(3.237.20.246) 您好!臺灣時間:2021/04/17 17:05
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:王紹睿
研究生(外文):Peter Shaojui Wang
論文名稱:可免於內部攻擊的隱私保存資料探勘系統 — 基於導入加法同形代理重加密協定之差分隱私
論文名稱(外文):Design of a Privacy-Preserving Data Mining System Based on Differential Privacy Using Additive-Homomorphic Proxy Re-Encryption Protocol Against Insider Attacks
指導教授:賴飛羆賴飛羆引用關係
指導教授(外文):Feipei Lai
口試委員:吳家麟林智仁歐陽彥正蕭旭君黃培華陳澤雄鐘玉芳陳明義
口試委員(外文):Ja-Ling WuChih-Jen LinYen-Jen OyangHsu-Chun HsiaoPei-Hwa HuangTzer-Shyong ChenYu-Fang ChungWarren Chen
口試日期:2016-06-03
學位類別:博士
校院名稱:國立臺灣大學
系所名稱:資訊工程學研究所
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2016
畢業學年度:104
語文別:英文
論文頁數:99
中文關鍵詞:資料探勘隱私安全保護間諜攻擊核函數差分隱私
外文關鍵詞:Data MiningPrivacy ProtectionInsider AttackKernel FunctionDifferential Privacy
相關次數:
  • 被引用被引用:0
  • 點閱點閱:371
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
本論文針對分散式核基資料探勘系統(例如分散式支持向量機)提出一種新型態的間諜攻擊威脅並討論如何防止此種威脅。在目前已知的隱私洩漏問題中,間諜攻擊是過去幾年間成長最快速,並已成為排名前三名的隱私洩漏問題。然而,在分散式核基資料探勘領域中,目前與間諜攻擊相關的研究仍非常有限,並且,已知的研究工作也多集中於探討如何防止「組織之間」的串謀攻擊,尚未有人提出如何防止「組織內間諜與外部攻擊者之間」的串謀攻擊。對於後者,受到此種攻擊的系統其原始資料可能會被攻擊者在核資料傳輸時擷取並還原出來。這種攻擊的特色是只需要少少幾筆由間諜提供的資料,就能夠推知其他全部使用者的資料,這跟以往需要駭客費時費力駭入受害者的電腦系統,有時甚至需要進一步取得電腦管理者最高權限才行的攻擊手法相比,是更加難以防範的。據我們所知,我們是第一個指出分散式核基資料探勘系統可能遭受這種新型的間諜攻擊手法的人,並且我們在此論文中也提出了這種間諜攻擊產生的環境條件的規則分析:需要多少個間諜就能夠完成此種間諜攻擊。
在本論文中,我們也提出了兩種防止這種間諜攻擊的防禦方法。第一種防禦方法的基本原理是利用升高資料的維度或減少間諜個數的方法來阻止目前系統的環境滿足此種攻擊產生的環境條件規則;第二種防禦方法的基本原理則是基於差分隱私:差分隱私是目前安全等級最高的隱私保護方法之一,我們將在本論文中證明符合差分隱私的系統能夠有效防禦此種間諜攻擊。在本論文中我們更提出使用加法同形代理重加密協定的差分隱私保護方法,不僅能夠透過符合差分隱私的標準來防止間諜攻擊,並且與過去其他常用於解決隱私洩漏問題所採用的重加密協定相比,能夠減少更多不必要的時間浪費,進而大幅提升系統運算速度。

In this thesis, we consider a new insider threat for the privacy preserving work of distributed kernel-based data mining (DKBDM), such as distributed Support Vector Machine (SVM). Among several known data breaching problems, those associated with insider attacks have been rising significantly, making this one of the fastest growing types of security breaches. Once considered a negligible concern, insider attacks have risen to be one of the top three central data violations. Insider-related research involving the distribution of kernel-based data mining is limited, resulting in substantial vulnerabilities in designing protection against “collaborative organizations.” Prior works often fall short by addressing a multifactorial model that is more limited in scope and implementation than addressing “insiders within an organization” colluding with outsiders. A faulty system allows collusion to go unnoticed when an insider shares data with an outsider, who can then recover the original data from message transmissions (intermediary kernel values) among organizations. This attack requires only accessibility to a few data entries within the organizations rather than requiring the encrypted administrative privileges typically found in the distribution of data mining scenarios. To the best of our knowledge, we are the first to explore this new insider threat in DKBDM. We also analytically demonstrate the minimum amount of insider data necessary to launch the insider attack.
For countering the described attack, we then present two privacy-preserving methods to defend against the attack. For the first method, we reduce the number of insiders or expand the data dimensions to prevent the satisfaction of the privacy breach rule. For the second method, as differential privacy is one of the most theoretically sound and widespread privacy concepts, we will prove differential private method effective against the serious insider attack. Besides, Homomorphic Encryption method, which allows calculations on encrypted information to be performed without first decrypting the information, has been successfully used to solve the privacy issue of DKBDM in the past. However, this method is too time-consuming. Thus, we propose a Differentially-Private model based on Additive Homomorphic Proxy Re-Encryption for SVM (DAHOPE-SVM), which can drastically reduce the use of Homomorphic Encryption with the help of Proxy Re-Encryption and thus reduce the time required to perform. Our proposed method has been the quickest method of applying Homomorphic Encryption in DKBDM until now; at the same time, our method maintains a high standard of privacy protection by including a proven differential privacy component.

1. Introduction...12
2. Related Work...17
2.1. Insider Attack...17
2.2. Differential Privacy...19
2.3. Homomorphic Encryption-based SVM systems...20
2.4. SVM and Kernel-based Data Mining Systems...23
3. Insider Collusion Attack in a Kernel-based Data Mining System...27
3.1. Attack Step 1: Kernel Collection...34
3.2. Attack Step 2: Kernel-and-Insider-Data (KID) Linking...35
3.3. Attack Step 3: Data Recovery...41
3.4. How Much Insider Data is Required to Launch an Attack?...49
4. The First Privacy-preserving Method: Preventing the Satisfaction of the Privacy Breach Rule...51
4.1. Method 1: Reducing the Number of the Insiders...51
4.2. Method 2: Expanding the Dimension of the Data...53
5. The Second Privacy-preserving Method: Differentially Private Method using Additive-Homomorphic-Proxy-Re-Encryption...58
5.1. Introduction to Additive Homomorphic Proxy Re-encryption...58
5.2. DAHOPE-SVM...64
5.2.1. The Framework of DAHOPE-SVM...64
5.2.2. DAHOPE-Protocol...67
5.2.3. Differential Privacy...75
6. Experiment and Analysis...83
6.1. Attacking Step 1: Collecting Kernel Values...84
6.2. Attacking Step 2: Kernel-and-Insider-Data (KID) Linking...84
6.3. Attacking Step 3: Data Recovering...85
6.4. The First Privacy-preserving Method: Preventing the Satisfaction of the Privacy Breach Rule...86
6.4.1. Method 1: Reducing the Number of the Insiders...86
6.4.2. Method 2: Expanding the Dimension of the Data...87
6.4.3. Checking the Privacy Breach Rule...88
6.5. The Second Privacy-preserving Method: Differentially Private Method using Additive-Homomorphic-Proxy-Re-Encryption...89
6.5.1. Security Analysis of DAHOPE-Protocol...89
6.5.2. Performance Analysis of DAHOPE-Protocol...92
7. Conclusion...95
8. Future Work...96
References...97

[1] "2015 Verizon Data Breach Investigations Report," Verizon, 2015.
[2] L. Xu, C. Jiang, J. Wang, J. Yuan, and Y. Ren, "Information security in big data: privacy and data mining," IEEE Access, vol. 2, 2014.
[3] C. C. Aggarwal and P. S. Yu, “A General Survey of Privacy-Preserving Data Mining Models and Algorithms,” in Privacy-Preserving Data Mining - Models and Algorithms, Springer, 2008, pp. 10–52.
[4] J. Vaidya, H. Yu, and X. Jiang, “Privacy-preserving SVM classification,” in Knowledge and Information Systems, vol. 14, no. 2, 2008.
[5] J. Que, X. Jiang, L. Ohno-Machado, “A Collaborative Framework for Distributed Privacy-Preserving Support Vector Machine Learning,” AMIA Annual Symp. Proceeding, pp. 1350-1359, 2012. Online web service available at http://privacy.ucsd.edu:8080/ppsvm/.
[6] Simon Hartley, "Over 20 Million Attempts to Hack into Health Database," The New Zealand Herald, 2014.
[7] W. R. Claycomb and A. Nicoll, “Insider Threats to Cloud Computing: Directions for New Research Challenges,” IEEE 36th Annual. IEEE Computer Software and Applications Conference (COMPSAC), 2012.
[8] P. Gaonjur and C. Bokhoree, “Risk of Insider Threats in Information Technology Outsourcing: Can deceptive techniques be applied?,” Security and Management, 2006.
[9] S. Furnell, A. H. Phyo. “Considering the Problem of Insider IT Misuse,” Australasian Journal of Information Systems, vol. 10, no.2, 2003.
[10] G. B. Magklaras, and S. M. Furnell, “The Insider Misuse Threat Survey: Investigating IT Misuse from Legitimate Users,” Proceedings of the Australian Information Warfare & Security Conference, Perth Western Australia, 2004.
[11] C. S. Alliance, “Top Threats to Cloud Computing, Version 1.0,” Cloud Security Alliance, 2010.
[12] K. P. Lin and M. S. Chen, “Privacy-Preserving Outsourcing Support Vector Machines with Random Transformation,” in Proceedings of the ACM SIGKDD international conference on Knowledge discovery and data mining, 2010.
[13] S. Goryczka, L. Xiong, and B. Fung, "m-Privacy for collaborative data publishing," IEEE Transactions on Knowledge and Data Engineering (TKDE), vol. 26, no.10, 2014.
[14] L. Sweeney, “Achieving k-Anonymity Privacy Protection Using Generalization and Suppression,” International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, vol. 10, no. 05. pp. 571–588, 2002.
[15] J. Zhan and S. Matwin, "A Crypto-based Approach to Privacy-preserving Collaborative Data Mining," Sixth IEEE International Conference on Data Mining Workshops (ICDM), pp. 546-550, 2006.
[16] C. Dwork, "Differential privacy," Automata, languages and programming, Springer Berlin Heidelberg, 2006, pp. 1-12.
[17] M. Pathak, S. Rane, and B. Raj, "Multiparty differential privacy via aggregation of locally trained classifiers." Advances in Neural Information Processing Systems, 2010.
[18] P. Jain and A. Thakurta, "Differentially private learning with kernels," Proceedings of the 30th International Conference on Machine Learning (ICML-13), 2013.
[19] P. S. Wang, F. Lai, H.-C. Hsiao, and J-L. Wu, “Insider Collusion Attack on Privacy-preserving Kernel-based Data Mining Systems,” IEEE Access, vol. 4, 2016.
[20] C. Gentry, “Fully homomorphic encryption using ideal lattices,” Proceedings of Annual ACM Symposium on Theory of Computing, pp. 169-178, 2009.
[21] C. Gentry and S. Halevi, “Implementing Gentry’s fully-homomorphic encryption scheme,” Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp .129-148, 2011.
[22] M. Naehrig, K. Launter and V. Vaikuntanathan, "Can homomorphic encryption be partical?," Proceedings of the ACM Workshp on Cloud Computing Security Workshop, pp. 113-124, 2011.
[23] S.G. Teo, S. Han, and V.C.S. Lee, "Privacy preserving support vector machine using non-linear kernels on Hadoop Mahout," Computational Science and Engineering (CSE), 2013 IEEE 16th International Conference on. IEEE, 2013.
[24] F. Liu, W. K. Ng, and Wei Zhang, "Encrypted SVM for Outsourced Data Mining," IEEE International Conference on Cloud Computing (CLOUD), 2015.
[25] Fang Liu, Wee Keong Ng, and Wei Zhang, "Encrypted SVM for Outsourced Data Mining," IEEE 8th International Conference on Cloud Computing (CLOUD), 2015.
[26] C. Cortes, V. Vapnik, “Support-Vector Networks,” Machine Learning, vol. 20, no. 3, 1995.
[27] M. Gönen and E. Alpaydın, “Multiple Kernel Learning Algorithms,” Journal of Machine Learning Research, vol. 12, 2011.
[28] A. Daemen, O. Gevaert, F. Ojeda, A. Debucquoy, J. A. Suykens, C. Sempoux, J.-P. Machiels, K. Haustermans, and B. De Moor, “A Kernel-Based Integration of Genome-wide Data for Clinical Decision Support,” Genome Medicine, vol. 1, no. 4, p. 39, 2009.
[29] A. Navia-Vázquez, D. Gutiérrez-González, E. Parrado-Hernández, and J. J. Navarro-Abellán, “Distributed Support Vector Machines,” IEEE Transactions on Neural Networks, vol. 17, no. 4. pp. 1091–1097, 2006.
[30] A. Sarkar, S. Kohler, S. Riddle, B. Ludaescher, and M. Bishop, “Insider Attack Identification and Prevention Using a Declarative Approach,” IEEE Security and Privacy Workshops (SPW), 2014, pp. 265-276.
[31] K. Chen and L. Liu, “Geometric Data Perturbation for Privacy Preserving Outsourced Data Mining,” Knowl. Inf. Syst., vol. 29, no. 3, pp. 657–695, 2011.
[32] K. Liu, H. Kargupta, and J. Ryan, "Random Projection-based Multiplicative Data Perturbation for Privacy Preserving Distributed Data Mining," IEEE Transactions on Knowledge and Data Engineering, vol. 18, no. 1, 2006.
[33] K. Chen and L. Liu, "Towards Attack-resilient Geometric Data Perturbation," Proceedings of the Seventh SIAM International Conference on Data Mining, 2007.
[34] S. R. M. Oliveira and O. R. Zaiane, “Privacy-preserving Clustering by Data Transformation,” Journal of Information and Data Management, vol. 1, no. 1, 2010.
[35] P. S. Wang, S. Chen, C. Kuo, C. Tu, and F. Lai, "An Intelligent Dietary Planning Mobile System with Privacy-preserving Mechanism", IEEE International Conference on Consumer Electronics (ICCE), Jun. 2015.
[36] W. Jiang, M. Murugesan, C. Clifton, and L. Si, “Similar document detection with limited information disclosure,” IEEE 24th International Conference on Data Engineering, April 2008, pp. 735–743.
[37] S. Goldwasser, S. Micali, and C. Rackoff, “The knowledge complexity of interactive proof systems,” SIAM Journal of Computing, Feb. 1989, pp. 186–208.
[38] M. Blaze, G. Bleumer, and M. Strauss, “Divertible protocols and atomic proxy cryptography,” EUROCRYPT, Springer-Verlag, 1998, pp. 127–144.
[39] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved proxy re-encryption schemes with applications to secure distributed storage,” Network and Distributed System Security Symposium (NDSS), 2005.
[40] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved proxy re-encryption schemes with applications to secure distributed storage,” ACM TISSEC, vol. 9, no. 1, pp. 1–30, 2006.
[41] R. Canetti and S. Hohenberger, “Chosen-ciphertext secure proxy re-encryption,” ACM CCS’07, New York: ACM, 2007, pp. 185–194.
[42] Benoît Libert, and Damien Vergnaud, "Unidirectional chosen-ciphertext secure proxy re-encryption," IEEE Transactions on Information Theory, vol. 57, no. 3, 2011.
[43] Samanthula BK, Elmehdwi Y, Howser G, and Madria S, "A secure data sharing and query processing framework via federation of cloud computing," Information Systems, vol. 48, pp. 196-212, 2015.
[44] T.T.A. Dinh and A. Datta, “Stream on the Sky: Outsourcing Access Control Enforcement for Stream Data to the Cloud,” CoRR abs/1210.0660, 2012.
[45] C. Dong, L. Chen, J. Camenisch, and G. Russello, “Fair Private Set Intersection with a Semi-Trusted Arbiter,” IACR Cryptology ePrint Archive, 2012, p. 252.
[46] D. Boneh, M.K. Franklin, “Identity-based encryption from the weil pairing,” SIAM Journal of Computing, vol. 32, no. 3, 2003, pp. 586–615.
[47] J. H. Cheon, and D. H. Lee, “Diffie–Hellman Problems and Bilinear Maps,” Cryptology ePrint Archive, Report 2002/117, 2002.
[48] G. Zhong, I. Goldberg, and U. Hengartner, “Louis, Lester and Pierre: Three Protocols for Location Privacy,” Proceedings of the 7th International Conference on Privacy Enhancing Technologies (PET''07), Springer-Verlag, Berlin, Heidelberg, 2007, pp. 62–76.
[49] J. Pollard, “Monte Carlo methods for index computation (mod p),” Mathematics of Computation, vol. 32, 1978, pp. 918–924.
[50] M. Lichman, "UCI Machine Learning Repository,” http://archive.ics.uci.edu/ml, 2013.
[51] C.-C. Chang and C.-J. Lin, “LIBSVM: A Library for Support Vector Machines,” ACM Transactions on Intelligent Systems and Technology, vol. 2, no. 3, 2011. Sofware available at http://www.csie.ntu.edu.tw/~cjlin/libsvm
[52] I. Damgard and M. Jurik, "A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system," Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptosystems, 2001.
[53] D. Vizár, and S. Vaudenay, "Cryptanalysis of chosen symmetric homomorphic schemes," Studia Scientiarum Mathematicarum Hungarica, vol. 52, no. 2, 2015.
[54] H. Yu, X. Jiang, and J. Vaidya, “Privacy-preserving SVM using nonlinear kernels on horizontally partitioned data,” Adv. Knowl. Discov. Data, vol. 3918, pp. 647–656, 2006.

QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔