A Multi-view Approach to Preserve Privacy and Utility in Network Trace Anonymization

As network security monitoring grows more sophisticated, there is an increasing need for outsourcing such tasks to third-party analysts. However, organizations are usually reluctant to share their network traces due to privacy concerns over sensitive information, e.g., network and system configuration, which may potentially be exploited for attacks. In cases where data owners are convinced to share their network traces, the data are typically subjected to certain anonymization techniques, e.g., CryptoPAn, which replaces real IP addresses with prefix-preserving pseudonyms. However, most such techniques either are vulnerable to adversaries with prior knowledge about some network flows in the traces or require heavy data sanitization or perturbation, which may result in a significant loss of data utility. In this article, we aim to preserve both privacy and utility through shifting the trade-off from between privacy and utility to between privacy and computational cost. The key idea is for the analysts to generate and analyze multiple anonymized views of the original network traces: Those views are designed to be sufficiently indistinguishable even to adversaries armed with prior knowledge, which preserves the privacy, whereas one of the views will yield true analysis results privately retrieved by the data owner, which preserves the utility. We formally analyze the privacy of our solution and experimentally evaluate it using real network traces provided by a major ISP. The experimental results show that our approach can significantly reduce the level of information leakage (e.g., less than 1% of the information leaked by CryptoPAn) with comparable utility.

Download Full-text

Identification of Information Leakage and Guilt Agent by using MAC-IP Binding and Recursive Partitioning Algorithm to Modulate the Uncertainty in the Organization’s Network

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.a4314.119119 ◽

2019 ◽

Vol 9 (1) ◽

pp. 4091-4096

Keyword(s):

Decision Tree ◽

Recursive Partitioning ◽

Information Leakage ◽

Third Party ◽

Sensitive Information ◽

Sensitive Data ◽

The Third ◽

Partitioning Algorithm ◽

The Third Party ◽

Modern Era

In this modern era, all organizations depend on internet and data so, maintaining of all data is done by the third party in large organizations. But in this present on-developing world, one have to share the data inside or outside the organization which incorporates the sensitive data of the venture moreover. Data of the organization have sensitive data which should not share with any others but unfortunately, that data was there in the third party hands so; we need to protect the data and also have to identify the guilt agent. For this, we propose a model that would evaluate and correctly identifies guilt agents, for which a recursive partitioning has been created which is a decision tree that spills data in to the sub partitions and does the easiest way to get alert and at least one specialist or it can autonomously accumulate by some different means. The main intention of the model is to secure sensitive information by recognizing the leakage and distinguish the guilt agent.

Download Full-text

A Cloud Based Secure Voting System using Homomorphic Encryption for Android Platform

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v6i6.pp2994-3000 ◽

2016 ◽

Vol 6 (6) ◽

pp. 2994

Author(s):

Manish Ranjan ◽

Ayub Hussain Mondal ◽

Monjul Saikia

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Homomorphic Encryption ◽

Information Leakage ◽

Third Party ◽

Sensitive Information ◽

Cipher Text ◽

Cloud Storage Service ◽

Android Platform ◽

Voting System

<p>Cloud based service provider are at its top of its services for various applications, as their services are very much reachable from anywhere anytime in current days. It is responsibility of the company that the Cloud storage is owned and maintained by themselves keeping the data available and accessible, and the physical environment protected and running. Could storage provider seem to be uncertain of confidentiality in many cases, as we need to limit ourselves on trust to a third party. Keeping our sensitive data ready to access any time anywhere with preventing any information leakage is a challenging task. Cryptography in this scenario plays an important role, providing security for information to protect valuable information resources on intranets, Internet and the cloud. In addition, Homomorphic cryptosystem is a form of Cryptography where some specific computation can be performed over the cipher text producing a resultant cipher text which, when decrypted, equals the result of operations carry out on the plaintext. With help of this unique property of homomorphism cryptography we proposed a system to keep sensitive information in encrypted form in the cloud storage/service provider and used those data as whenever we require. The scheme proposed here is designed for a secure online voting system on Android platform and voted information is encrypted and stored those in the cloud.</p>

Download Full-text

Differentially Private Group-by Data Releasing Algorithm

10.5753/sbbd.2019.8835 ◽

2019 ◽

Author(s):

Iago Chaves ◽

Javam Machado

Keyword(s):

Differential Privacy ◽

Information Leakage ◽

Sensitive Information ◽

Privacy Concerns ◽

Data Publication ◽

Private Group ◽

Individual Privacy ◽

Formal Definitions ◽

The World ◽

Privacy Level

Privacy concerns are growing fast because of data protection regulations around the world. Many works have built private algorithms avoiding sensitive information leakage through data publication. Differential privacy, based on formal definitions, is a strong guarantee for individual privacy and the cutting edge for designing private algorithms. This work proposes a differentially private group-by algorithm for data publication under the exponential mechanism. Our method publishes data groups according to a specified attribute while maintaining the desired privacy level and trustworthy utility results.

Download Full-text

Blockchain’s potential to address issues in genomics research and how it is being used today

University of Western Ontario Medical Journal ◽

10.5206/uwomj.v88is.8233 ◽

2020 ◽

pp. 13-15

Author(s):

Tony Jung ◽

Richard Leu

Keyword(s):

Single Point ◽

Genomic Data ◽

Cloud Services ◽

Third Party ◽

Sensitive Information ◽

Process Data ◽

Privacy Concerns ◽

Genomics Research ◽

Multiple Copies ◽

Computational Resources

Advancements in technology have greatly decreased the costs of genome sequencing and expedited the entire sequencing process. As a result, there has been a significant increase in the volume of genomic data. Although this is useful for genomics research, there are two major concerns with this increase in data. First, the greater volume of genomic data requires a substantial amount of computational resources to process and store this data. While cloud services can seem like an effective solution to process and store this data, cloud services aggregate their information in one data center which results in the risk of a single point of failure. With the increase in genomic data, there is also an increase in privacy concerns because genomic data contains personal and sensitive information. People are not comfortable with large companies that store genomic data and people do not want this data shared with the public. Blockchain is a network that can utilize numerous computers to process data and store multiple copies of the database to eliminate the risk of a single point of failure. The blockchain is also a decentralized network which means that it is not regulated by a third party. This allows the data contributors to have full ownership of their genomic data and can decide who can access it. Today, there are several companies that have realized the advantages of blockchain and adopted this technology to store genomic data and give data contributors full control over this data.

Download Full-text

Private information leakage from functional genomics data: Quantification with calibration experiments and reduction via data sanitization protocols

10.1101/345074 ◽

2018 ◽

Cited By ~ 4

Author(s):

Gamze Gürsoy ◽

Prashant Emani ◽

Charlotte M. Brannon ◽

Otto A. Jolanki ◽

Arif Harmanci ◽

...

Keyword(s):

Functional Genomics ◽

Private Information ◽

Information Leakage ◽

Privacy Concerns ◽

Privacy Leakage ◽

Data Sanitization ◽

Trade Offs ◽

Using Data ◽

Study Participants ◽

Reference Genomes

AbstractThe generation of functional genomics datasets is surging, as they provide insight into gene regulation and organismal phenotypes (e.g., genes upregulated in cancer). The intention of functional genomics experiments is not necessarily to study genetic variants, yet they pose privacy concerns due to their use of next-generation sequencing. Moreover, there is a great incentive to share raw reads for better analyses and general research reproducibility. Thus, we need new modes of sharing beyond traditional controlled-access models. Here, we develop a data-sanitization procedure allowing raw functional genomics reads to be shared while minimizing privacy leakage, thus enabling principled privacy-utility trade-offs. It works with traditional Illumina-based assays and newer technologies such as 10x single-cell RNA-sequencing. The procedure depends on quantifying the privacy leakage in reads by statistically linking study participants to known individuals. We carried out these linkages using data from highly accurate reference genomes and more realistic environmental samples.

Download Full-text

Data Privacy Preservation using AES-GCM Encryption in Heroku Cloud

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.c6131.098319 ◽

2019 ◽

Vol 8 (3) ◽

pp. 7544-7548

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Data Privacy ◽

Privacy Preservation ◽

Service Industry ◽

Computational Cost ◽

Cloud Service ◽

Third Party ◽

Sensitive Information ◽

Cloud Data

The increasing popularity of cloud data storage and its ever-rising versatility, shows that cloud computing is one of the most widely excepted phenomena. It not only helps with powerful computing facilities but also reduce a huge amount of computational cost. And with such high demand for storage has raised the growth of the cloud service industry that provides an affordable, easy-to-use and remotely-accessible services. But like every other emerging technology it carries some inherent security risks associated and cloud storage is no exception. The prime reason behind it is that users have to blindly trust the third parties while storing the useful information, which may not work in the best of interest. Hence, to ensure the privacy of sensitive information is primarily important for any public, third-party cloud. In this paper, we mainly focus on proposing a secure cloud framework with encrypting sensitive data’s using AES-GCM cryptographic techniques in HEROKU cloud platform. Here we tried to implement Heroku as a cloud computing platform, used the AES-GCM algorithm and evaluate the performance of the said algorithm. Moreover, analyses the performance of AES/GCM execution time with respect to given inputs of data

Download Full-text

Information leakage detection and protection of leaked information by using the MAC-IP binding technique

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.7.10700 ◽

2018 ◽

Vol 7 (1.7) ◽

pp. 230 ◽

Cited By ~ 1

Author(s):

B. Raja Koti ◽

G.V.S. Raj Kumar

Keyword(s):

Technological Development ◽

Information Leakage ◽

Business Communication ◽

Third Party ◽

Sensitive Information ◽

Leakage Detection ◽

Digital World ◽

Security Challenges ◽

Information And Communication ◽

Day By Day

The Digital world is advancing in terms of technological development day by day, resulting in an instantaneous rise in Data. This massive amount of Data has introduced the thought of Big Data, which has attracted both the business and IT sectors leaving the scope for huge opportunities. In turn, securing this massive data has become a challenging issue in the field of Information and Communication Technology. In this paper, we have carried out the work on business information sharing data which contains some sensitive information to investigate the security challenges of data in the field of business communication. The article an attempt is also made to identify the user’s intention or behavior during the navigation of data. The greatest challenge that is associated here is to prevent the integrity of the data while sharing the data from organization to the third party, where there exist huge chances of data loss, leakages or alteration. This paper highlights the concepts of data leakage, the techniques to detect the data leakage and the process of protecting the leaked data based on encrypted form.

Download Full-text

SoK: Privacy-Preserving Computation Techniques for Deep Learning

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2021-0064 ◽

2021 ◽

Vol 2021 (4) ◽

pp. 139-162

Author(s):

José Cabrero-Holgueras ◽

Sergio Pastrana

Keyword(s):

Deep Learning ◽

Data Science ◽

Homomorphic Encryption ◽

Computational Cost ◽

Privacy Preserving ◽

Third Party ◽

Sensitive Information ◽

Computation Techniques ◽

Practical Applications ◽

Advantages And Disadvantages

Abstract Deep Learning (DL) is a powerful solution for complex problems in many disciplines such as finance, medical research, or social sciences. Due to the high computational cost of DL algorithms, data scientists often rely upon Machine Learning as a Service (MLaaS) to outsource the computation onto third-party servers. However, outsourcing the computation raises privacy concerns when dealing with sensitive information, e.g., health or financial records. Also, privacy regulations like the European GDPR limit the collection, distribution, and use of such sensitive data. Recent advances in privacy-preserving computation techniques (i.e., Homomorphic Encryption and Secure Multiparty Computation) have enabled DL training and inference over protected data. However, these techniques are still immature and difficult to deploy in practical scenarios. In this work, we review the evolution of the adaptation of privacy-preserving computation techniques onto DL, to understand the gap between research proposals and practical applications. We highlight the relative advantages and disadvantages, considering aspects such as efficiency shortcomings, reproducibility issues due to the lack of standard tools and programming interfaces, or lack of integration with DL frameworks commonly used by the data science community.

Download Full-text

A Cloud Based Secure Voting System using Homomorphic Encryption for Android Platform

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v6i6.11972 ◽

2016 ◽

Vol 6 (6) ◽

pp. 2994

Author(s):

Manish Ranjan ◽

Ayub Hussain Mondal ◽

Monjul Saikia

Keyword(s):

Service Provider ◽

Cloud Storage ◽

Homomorphic Encryption ◽

Information Leakage ◽

Third Party ◽

Sensitive Information ◽

Cipher Text ◽

Cloud Storage Service ◽

Android Platform ◽

Voting System

Download Full-text

Assessment and Prediction of Privacy Concerns on Health Apps (Preprint)

10.2196/preprints.20409 ◽

2020 ◽

Author(s):

Reham AlTamime ◽

Vincent Marmion ◽

Wendy Hall

Keyword(s):

Data Sharing ◽

Mobile Applications ◽

Retention Rate ◽

Mobile Apps ◽

Third Party ◽

Privacy Concerns ◽

Health Apps ◽

Mobile Health Apps ◽

Specific Factors ◽

And Control

BACKGROUND Mobile apps and IoT-enabled smartphones technologies facilitate collecting, sharing, and inferring from a vast amount of data about individuals’ location, health conditions, mobility status, and other factors. The use of such technology highlights the importance of understanding individuals’ privacy concerns to design applications that integrate their privacy expectations and requirements. OBJECTIVE This paper explores, assesses, and predicts individuals’ privacy concerns in relation to collecting and disclosing data on mobile health apps. METHODS We designed a questionnaire to identify participants’ privacy concerns pertaining to a set of 432 mobile apps’ data collection and sharing scenarios. Participants were presented with 27 scenarios that varied across three categorical factors: (1) type of data collected (e.g. health, demographic, behavioral, and location); (2) data sharing (e.g., whether it is shared, and for what purpose); and, (3) retention rate (e.g., forever, until the purpose is satisfied, unspecified, week, or year). RESULTS Our findings show that type of data, data sharing, and retention rate are all factors that affect individuals’ privacy concerns. However, specific factors such as collecting and disclosing health data to a third-party tracker play a larger role than other factors in triggering privacy concerns. CONCLUSIONS Our findings suggest that it is possible to predict privacy concerns based on these three factors. We propose design approaches that can improve users’ awareness and control of their data on mobile applications

Download Full-text