In this paper, we propose a privacy-preserving outsourced calculation toolkit, Pockit, designed to allow data owners to securely outsource their data to the cloud for storage. The outsourced ...encrypted data can be processed by the cloud server to achieve commonly-used plaintext arithmetic operations without involving additional servers. Specifically, we design both signed and unsigned integer circuits using a fully homomorphic encryption (FHE) scheme, construct a new packing technique (hereafter referred to as integer packing), and extend the secure circuits to its packed version. This achieves significant improvements in performance compared with the original secure signed/unsigned integer circuit. The secure integer circuits can be used to construct a new data mining application, which we refer to as secure <inline-formula><tex-math notation="LaTeX">k</tex-math> <mml:math><mml:mi>k</mml:mi></mml:math><inline-graphic xlink:href="liu-ieq1-2816656.gif"/> </inline-formula>-nearest neighbours classifier, without compromising the privacy of original data. Finally, we prove that the proposed Pockit achieves the goal of secure computation without privacy leakage to unauthorized parties, and demonstrate the utility and efficiency of Pockit.
We consider the problem of secure distributed matrix multiplication (SDMM) in which a user wishes to compute the product of two matrices with the assistance of honest but curious servers. We ...construct polynomial codes for SDMM by studying a combinatorial problem on a special type of addition table, which we call the degree table. The codes are based on arithmetic progressions, and are thus named GASP (Gap Additive Secure Polynomial) Codes. GASP Codes are shown to outperform all previously known polynomial codes for secure distributed matrix multiplication in terms of download rate.
In recent years, mobile devices are equipped with increasingly advanced sensing and computing capabilities. Coupled with advancements in Deep Learning (DL), this opens up countless possibilities for ...meaningful applications, e.g., for medical purposes and in vehicular networks. Traditional cloud-based Machine Learning (ML) approaches require the data to be centralized in a cloud server or data center. However, this results in critical issues related to unacceptable latency and communication inefficiency. To this end, Mobile Edge Computing (MEC) has been proposed to bring intelligence closer to the edge, where data is produced. However, conventional enabling technologies for ML at mobile edge networks still require personal data to be shared with external parties, e.g., edge servers. Recently, in light of increasingly stringent data privacy legislations and growing privacy concerns, the concept of Federated Learning (FL) has been introduced. In FL, end devices use their local data to train an ML model required by the server. The end devices then send the model updates rather than raw data to the server for aggregation. FL can serve as an enabling technology in mobile edge networks since it enables the collaborative training of an ML model and also enables DL for mobile edge network optimization. However, in a large-scale and complex mobile edge network, heterogeneous devices with varying constraints are involved. This raises challenges of communication costs, resource allocation, and privacy and security in the implementation of FL at scale. In this survey, we begin with an introduction to the background and fundamentals of FL. Then, we highlight the aforementioned challenges of FL implementation and review existing solutions. Furthermore, we present the applications of FL for mobile edge network optimization. Finally, we discuss the important challenges and future research directions in FL.
Cooperative intelligence (CI) is expected to become an integral element in next-generation networks because it can aggregate the capabilities and intelligence of multiple devices. Multi-agent ...reinforcement learning (MARL) is a popular approach for achieving CI in communication problems by enabling effective collaboration among agents to address sequential problems. However, ensuring privacy protection for MARL is a challenging task because of the presence of heterogeneous agents that learn interdependently via sharing information. Implementing privacy protection techniques such as data encryption and federated learning to MARL introduces the notable overheads (e.g., computation and bandwidth). To overcome these challenges, we propose PP-MARL, an efficient privacy-preserving learning scheme for MARL. PP-MARL leverages homomorphic encryption (HE) and differential privacy (DP) to protect privacy, while introducing split learning to decrease overheads via reducing the volume of shared messages, and then improve efficiency. We apply and evaluate PP-MARL in two communication-related use cases. Simulation results reveal that PP-MARL can achieve efficient and reliable collaboration with 1.1-6 times better privacy protection and lower overheads (e.g., 84-91% reduction in bandwidth) than state-of-the-art approaches.
Analyzing social networks reveals the relationships between individuals and groups in the data. However, such analysis can also lead to privacy exposure (whether intentionally or inadvertently): ...leaking the real-world identity of ostensibly anonymous individuals. Most sanitization strategies modify the graph's structure based on hypothesized tactics that an adversary would employ. While combining multiple anonymization schemes provides a more comprehensive privacy protection, deciding the appropriate set of techniques-along with evaluating how applying the strategies will affect the utility of the anonymized results-remains a significant challenge. To address this problem, we introduce GraphProtector, a visual interface that guides a user through a privacy preservation pipeline. GraphProtector enables multiple privacy protection schemes which can be simultaneously combined together as a hybrid approach. To demonstrate the effectiveness of GraphPro tector, we report several case studies and feedback collected from interviews with expert users in various scenarios.
Mobile Crowd Sensing (MCS), as a promising sensing paradigm, significantly relies on wireless communication networks and widely distributed mobile workers to capture data from the surroundings. ...However, the positioning-dependent nature of most MCS tasks often requires workers to embed their positionings in reports, which may result in privacy leakage and a decline in their participation enthusiasm. Considering workers' diverse perceptions of positioning privacy, in this paper we propose the Lightweight Positioning-Privacy Protection Scheme with Double-Layer Incentives (L3P-DLI) to meet their personalized privacy requirements in an efficient and low-cost way while stimulating their participation. To the best of our knowledge, this scheme is the first attempt to employ proxy forwarding to protect workers' sensitive positionings while ensuring high-quality sensing results. Moreover, our double-layer incentivizing mechanism is elaborately designed to motivate workers to actively participate or serve as proxies. Specifically, the bidirectional auction between data collectors and proxies can safeguard the security of data collectors, and compensate for the potential privacy leakage cost of proxies helping to forward data. Additionally, the reverse auction mechanism enables the platform to reward recruited workers to compensate for their various costs. Extensive experiments conducted on real-world datasets validate that L3P-DLI effectively preserves workers' positioning privacy while maximizing their income to encourage participation.
Several anonymization techniques, such as generalization and bucketization, have been designed for privacy preserving microdata publishing. Recent work has shown that generalization loses ...considerable amount of information, especially for high-dimensional data. Bucketization, on the other hand, does not prevent membership disclosure and does not apply for data that do not have a clear separation between quasi-identifying attributes and sensitive attributes. In this paper, we present a novel technique called slicing, which partitions the data both horizontally and vertically. We show that slicing preserves better data utility than generalization and can be used for membership disclosure protection. Another important advantage of slicing is that it can handle high-dimensional data. We show how slicing can be used for attribute disclosure protection and develop an efficient algorithm for computing the sliced data that obey the ℓ-diversity requirement. Our workload experiments confirm that slicing preserves better utility than generalization and is more effective than bucketization in workloads involving the sensitive attribute. Our experiments also demonstrate that slicing can be used to prevent membership disclosure.
Crowdsensing applications utilize the pervasive smartphone users to collect large-scale sensing data efficiently. The quality of sensing data depends on the participation of highly skilled users. To ...motivate these skilled users to participate, they should receive enough rewards for compensating their resource consumption. Available incentive mechanisms mainly consider the truthfulness of the mechanism, but mostly ignore the issues of security and privacy caused by a "trustful" center. In this paper, we propose a privacy-preserving blockchain incentive mechanism in crowdsensing applications, in which a cryptocurrency built on blockchains is used as a secure incentive way. High quality contributors will get their payments that are recorded in transaction blocks. The miners will verify the transaction according to the sensing data assessment criteria published by the server. As the transaction information can disclose users' privacy, a node cooperation verification approach is proposed to achieve <inline-formula> <tex-math notation="LaTeX">k </tex-math></inline-formula>-anonymity privacy protection. Through theoretical analysis and simulation experiments, we show the feasibility and security of our incentive mechanism.
Local differential privacy is a widely studied restriction on distributed algorithms that collect aggregates about sensitive user data, and is now deployed in several large systems. We initiate a ...systematic study of a fundamental limitation of locally differentially private protocols: they are highly vulnerable to adversarial manipulation. While any algorithm can be manipulated by adversaries who lie about their inputs, we show that any noninteractive locally differentially private protocol can be manipulated to a much greater extent-when the privacy level is high, or the domain size is large, a small fraction of users in the protocol can completely obscure the distribution of the honest users' input. We also construct protocols that are optimally robust to manipulation for a variety of common tasks in local differential privacy. Finally, we give simple experiments validating our theoretical results, and demonstrating that proto-cols that are optimal without manipulation can have dramatically different levels of robustness to manipulation. Our results suggest caution when deploying local differential privacy and reinforce the importance of efficient cryptographic techniques for the distributed emulation of centrally differentially private mechanisms.
Sharing data for public usage requires sanitization to prevent sensitive information from leaking. Previous studies have presented methods for creating privacy preserving visualizations. However, few ...of them provide sufficient feedback to users on how much utility is reduced (or preserved) during such a process. To address this, we design a visual interface along with a data manipulation pipeline that allows users to gauge utility loss while interactively and iteratively handling privacy issues in their data. Widely known and discussed types of privacy models, i.e., syntactic anonymity and differential privacy, are integrated and compared under different use case scenarios. Case study results on a variety of examples demonstrate the effectiveness of our approach.