, FRANCESCO PICASSO, MARCO SCARITO, CLAUDIA MEDA

TOR BROWSER FORENSICS ON WINDOWS OS MATTIA EPIFANI, FRANCESCO PICASSO, MARCO SCARITO, CLAUDIA MEDA

TOR BROWSER FORENSICS ON WINDOWS OS MATTIA EPIFANI, FRANCESCO PICASSO, MARCO SCARITO, CLAUDIA MEDA DFRWS 2015 DUBLIN, 24 MARCH 2015 REAL CASE Management salaries of a private company were published on a Blog Through an analysis of the

228 views • 21 slides
So what is Fake News Fake news is a type of hoax or deliberate spread of misinformation: News

So what is Fake News Fake news is a type of hoax or deliberate spread of misinformation: News

So what is Fake News Fake news is a type of hoax or deliberate spread of misinformation: News Media Social Media with the intent to mislead in order to gain financially or politically . So what is Fake News It employs eye-catching

1.3k views • 55 slides
Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum

Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum

Contents: Quantum Cryptography 1. Fake Quantum Theory. 2. Simple Quantum Protocols. 3. More Fake Quantum Theory: Fake Tensor Products, Entanglement. 4. A Glance at Genuine Quantum Theory. 5. Quantum Computing, Shors

559 views • 8 slides
Who can you believe? How to avoid being deceived And why by fake news it matters A

Who can you believe? How to avoid being deceived And why by fake news it matters A

Who can you believe? How to avoid being deceived And why by fake news it matters A special initiative of Five genuine facts about fake news 1. 2. 3. Fake news But its growing And it has real is nothing new. out

540 views • 27 slides
Case Presentation - Case History - disease - preoperatively therapy - pre- and postoperativ MRI

Case Presentation - Case History - disease - preoperatively therapy - pre- and postoperativ MRI

Case Presentation - Case History - disease - preoperatively therapy - pre- and postoperativ MRI - result 1 Medical history Case 1: R.W. male, age 56 Former Triathlete, Power lifting, slim, trained, Lumbago since 1998, outpatient therapy

433 views • 9 slides
Teacher Librarians Critical Literacy and Fake News Richard Beaudry February 27, 2017 1.

Teacher Librarians Critical Literacy and Fake News Richard Beaudry February 27, 2017 1.

Teacher Librarians Critical Literacy and Fake News Richard Beaudry February 27, 2017 1. Identifying the issue A brief history of Online Hoaxes Hoaxes: They have been around since early history The Donation of Constantine in 776.

462 views • 45 slides
Cen enter ers for D Diseas ease e Control an and P Preven ention Smo moke ke-free M ee

Cen enter ers for D Diseas ease e Control an and P Preven ention Smo moke ke-free M ee

Cen enter ers for D Diseas ease e Control an and P Preven ention Smo moke ke-free M ee Multi-Uni nit H Hous using ng National al Cen enter er for Chronic Diseas ease e Preven ention an and Heal Health Promotion: Paul ul H

479 views • 22 slides
A8: Cross-site Request Forgery (CSRF) A8: Cross-site Request Forgery (CSRF) XSS Trick

A8: Cross-site Request Forgery (CSRF) A8: Cross-site Request Forgery (CSRF) XSS Trick

A8: Cross-site Request Forgery (CSRF) A8: Cross-site Request Forgery (CSRF) XSS Trick browser to execute code without user knowledge CSRF Trick browser to access sensitive pages without user knowledge CSRF Vulnerability Pattern

284 views • 11 slides
Fake News Online Types of Fake News Clickbait Unreliable sources Misleading

Fake News Online Types of Fake News Clickbait Unreliable sources Misleading

Fake News Online Types of Fake News Clickbait Unreliable sources Misleading Information Satire/ Parody Biased News Clickbait Headline trying to attract attention and make readers click to find out more Creates

855 views • 13 slides
Leveraging local neighborhood topology for large scale person re-identification Svebor Karaman 1 ,

Leveraging local neighborhood topology for large scale person re-identification Svebor Karaman 1 ,

Leveraging local neighborhood topology for large scale person re-identification Svebor Karaman 1 , Giuseppe Lisanti 1 , Andrew D. Bagdanov 2 , Alberto Del Bimbo 1 1 Media Integration and Communication Center (MICC) University of Florence,

508 views • 12 slides
Rank Aggregation via Hodge Theory Lek-Heng Lim University of Chicago August 18, 2010 Joint work

Rank Aggregation via Hodge Theory Lek-Heng Lim University of Chicago August 18, 2010 Joint work

Rank Aggregation via Hodge Theory Lek-Heng Lim University of Chicago August 18, 2010 Joint work with Xiaoye Jiang, Yuao Yao, Yinyu Ye L.-H. Lim (Chicago) HodgeRank August 18, 2010 1 / 24 Learning a Scoring Function Problem Learn a

891 views • 24 slides
The Eect of Global Warming On Financial Discounting Methodology James G. Bridgeman, FSA

The Eect of Global Warming On Financial Discounting Methodology James G. Bridgeman, FSA

The Eect of Global Warming On Financial Discounting Methodology James G. Bridgeman, FSA University of Connecticut S.I.G.M.A. 10-7-2009 Bridgeman (University of Connecticut) Warming S.I.G.M.A. 10-7-2009 1 / 26 Actuarial Framework PRESENT

577 views • 26 slides
Natural Language Processing: Natural Language Processing: Introduction to Syntactic Parsing

Natural Language Processing: Natural Language Processing: Introduction to Syntactic Parsing

Natural Language Processing: Natural Language Processing: Introduction to Syntactic Parsing Introduction to Syntactic Parsing Barbara Plank Barbara Plank DISI, University of Trento barbara.plank@disi.unitn.it NLP+IR course, spring 2012 Note:

1.08k views • 71 slides
Machine Learning for Person Identification Wei-Shi Zheng ()

Machine Learning for Person Identification Wei-Shi Zheng ()

Machine Learning for Person Identification Wei-Shi Zheng () Outline Brief Introduction of ML for Biometrics ML for Person Re-identification Distance Metric Learning

1.92k views • 150 slides
How Crowdsourcing Enabled Computer Vision Crowdsourcing and Human Computation Instructor: Chris

How Crowdsourcing Enabled Computer Vision Crowdsourcing and Human Computation Instructor: Chris

How Crowdsourcing Enabled Computer Vision Crowdsourcing and Human Computation Instructor: Chris Callison-Burch Website: crowdsourcing-class.org Connect a television camera to a computer and get the machine to describe what it sees.

1.12k views • 53 slides
Peipei Zhou (+86)13023157641, memoryzpp@cs.ucla.edu http://vast.cs.ucla.edu/~peipei/ Enflame

Peipei Zhou (+86)13023157641, memoryzpp@cs.ucla.edu http://vast.cs.ucla.edu/~peipei/ Enflame

Peipei Zhou (+86)13023157641, memoryzpp@cs.ucla.edu http://vast.cs.ucla.edu/~peipei/ Enflame Technology, Shengxia Road, Pudong New Area, Shanghai, 201203 China EDUCATION University of California, Los Angeles Los Angeles, CA Ph.D., Computer

848 views • 7 slides
What Will Self-Aware Computer Systems Be John McCarthy, Stanford University mccarthy@stanford.edu

What Will Self-Aware Computer Systems Be John McCarthy, Stanford University mccarthy@stanford.edu

What Will Self-Aware Computer Systems Be John McCarthy, Stanford University mccarthy@stanford.edu http://www-formal.stanford.edu/jmc/ September 13, 2004 Darpa Wants To Know, And Theres A Workshop T The Subject Is Ready For Basic

562 views • 15 slides

More recommend