Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3208630
Pengyu Qiu, Xuhong Zhang, S. Ji, Tianyu Du, Yuwen Pu, Junfeng Zhou, Ting Wang
Vertical federated learning (VFL) is an emerging privacy-preserving paradigm that enables collaboration between companies. These companies have the same set of users but different features. One of them is interested in expanding new business or improving its current service with others’ features. For instance, an e-commerce company, who wants to improve its recommendation performance, can incorporate users’ preferences from another corporation such as a social media company through VFL. On the other hand, graph data is a powerful and sensitive type of data widely used in industry. Their leakage, e.g., the node leakage and/or the relation leakage, can cause severe privacy issues and financial loss. Therefore, protecting the security of graph data is important in practice. Though a line of work has studied how to learn with graph data in VFL, the privacy risks remain underexplored. In this paper, we perform the first systematic study on relation inference attacks to reveal VFL's risk of leaking samples’ relations. Specifically, we assume the adversary to be a semi-honest participant. Then, according to the adversary's knowledge level, we formulate three kinds of attacks based on different intermediate representations. Particularly, we design a novel numerical approximation method to handle VFL's encryption mechanism on the participant's representations. Extensive evaluations with four real-world datasets demonstrate the effectiveness of our attacks. For instance, the area under curve of relation inference can reach more than 90%, implying an impressive relation inference capability. Furthermore, we evaluate possible defenses to examine our attacks’ robustness. The results show that their impacts are limited. Our work highlights the need for advanced defenses to protect private relations and calls for more exploration of VFL's privacy and security issues.
{"title":"Your Labels are Selling You Out: Relation Leaks in Vertical Federated Learning","authors":"Pengyu Qiu, Xuhong Zhang, S. Ji, Tianyu Du, Yuwen Pu, Junfeng Zhou, Ting Wang","doi":"10.1109/TDSC.2022.3208630","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3208630","url":null,"abstract":"Vertical federated learning (VFL) is an emerging privacy-preserving paradigm that enables collaboration between companies. These companies have the same set of users but different features. One of them is interested in expanding new business or improving its current service with others’ features. For instance, an e-commerce company, who wants to improve its recommendation performance, can incorporate users’ preferences from another corporation such as a social media company through VFL. On the other hand, graph data is a powerful and sensitive type of data widely used in industry. Their leakage, e.g., the node leakage and/or the relation leakage, can cause severe privacy issues and financial loss. Therefore, protecting the security of graph data is important in practice. Though a line of work has studied how to learn with graph data in VFL, the privacy risks remain underexplored. In this paper, we perform the first systematic study on relation inference attacks to reveal VFL's risk of leaking samples’ relations. Specifically, we assume the adversary to be a semi-honest participant. Then, according to the adversary's knowledge level, we formulate three kinds of attacks based on different intermediate representations. Particularly, we design a novel numerical approximation method to handle VFL's encryption mechanism on the participant's representations. Extensive evaluations with four real-world datasets demonstrate the effectiveness of our attacks. For instance, the area under curve of relation inference can reach more than 90%, implying an impressive relation inference capability. Furthermore, we evaluate possible defenses to examine our attacks’ robustness. The results show that their impacts are limited. Our work highlights the need for advanced defenses to protect private relations and calls for more exploration of VFL's privacy and security issues.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3653-3668"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47099346","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3213704
S. Abdullahi, Ke Lv, Shuifa Sun, Hongxia Wang
The need for cancelable biometric techniques has seen a progressive rise due to the rapid deployment of biometric authentication systems. These techniques prevent compromising biometric data by generating and using their corresponding cancelable templates for user authentication. However, the non-invertible distance preserving transformation methods employed in various schemes are often vulnerable to information leakage since matching is performed in the transform domain. This paper proposed a non-invertible distance preserving scheme based on vector permutation and shift-order process. First, the dimension of feature vectors is reduced using kernelized principal component analysis before randomly permuting the extracted vector features. A shift-order process is then applied to the generated features to achieve non-invertibility and combat similarity correlation-based attacks. The generated hash codes are resilient to various security and privacy attacks such as ARM, masquerade, and brute-force preimage. Experimental evaluations conducted on eight fingerprint datasets from FVC2002, FVC2004, and FVC2006 reveal a high matching performance of the proposed method with better recognition accuracy than other existing state-of-the-art. The scheme also fulfills the revocability and unlinkability requirements of cancelable biometrics.
{"title":"Cancelable Fingerprint Template Construction Using Vector Permutation and Shift-Ordering","authors":"S. Abdullahi, Ke Lv, Shuifa Sun, Hongxia Wang","doi":"10.1109/TDSC.2022.3213704","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3213704","url":null,"abstract":"The need for cancelable biometric techniques has seen a progressive rise due to the rapid deployment of biometric authentication systems. These techniques prevent compromising biometric data by generating and using their corresponding cancelable templates for user authentication. However, the non-invertible distance preserving transformation methods employed in various schemes are often vulnerable to information leakage since matching is performed in the transform domain. This paper proposed a non-invertible distance preserving scheme based on vector permutation and shift-order process. First, the dimension of feature vectors is reduced using kernelized principal component analysis before randomly permuting the extracted vector features. A shift-order process is then applied to the generated features to achieve non-invertibility and combat similarity correlation-based attacks. The generated hash codes are resilient to various security and privacy attacks such as ARM, masquerade, and brute-force preimage. Experimental evaluations conducted on eight fingerprint datasets from FVC2002, FVC2004, and FVC2006 reveal a high matching performance of the proposed method with better recognition accuracy than other existing state-of-the-art. The scheme also fulfills the revocability and unlinkability requirements of cancelable biometrics.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3828-3844"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45347372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3221789
Khandakar Ashrafi Akbar, Yigong Wang, G. Ayoade, Y. Gao, A. Singhal, L. Khan, B. Thuraisingham, Kangkook Jee
Advanced persistent threats (APT) have increased in recent times as a result of the rise in interest by nation-states and sophisticated corporations to obtain high-profile information. Typically, APT attacks are more challenging to detect since they leverage zero-day attacks and common benign tools. Furthermore, these attack campaigns are often prolonged to evade detection. We leverage an approach that uses a provenance graph to obtain execution traces of host nodes in order to detect anomalous behavior. By using the provenance graph, we extract features that are then used to train an online adaptive metric learning. Online metric learning is a deep learning method that learns a function to minimize the separation between similar classes and maximizes the separation between dis- similar instances. We compare our approach with baseline models and we show our method outperforms the baseline models by increasing detection accuracy on average by 11.3% and increases True positive rate (TPR) on average by 18.3%. We also show that our method outperforms several state-of-the-art models performances in comprehensive attack datasets in both binary and multi-class settings.
{"title":"Advanced Persistent Threat Detection Using Data Provenance and Metric Learning","authors":"Khandakar Ashrafi Akbar, Yigong Wang, G. Ayoade, Y. Gao, A. Singhal, L. Khan, B. Thuraisingham, Kangkook Jee","doi":"10.1109/TDSC.2022.3221789","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3221789","url":null,"abstract":"Advanced persistent threats (APT) have increased in recent times as a result of the rise in interest by nation-states and sophisticated corporations to obtain high-profile information. Typically, APT attacks are more challenging to detect since they leverage zero-day attacks and common benign tools. Furthermore, these attack campaigns are often prolonged to evade detection. We leverage an approach that uses a provenance graph to obtain execution traces of host nodes in order to detect anomalous behavior. By using the provenance graph, we extract features that are then used to train an online adaptive metric learning. Online metric learning is a deep learning method that learns a function to minimize the separation between similar classes and maximizes the separation between dis- similar instances. We compare our approach with baseline models and we show our method outperforms the baseline models by increasing detection accuracy on average by 11.3% and increases True positive rate (TPR) on average by 18.3%. We also show that our method outperforms several state-of-the-art models performances in comprehensive attack datasets in both binary and multi-class settings.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3957-3969"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43629804","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3213824
Haomeng Xie, Shufan Fei, Zheng Yan, Yang Xiao
Privacy preservation is highly expected in the Bitcoin Network. However, only applying pseudonyms cannot completely ensure anonymity/unlinkability between payers and payees. Current approaches mainly depend on a mixer service, which obfuscates payer-payee relationships of transactions. While the mixer service improves transaction privacy, it still suffers from some severe security threats (e.g., DoS attack and collusion attack), and does not support effective and reliable off-chain payment in a parallel mode. In this article, we propose a mixing protocol for the Bitcoin Network based on zero-knowledge proof, called SofitMix. It is the first mixing protocol that can effectively resist both the DoS attack and the collusion attack. It can also support a set of parallel off-chain payments in a reliable way no matter whether some payers abort a transaction. We analyze and prove SofitMix security following the Universal Composability model with regard to fair exchange, unlinkability, collusion-resistance, DoS-resistance and Sybil-resistance. Through a proof-of-concept implementation, we demonstrate its validity and fairness. We also show its advance on off-chain payment reliability and DoS attack resistance, compared to TumbleBit.
{"title":"SofitMix: A Secure Offchain-Supported Bitcoin-Compatible Mixing Protocol","authors":"Haomeng Xie, Shufan Fei, Zheng Yan, Yang Xiao","doi":"10.1109/TDSC.2022.3213824","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3213824","url":null,"abstract":"Privacy preservation is highly expected in the Bitcoin Network. However, only applying pseudonyms cannot completely ensure anonymity/unlinkability between payers and payees. Current approaches mainly depend on a mixer service, which obfuscates payer-payee relationships of transactions. While the mixer service improves transaction privacy, it still suffers from some severe security threats (e.g., DoS attack and collusion attack), and does not support effective and reliable off-chain payment in a parallel mode. In this article, we propose a mixing protocol for the Bitcoin Network based on zero-knowledge proof, called SofitMix. It is the first mixing protocol that can effectively resist both the DoS attack and the collusion attack. It can also support a set of parallel off-chain payments in a reliable way no matter whether some payers abort a transaction. We analyze and prove SofitMix security following the Universal Composability model with regard to fair exchange, unlinkability, collusion-resistance, DoS-resistance and Sybil-resistance. Through a proof-of-concept implementation, we demonstrate its validity and fairness. We also show its advance on off-chain payment reliability and DoS attack resistance, compared to TumbleBit.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"4311-4324"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42980939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Reversible data hiding in encrypted images (RDHEI) can serve as a technical solution to secure data in applications that rely on cloud storage. The key features of an RDHEI scheme are reversibility, security, and data embedding rate. To enlarge the embedding rate, this paper proposes a novel RDHEI scheme based on the median edge detector (MED) and a new proposed hierarchical block variable length coding (HBVLC) technique. In our scheme, the image owner first predicts the pixel values of the carrier image with MED. Then, the prediction error array is sliced into bit-planes and encoded plane by plane. By leveraging the inherent features of the prediction error bit-planes, the image owner adaptively decomposes a bit-plane into blocks of different hierarchical levels based on its local smoothness and encodes the blocks with a variable length coding method. As a result, the carrier image is efficiently compressed to provide spare room for data embedding. The encoded carrier image is then processed with the conventional steps of an RDHEI technique. Experimental results show that the proposed scheme not only can restore the secret data and the carrier image without loss but also outperforms state-of-the-art methods in the embedding rate for images with various features.
{"title":"Reversible Data Hiding With Hierarchical Block Variable Length Coding for Cloud Security","authors":"Shuying Xu, Ji-Hwei Horng, Ching-Chun Chang, Chin-chen Chang","doi":"10.1109/TDSC.2022.3219843","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3219843","url":null,"abstract":"Reversible data hiding in encrypted images (RDHEI) can serve as a technical solution to secure data in applications that rely on cloud storage. The key features of an RDHEI scheme are reversibility, security, and data embedding rate. To enlarge the embedding rate, this paper proposes a novel RDHEI scheme based on the median edge detector (MED) and a new proposed hierarchical block variable length coding (HBVLC) technique. In our scheme, the image owner first predicts the pixel values of the carrier image with MED. Then, the prediction error array is sliced into bit-planes and encoded plane by plane. By leveraging the inherent features of the prediction error bit-planes, the image owner adaptively decomposes a bit-plane into blocks of different hierarchical levels based on its local smoothness and encodes the blocks with a variable length coding method. As a result, the carrier image is efficiently compressed to provide spare room for data embedding. The encoded carrier image is then processed with the conventional steps of an RDHEI technique. Experimental results show that the proposed scheme not only can restore the secret data and the carrier image without loss but also outperforms state-of-the-art methods in the embedding rate for images with various features.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"4199-4213"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46545638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3222880
Hongyang Yan, Shuhao Li, Yajie Wang, Yaoyuan Zhang, K. Sharif, Haibo Hu, Yuan-zhang Li
Deep Learning(DL) techniques have gained significant importance in the recent past due to their vast applications. However, DL is still prone to several attacks, such as the Membership Inference Attack (MIA), based on the memorability of training data. MIA aims at determining the presence of specific data in the training dataset of the model with substitute model of similar structure to the objective model. As MIA relies on the substitute model, they can be mitigated if the substitute model is not clear about the network structure of the objective model. To solve the challenge of shadow-model construction, this work presents L-Leaks, a member inference attack based on Logits. L-Leaks allow an adversary to use the substitute model's information to predict the presence of membership if the shadow and objective model are similar enough. Here, the substitute model is built by learning the logits of the objective model, hence making it similar enough. This results in the substitute model having sufficient confidence in the member samples of the objective model. The evaluation of the attack's success shows that the proposed technique can execute the attack more accurately than existing techniques. It also shows that the proposed MIA is significantly robust under different network models and datasets.
{"title":"Membership Inference Attacks Against Deep Learning Models via Logits Distribution","authors":"Hongyang Yan, Shuhao Li, Yajie Wang, Yaoyuan Zhang, K. Sharif, Haibo Hu, Yuan-zhang Li","doi":"10.1109/TDSC.2022.3222880","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3222880","url":null,"abstract":"Deep Learning(DL) techniques have gained significant importance in the recent past due to their vast applications. However, DL is still prone to several attacks, such as the Membership Inference Attack (MIA), based on the memorability of training data. MIA aims at determining the presence of specific data in the training dataset of the model with substitute model of similar structure to the objective model. As MIA relies on the substitute model, they can be mitigated if the substitute model is not clear about the network structure of the objective model. To solve the challenge of shadow-model construction, this work presents L-Leaks, a member inference attack based on Logits. L-Leaks allow an adversary to use the substitute model's information to predict the presence of membership if the shadow and objective model are similar enough. Here, the substitute model is built by learning the logits of the objective model, hence making it similar enough. This results in the substitute model having sufficient confidence in the member samples of the objective model. The evaluation of the attack's success shows that the proposed technique can execute the attack more accurately than existing techniques. It also shows that the proposed MIA is significantly robust under different network models and datasets.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3799-3808"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47469935","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3217002
Shunbin Li, Zhiyu Wang, Ruyun Zhang, Chunming Wu, Hanguang Luo
Rule-based password generation is one of the most effective and often employed techniques in the highly compute-intensive password recovery process. However, it is challenging to design and maintain a practical password mangling ruleset, which is a time-consuming task requiring specialized expertise. This paper therefore introduced MDBSCAN (Modified Density-Based Spatial Clustering of Applications with Noise), a novel density-based cluster approach in machine learning, to build an automatic password mangling rule generator. To evaluate the proposed method, cross-checks across 4 different real-world password datasets leaked from popular Internet services and applications are adopted. The results indicate that the proposed generator could produce high-quality mangling rules with a better hit rate and enhance current mangling rules by identifying hidden or omitted rules. The proposed approach also shows strong interpretability and computational efficiency. When examining the RockYou password dataset with the top 77 rules, the hit rate may rise by 11% to 104% proportionally to other well-known solutions. Furthermore, by combining the top 77 rules generated by MDBSCAN with those from other rulesets, 3–12.67% more real-world passwords can be retrieved.
基于规则的密码生成是高度计算密集型密码恢复过程中最有效和最常用的技术之一。然而,设计和维护一个实用的密码篡改规则集是具有挑战性的,这是一项耗时的任务,需要专门的专业知识。因此,本文引入一种新的基于密度的机器学习聚类方法MDBSCAN (Modified Density-Based Spatial Clustering of Applications with Noise)来构建自动密码篡改规则生成器。为了评估所提出的方法,对从流行的互联网服务和应用程序泄露的4个不同的真实世界密码数据集进行了交叉检查。结果表明,该生成器能够生成命中率较高的高质量纠错规则,并通过识别隐藏或遗漏的规则来增强现有纠错规则。该方法具有较强的可解释性和计算效率。当使用前77条规则检查RockYou密码数据集时,命中率可能会比其他知名解决方案高出11%至104%。此外,通过将MDBSCAN生成的前77条规则与来自其他规则集的规则相结合,可以检索到3-12.67%的真实密码。
{"title":"Mangling Rules Generation With Density-Based Clustering for Password Guessing","authors":"Shunbin Li, Zhiyu Wang, Ruyun Zhang, Chunming Wu, Hanguang Luo","doi":"10.1109/TDSC.2022.3217002","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3217002","url":null,"abstract":"Rule-based password generation is one of the most effective and often employed techniques in the highly compute-intensive password recovery process. However, it is challenging to design and maintain a practical password mangling ruleset, which is a time-consuming task requiring specialized expertise. This paper therefore introduced MDBSCAN (Modified Density-Based Spatial Clustering of Applications with Noise), a novel density-based cluster approach in machine learning, to build an automatic password mangling rule generator. To evaluate the proposed method, cross-checks across 4 different real-world password datasets leaked from popular Internet services and applications are adopted. The results indicate that the proposed generator could produce high-quality mangling rules with a better hit rate and enhance current mangling rules by identifying hidden or omitted rules. The proposed approach also shows strong interpretability and computational efficiency. When examining the RockYou password dataset with the top 77 rules, the hit rate may rise by 11% to 104% proportionally to other well-known solutions. Furthermore, by combining the top 77 rules generated by MDBSCAN with those from other rulesets, 3–12.67% more real-world passwords can be retrieved.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3588-3600"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47537365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3208706
Chuan Zhang, Chenfei Hu, Tong Wu, Liehuang Zhu, Ximeng Liu
The neural network has been widely used to train predictive models for applications such as image processing, disease prediction, and face recognition. To produce more accurate models, powerful third parties (e.g., clouds) are usually employed to collect data from a large number of users, which however may raise concerns about user privacy. In this paper, we propose an Efficient and Privacy-preserving Neural Network scheme, named EPNN, to deal with the privacy issues in cloud-based neural networks. EPNN is designed based on a two-cloud model and techniques of data perturbation and additively homomorphic cryptosystem. This scheme enables two clouds to cooperatively perform neural network training and prediction in a privacy-preserving manner and significantly reduces the computation and communication overhead among participating entities. Through a detailed analysis, we demonstrate the security of EPNN. Extensive experiments based on real-world datasets show EPNN is more efficient than existing schemes in terms of computational costs and communication overhead.
{"title":"Achieving Efficient and Privacy-Preserving Neural Network Training and Prediction in Cloud Environments","authors":"Chuan Zhang, Chenfei Hu, Tong Wu, Liehuang Zhu, Ximeng Liu","doi":"10.1109/TDSC.2022.3208706","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3208706","url":null,"abstract":"The neural network has been widely used to train predictive models for applications such as image processing, disease prediction, and face recognition. To produce more accurate models, powerful third parties (e.g., clouds) are usually employed to collect data from a large number of users, which however may raise concerns about user privacy. In this paper, we propose an Efficient and Privacy-preserving Neural Network scheme, named EPNN, to deal with the privacy issues in cloud-based neural networks. EPNN is designed based on a two-cloud model and techniques of data perturbation and additively homomorphic cryptosystem. This scheme enables two clouds to cooperatively perform neural network training and prediction in a privacy-preserving manner and significantly reduces the computation and communication overhead among participating entities. Through a detailed analysis, we demonstrate the security of EPNN. Extensive experiments based on real-world datasets show EPNN is more efficient than existing schemes in terms of computational costs and communication overhead.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"4245-4257"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47139531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3218507
Alan Rodrigo Diaz-Rizo, H. Aboushady, H. Stratigopoulos
We propose a Hardware Trojan (HT) attack in wireless Integrated Circuits (ICs) that aims at leaking sensitive information within a legitimate transmission. The HT is hidden inside the transmitter modulating the sensitive information into the preamble of each transmitted frame which is used for the synchronization of the transmitter with the receiver. The data leakage does not affect synchronization and is imperceptible by the inconspicuous nominal receiver as it does not incur any performance penalty in the communication. A knowledgeable rogue receiver, however, can recover the data using signal processing that is too expensive and impractical to be used during run-time in nominal receivers. The HT mechanism is designed at circuit-level and is embedded entirely into the digital section of the RF transceiver having a tiny footprint. The proposed HT attack is demonstrated with measurements on a hardware platform. We demonstrate the stealthiness of the attack, i.e., its ability to evade defenses based on testing and run-time monitoring, and the robustness of the attack, i.e., the ability of the rogue receiver to recover the leaked information even under unfavorable channel conditions.
{"title":"Leaking Wireless ICs via Hardware Trojan-Infected Synchronization","authors":"Alan Rodrigo Diaz-Rizo, H. Aboushady, H. Stratigopoulos","doi":"10.1109/TDSC.2022.3218507","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3218507","url":null,"abstract":"We propose a Hardware Trojan (HT) attack in wireless Integrated Circuits (ICs) that aims at leaking sensitive information within a legitimate transmission. The HT is hidden inside the transmitter modulating the sensitive information into the preamble of each transmitted frame which is used for the synchronization of the transmitter with the receiver. The data leakage does not affect synchronization and is imperceptible by the inconspicuous nominal receiver as it does not incur any performance penalty in the communication. A knowledgeable rogue receiver, however, can recover the data using signal processing that is too expensive and impractical to be used during run-time in nominal receivers. The HT mechanism is designed at circuit-level and is embedded entirely into the digital section of the RF transceiver having a tiny footprint. The proposed HT attack is demonstrated with measurements on a hardware platform. We demonstrate the stealthiness of the attack, i.e., its ability to evade defenses based on testing and run-time monitoring, and the robustness of the attack, i.e., the ability of the rogue receiver to recover the leaked information even under unfavorable channel conditions.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3845-3859"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42319878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-09-01DOI: 10.1109/TDSC.2022.3209011
Zhichao Yang, D. He, Longjiang Qu, Jianqiao Xu
In response to the threat posed by quantum computers, Pilaram and Eghlidos proposed the first lattice-based multi-stage secret sharing scheme which is the only post-quantum multi-stage secret sharing scheme. In this paper, we introduce an efficient attack on it and show that any adversary can easily reconstruct unrecovered secrets as long as it collects enough pseudo-secret shares. For the sake of complete, we further list two countermeasures to protect the scheme from such attack.
{"title":"On the Security of a Lattice-Based Multi-Stage Secret Sharing Scheme","authors":"Zhichao Yang, D. He, Longjiang Qu, Jianqiao Xu","doi":"10.1109/TDSC.2022.3209011","DOIUrl":"https://doi.org/10.1109/TDSC.2022.3209011","url":null,"abstract":"In response to the threat posed by quantum computers, Pilaram and Eghlidos proposed the first lattice-based multi-stage secret sharing scheme which is the only post-quantum multi-stage secret sharing scheme. In this paper, we introduce an efficient attack on it and show that any adversary can easily reconstruct unrecovered secrets as long as it collects enough pseudo-secret shares. For the sake of complete, we further list two countermeasures to protect the scheme from such attack.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"4441-4442"},"PeriodicalIF":7.3,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48254461","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: