Rui Li,Alex X. Liu,Huanle Xu,Ying Liu,Huaqiang Yuan

DOI: https://doi.org/10.1109/tdsc.2020.2998039

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Nearest neighbor query processing is a fundamental problem that arises in many fields such as spatial databases and machine learning. This article aims to address the Secure Nearest Neighbor (SNN) problem in cloud computing. Prior SNN schemes are both insecure and inefficient. In this article, we formally prove and experimentally demonstrate that the SNN scheme ASPE is actually insecure against even ciphertext only attacks. Although prior work proved that it is impossible to construct an SNN scheme even in much relaxed standard security models, we point out the flaws of the hardness proof. We propose an SNN scheme and prove that it is secure against adaptive chosen keyword attacks. Our scheme is efficient as its query processing complexity is logarithmic. To evaluate the efficiency of our SNN scheme, we implemented our scheme in C++ and compared its performance with a plain text scheme, binary scheme, and a PIR scheme on a large set of over 10 million real-world data points. Experimental results show that our scheme is fast (0.124 millisecond per query when data set size is 10 million) and scalable in terms of the number of data points.

computer science, information systems, software engineering, hardware & architecture

xiangming meng,sheng wu,linling kuang,defeng,huang,jianhua lu

2016-01-01

Abstract: We consider the problem of recovering clustered sparse signals with no prior knowledge of the sparsity pattern. Beyond simple sparsity, signals of interest often exhibits an underlying sparsity pattern which, if leveraged, can improve the reconstruction performance. However, the sparsity pattern is usually unknown a priori. Inspired by the idea of k-nearest neighbor (k-NN) algorithm, we propose an efficient algorithm termed approximate message passing with nearest neighbor sparsity pattern learning (AMP-NNSPL), which learns the sparsity pattern adaptively. AMP-NNSPL specifies a flexible spike and slab prior on the unknown signal and, after each AMP iteration, sets the sparse ratios as the average of the nearest neighbor estimates via expectation maximization (EM). Experimental results on both synthetic and real data demonstrate the superiority of our proposed algorithm both in terms of reconstruction performance and computational complexity.

Longfei Zheng,Chaochao Chen,Yingting Liu,Bingzhe Wu,Xibin Wu,Li Wang,Lei Wang,Jun Zhou,Shuang Yang

2020-01-01

Abstract:Deep Neural Network (DNN) has been showing great potential in kinds of real-world applications such as fraud detection and distress prediction. Meanwhile, data isolation has become a serious problem currently, i.e., different parties cannot share data with each other. To solve this issue, most research leverages cryptographic techniques to train secure DNN models for multi-parties without compromising their private data. Although such methods have strong security guarantee, they are difficult to scale to deep networks and large datasets due to its high communication and computation complexities. To solve the scalability of the existing secure Deep Neural Network (DNN) in data isolation scenarios, in this paper, we propose an industrial scale privacy preserving neural network learning paradigm, which is secure against semi-honest adversaries. Our main idea is to split the computation graph of DNN into two parts, i.e., the computations related to private data are performed by each party using cryptographic techniques, and the rest computations are done by a neutral server with high computation ability. We also present a defender mechanism for further privacy protection. We conduct experiments on real-world fraud detection dataset and financial distress prediction dataset, the encouraging results demonstrate the practicalness of our proposal.

Yandong Zheng,Rongxing Lu,Songnian Zhang,Jun Shao,Hui Zhu

DOI: https://doi.org/10.1109/tdsc.2024.3376084

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:As one of the most popular queries in big data era, the $k$ nearest neighbors ($k$NN) query plays a significant role in various applications, such as medical diagnosis, signal processing, and recommendation systems. Meanwhile, driven by the advancement of the cloud service, an emerging trend among applications is to outsource the dataset and the corresponding $k$NN query services to the cloud. However, as the cloud is not fully trusted, those applications will face vital privacy concerns, and thus they usually encrypt data before outsourcing them to the cloud. Because encrypted data are outsourced to cloud, the $k$NN query over encrypted data has become increasingly attractive, and many solutions have been put forth in recent years. However, existing solutions cannot fully satisfy the objects of returning exact query results, protecting database privacy and query privacy, achieving high query efficiency, and imposing low computational costs at the user side. To address these issues, in this paper, we propose a new practical and privacy-preserving $k$NN query scheme. Specifically, we first refine the general security requirements for the matrix encryption by systematically analyzing existing algorithms. Then, we design a novel asymmetric matrix encryption (AME) to securely achieve Euclidean distance computation and two distances comparison in a single-party and non-interactive way. Then, based on the AME scheme, we propose a privacy-preserving $k$NN query scheme, in which a max-heap of size $k$ is used to accelerate query efficiency. Detailed security analysis shows that our proposed scheme is really privacy-preserving. In addition, extensive performance evaluations are conducted, and the results demonstrate that our proposed scheme is also highly efficient.

computer science, information systems, software engineering, hardware & architecture

Shyam Murthy,Santosh Kumar Upadhyaya,Srinivas Vivek

2024-04-17

Abstract:The rise of cloud computing has spurred a trend of transferring data storage and computational tasks to the cloud. To protect confidential information such as customer data and business details, it is essential to encrypt this sensitive data before cloud storage. Implementing encryption can prevent unauthorized access, data breaches, and the resultant financial loss, reputation damage, and legal issues. Moreover, to facilitate the execution of data mining algorithms on the cloud-stored data, the encryption needs to be compatible with domain computation. The $k$-nearest neighbor ($k$-NN) computation for a specific query vector is widely used in fields like location-based services. Sanyashi et al. (ICISS 2023) proposed an encryption scheme to facilitate privacy-preserving $k$-NN computation on the cloud by utilizing Asymmetric Scalar-Product-Preserving Encryption (ASPE).

Cryptography and Security

Yulong Shen

DOI: https://doi.org/10.1109/tbdata.2017.2707552

2017-01-01

IEEE Transactions on Big Data

Abstract:The k-nearest neighbors (k-NN) query is a fundamental primitive in spatial and multimedia databases. It has extensive applications in location-based services, classification & clustering and so on. With the promise of confidentiality and privacy, massive data are increasingly outsourced to cloud in the encrypted form for enjoying the advantages of cloud computing (e.g., reduce storage and query processing costs). Recently, many schemes have been proposed to support k-NN query on encrypted cloud data. However, prior works have all assumed that the query users (QUs) are fully-trusted and know the key of the data owner (DO), which is used to encrypt and decrypt outsourced data. The assumptions are unrealistic in many situations, since many users are neither trusted nor knowing the key. In this paper, we propose a novel scheme for secure k-NN query on encrypted cloud data with multiple keys, in which the DO and each QU all hold their own different keys, and do not share them with each other; meanwhile, the DO encrypts and decrypts outsourced data using the key of his own. Our scheme is constructed by a distributed two trapdoors public-key cryptosystem (DT-PKC) and a set of protocols of secure two-party computation, which not only preserves the data confidentiality and query privacy but also supports the offline data owner. Our extensive theoretical and experimental evaluations demonstrate the effectiveness of our scheme in terms of security and performance.

Tikaram Sanyashi,Bernard Menezes

2023-08-05

Abstract:Sensitive applications running on the cloud often require data to be stored in an encrypted domain. To run data mining algorithms on such data, partially homomorphic encryption schemes (allowing certain operations in the ciphertext domain) have been devised. One such line of work yields schemes for secure \textit{k-nearest neighbors} computation that is designed to provide both \textit{Data Privacy} and \textit{Query Privacy}. Enhancements in this area further ensure that the data owner approves each query issued by a query user before the cloud server processes it. In this work, we describe an attack that invalidates the \textit{key confidentiality} claim, which further invalidates the \textit{Data Privacy} claim for these schemes. We show that a query user can specially tailor a query to extract information about the secret key used to encrypt the data points. Furthermore, the recovered secret information can be used to derive all the plaintext data points breaking \textit{data privacy}. We then suggest enhanced encryption schemes that make such attacks on \textit{data privacy} impossible while incurring meager additional costs in performance.

Cryptography and Security

Kaiqun Zhu,Zidong Wang,Derui Ding,Hongli Dong,Cheng-Zhong Xu

DOI: https://doi.org/10.1109/TNNLS.2024.3389873

2024-04-24

Abstract:This article is concerned with the secure state estimation problem for artificial neural networks (ANNs) subject to unknown-but-bounded noises, where sensors and the remote estimator are connected via open and bandwidth-limited communication networks. Using the encoding-decoding mechanism (EDM) and the Paillier encryption technique, a novel homomorphic encryption scheme (HES) is introduced, which aims to ensure the secure transmission of measurement information within communication networks that are constrained by bandwidth. Under this encoding-decoding-based HES, the data being transmitted can be encrypted into ciphertexts comprising finite bits. The emphasis of this research is placed on the development of a secure set-membership state estimation algorithm, which allows for the computation of estimates using encrypted data without the need for decryption, thereby ensuring data security throughout the entire estimation process. Taking into account the unknown-but-bounded noises, the underlying ANN, and the adopted HES, sufficient conditions are determined for the existence of the desired ellipsoidal set. The related secure state estimator gains are then derived by addressing optimization problems using the Lagrange multiplier method. Lastly, an example is presented to verify the effectiveness of the proposed secure state estimation approach.

Jun Zhou,Longfei Zheng,Chaochao Chen,Yan Wang,Xiaolin Zheng,Bingzhe Wu,Cen Chen,Li Wang,Jianwei Yin,Chaochao Chen*

DOI: https://doi.org/10.1145/3501809

IF: 5

2022-02-04

ACM Transactions on Intelligent Systems and Technology

Abstract:Deep Neural Networks (DNNs) have achieved remarkable progress in various real-world applications, especially when abundant training data are provided. However, data isolation has become a serious problem currently. Existing works build privacy preserving DNN models from either algorithmic perspective or cryptographic perspective. The former mainly splits the DNN computation graph between data holders or between data holders and server, which demonstrates good scalability but suffers from accuracy loss and potential privacy risks. In contrast, the latter leverages time-consuming cryptographic techniques, which has strong privacy guarantee but poor scalability. In this paper, we propose SPNN — a S calable and P rivacy-preserving deep N eural N etwork learning framework, from algorithmic-cryptographic co-perspective. From algorithmic perspective, we split the computation graph of DNN models into two parts, i.e., the private data related computations that are performed by data holders and the rest heavy computations that are delegated to a semi-honest server with high computation ability. From cryptographic perspective, we propose using two types of cryptographic techniques, i.e., secret sharing and homomorphic encryption, for the isolated data holders to conduct private data related computations privately and cooperatively. Furthermore, we implement SPNN in a decentralized setting and introduce user-friendly APIs. Experimental results conducted on real-world datasets demonstrate the superiority of our proposed SPNN.

computer science, information systems, artificial intelligence

Yousef Elmehdwi,Bharath K. Samanthula,Wei Jiang

DOI: https://doi.org/10.48550/arXiv.1307.4824

2013-07-18

Abstract:For the past decade, query processing on relational data has been studied extensively, and many theoretical and practical solutions to query processing have been proposed under various scenarios. With the recent popularity of cloud computing, users now have the opportunity to outsource their data as well as the data management tasks to the cloud. However, due to the rise of various privacy issues, sensitive data (e.g., medical records) need to be encrypted before outsourcing to the cloud. In addition, query processing tasks should be handled by the cloud; otherwise, there would be no point to outsource the data at the first place. To process queries over encrypted data without the cloud ever decrypting the data is a very challenging task. In this paper, we focus on solving the k-nearest neighbor (kNN) query problem over encrypted database outsourced to a cloud: a user issues an encrypted query record to the cloud, and the cloud returns the k closest records to the user. We first present a basic scheme and demonstrate that such a naive solution is not secure. To provide better security, we propose a secure kNN protocol that protects the confidentiality of the data, user's input query, and data access patterns. Also, we empirically analyze the efficiency of our protocols through various experiments. These results indicate that our secure protocol is very efficient on the user end, and this lightweight scheme allows a user to use any mobile device to perform the kNN query.

Cryptography and Security

Jun Zhou,Longfei Zheng,Chaochao Chen,Yan Wang,Xiaolin Zheng,Bingzhe Wu,Cen Chen,Li Wang,Jianwei Yin

DOI: https://doi.org/10.1145/3501809

IF: 5

2022-01-01

ACM Transactions on Intelligent Systems and Technology

Abstract:Deep Neural Networks (DNNs) have achieved remarkable progress in various real-world applications, especially when abundant training data are provided. However, data isolation has become a serious problem currently. Existing works build privacy-preserving DNN models from either algorithmic perspective or cryptographic perspective. The former mainly splits the DNN computation graph between data holders or between data holders and server, which demonstrates good scalability but suffers from accuracy loss and potential privacy risks. In contrast, the latter leverages time-consuming cryptographic techniques, which has strong privacy guarantee but poor scalability. In this article, we propose SPNN-a Scalable and Privacy-preserving deep Neural Network learning framework, from an algorithmic-cryptographic co-perspective. From algorithmic perspective, we split the computation graph of DNN models into two parts, i.e., the private-data-related computations that are performed by data holders and the rest heavy computations that are delegated to a semi-honest server with high computation ability. From cryptographic perspective, we propose using two types of cryptographic techniques, i.e., secret sharing and homomorphic encryption, for the isolated data holders to conduct private-data-related computations privately and cooperatively. Furthermore, we implement SPNN in a decentralized setting and introduce user-friendly APIs. Experimental results conducted on real-world datasets demonstrate the superiority of our proposed SPNN.

Meng Li,Jianbo Gao,Liehuang Zhu,Zijian Zhang,Chhagan Lal,Mauro Conti

DOI: https://doi.org/10.1109/tsc.2023.3311586

IF: 11.019

2023-01-01

IEEE Transactions on Services Computing

Abstract:Outsourcing data users' location data to a cloud server (CS) enables them to obtain k nearest points of interest. However, data users' privacy concerns hinder the wide-scale use. Several studies have achieved Secure k Nearest Neighbor (SkNN) query, but do not address time-restricted access or result privacy, and randomly partition data items which degrades efficiency. In this paper, we propose Time-restricted, verifiable, and efficient Query Processing (TiveQP). TiveQP has three distinguishing features. (1) Expand SkNN: data users can query k nearest locations open at a specific time. (2) Adopt a stronger threat model: we assume the CS is malicious and propose complementary set (i.e., transform proving “in” a set to proving “in” its complementary set) to allow data users to verify results without leaking unqueried data items' information. (3) Improve efficiency: we design a space encoding technique and a pruning strategy to improve efficiency in query processing and result verification. We formally proved the security of TiveQP in the random oracle model. We conducted extensive evaluations over a Yelp dataset to show that TiveQP significantly improves over existing work, e.g., top-10NN query over 100 thousand data items only needs 10 ms to get queried results and 1.4 ms for verification.

computer science, information systems, software engineering

Zhiqiang Yang,Sheng Zhong,Rebecca N. Wright

DOI: https://doi.org/10.1007/11863908_29

2006-01-01

Abstract:Data confidentiality is a major concern in database systems. Encryption is a useful tool for protecting the confidentiality of sensitive data. However, when data is encrypted, performing queries becomes more challenging. In this paper, we study efficient and provably secure methods for queries on encrypted data stored in an outsourced database that may be susceptible to compromise. Specifically, we show that, in our system, even if an intruder breaks into the database and observes some interactions between the database and its users, he only learns very little about the data stored in the database and the queries performed on the data.Our work consists of several components. First, we consider databases in which each attribute has a finite domain and give a basic solution for certain kinds of queries on such databases. Then, we present two enhanced solutions, one with a stronger security guarantee and the other with accelerated queries. In addition to providing proofs of our security guarantees, we provide empirical performance evaluations. Our experiments demonstrate that our solutions are fast on large-sized real data.

Yi Cai,Xiaoming Chen,Lu Tian,Yu Wang,Huazhong Yang

DOI: https://doi.org/10.1109/tc.2020.3017870

IF: 3.183

2020-01-01

IEEE Transactions on Computers

Abstract:Neural network (NN) computing is energy-consuming on traditional computing systems, owing to the inherent memory wall bottleneck of the von Neumann architecture and the Moore's Law being approaching the end. Non-volatile memories (NVMs) have been demonstrated as promising alternatives for constructing computing-in-memory (CiM) systems to accelerate NN computing. However, NVM-based NN computing systems are vulnerable to the confidentiality attacks because the weight parameters persist in memory when the system is powered off, enabling an attacker with physical access to extract the well-trained NN models. The goal of this work is to find a solution for thwarting the confidentiality attacks. We define and model the weight encryption problem. Then we propose an effective framework, containing a sparse fast gradient encryption (SFGE) method and a runtime encryption scheduling (RES) scheme, to guarantee the confidentiality security of NN models with a negligible performance overhead. The experiments demonstrate that only encrypting an extremely small proportion of the weights (e.g., 20 weights per layer in ResNet-101), the NN models can be strictly protected.

Lei Xu,Huayi Duan,Anxin Zhou,Xingliang Yuan,Cong Wang

DOI: https://doi.org/10.1109/tifs.2021.3128823

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Searchable symmetric encryption (SSE) enables users to make confidential queries over always encrypted data while confining information disclosure to pre-defined leakage profiles. Despite the well-understood performance and potentially broad applications of SSE, recent leakage-abuse attacks (LAAs) are questioning its real-world security implications. They show that a passive adversary with certain prior information of a database can recover queries by exploiting the legitimately admitted leakage. While several countermeasures have been proposed, they are insufficient for either security, i.e., handling only specific leakage like query volume, or efficiency, i.e., incurring large storage and bandwidth overhead. We aim to fill this gap by advancing the understanding of LAAs from a fundamental algebraic perspective. Our investigation starts by revealing that the index matrices of a plaintext database and its encrypted image can be linked by linear transformation. The invariant characteristics preserved under the transformation encompass and surpass the information exploited by previous LAAs. They allow one to unambiguously link encrypted queries with corresponding keywords, even with only partial knowledge of the database. Accordingly, we devise a new powerful attack and conduct a series of experiments to show its effectiveness. In response, we propose a new security notion to thwart LAAs in general, inspired by the principle of local differential privacy (LDP). Under the notion, we further develop a practical countermeasure with tunable privacy and efficiency guarantee. Experiment results on representative real-world datasets show that our countermeasure can reduce the query recovery rate of LAAs, including our own.

computer science, theory & methods,engineering, electrical & electronic

Songnian Zhang,Rongxing Lu,Hui Zhu,Yandong Zheng,Yunguo Guan,Fengwei Wang,Jun Shao,Hui Li

DOI: https://doi.org/10.1109/tifs.2024.3396384

IF: 7.231

2024-05-14

IEEE Transactions on Information Forensics and Security

Abstract:The increasing prevalence of cloud computing drives the exploration of various secure query schemes over encrypted data, among which secure spatial keyword query has drawn a great deal of attention due to its broad application in location-based services. However, most existing schemes are either limited to the boolean keyword test or incapable of protecting access pattern privacy. Although the state-of-the-art secure spatial keyword query scheme can support keyword similarity while preserving access pattern privacy, it is unable to cope with the arbitrary spatial range, which is more general, and has limitations in efficiency and security. In this paper, we propose a new secure spatial keyword similarity query scheme that can support arbitrary spatial ranges and enhance the efficiency and security of the state-of-the-art scheme at the same time. Specifically, we first present a new homomorphic encryption technique by improving the popular symmetric homomorphic encryption (SHE). After that, we propose a novel approach to make supporting arbitrary spatial ranges over encrypted data possible, in which a spatial encoding technique is designed to improve performance. Finally, by designing a pack-based solution to protect access pattern privacy, our proposed scheme can hide the number of query results while optimizing performance. We formally prove the security of our proposed scheme and conduct experiments to evaluate its performance. The results indicate that our proposed scheme outperforms the state-of-the-art scheme in both the computational costs and communication overhead.

computer science, theory & methods,engineering, electrical & electronic

Farzad Nikfam,Raffaele Casaburi,Alberto Marchisio,Maurizio Martina,Muhammad Shafique

DOI: https://doi.org/10.3390/info14100537

2023-10-12

Abstract:Machine learning (ML) is widely used today, especially through deep neural networks (DNNs), however, increasing computational load and resource requirements have led to cloud-based solutions. To address this problem, a new generation of networks called Spiking Neural Networks (SNN) has emerged, which mimic the behavior of the human brain to improve efficiency and reduce energy consumption. These networks often process large amounts of sensitive information, such as confidential data, and thus privacy issues arise. Homomorphic encryption (HE) offers a solution, allowing calculations to be performed on encrypted data without decrypting it. This research compares traditional DNNs and SNNs using the Brakerski/Fan-Vercauteren (BFV) encryption scheme. The LeNet-5 model, a widely-used convolutional architecture, is used for both DNN and SNN models based on the LeNet-5 architecture, and the networks are trained and compared using the FashionMNIST dataset. The results show that SNNs using HE achieve up to 40% higher accuracy than DNNs for low values of the plaintext modulus t, although their execution time is longer due to their time-coding nature with multiple time-steps.

Cryptography and Security,Neural and Evolutionary Computing

Hyeong-Il Kim,Hyeong-Jin Kim,Jae-Woo Chang

DOI: https://doi.org/10.1016/j.datak.2017.07.005

2019-09-01

Abstract:With the adoption of cloud computing, database outsourcing has emerged as a new platform. Due to the serious privacy concerns associated with cloud computing, databases must be encrypted before being outsourced to the cloud. Therefore, various k-nearest neighbor (kNN) query processing techniques have been proposed for encrypted databases. However, existing schemes are either insecure or inefficient. In this paper, we propose a new secure kNN query processing algorithm. Our algorithm guarantees the confidentiality of both encrypted data and users’ query records. To achieve a high level of query processing efficiency, we also devise an encrypted index search scheme that performs data filtering without revealing data access patterns. A performance analysis shows that the proposed scheme outperforms the existing scheme in terms of query processing costs while preserving data privacy.

computer science, information systems, artificial intelligence

Kai Chen,Zhongrui Lin,Jian Wan,Chungen Xu

DOI: https://doi.org/10.48550/arXiv.1908.04998

2019-08-14

Cryptography and Security

Abstract:In cloud security, traditional searchable encryption (SE) requires high computation and communication overhead for dynamic search and update. The clever combination of machine learning (ML) and SE may be a new way to solve this problem. This paper proposes interpretable encrypted searchable neural networks (IESNN) to explore probabilistic query, balanced index tree construction and automatic weight update in an encrypted cloud environment. In IESNN, probabilistic learning is used to obtain search ranking for searchable index, and probabilistic query is performed based on ciphertext index, which reduces the computational complexity of query significantly. Compared to traditional SE, it is proposed that adversarial learning and automatic weight update in response to user's timely query of the latest data set without expensive communication overhead. The proposed IESNN performs better than the previous works, bringing the query complexity closer to $O(\log N)$ and introducing low overhead on computation and communication.

Nivedita Shrivastava,Smruti R. Sarangi

2023-11-05

Abstract:Securing neural networks (NNs) against model extraction and parameter exfiltration attacks is an important problem primarily because modern NNs take a lot of time and resources to build and train. We observe that there are no countermeasures (CMs) against recently proposed attacks on sparse NNs and there is no single CM that effectively protects against all types of known attacks for both sparse as well as dense NNs. In this paper, we propose SparseLock, a comprehensive CM that protects against all types of attacks including some of the very recently proposed ones for which no CM exists as of today. We rely on a novel compression algorithm and binning strategy. Our security guarantees are based on the inherent hardness of bin packing and inverse bin packing problems. We also perform a battery of statistical and information theory based tests to successfully show that we leak very little information and side channels in our architecture are akin to random sources. In addition, we show a performance benefit of 47.13% over the nearest competing secure architecture.

Cryptography and Security