发布求助
文献互助 智能选刊 最新文献

Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy最新文献

筛选
英文 中文
MOSE: Practical Multi-User Oblivious Storage via Secure Enclaves MOSE:通过安全飞地的实用多用户遗忘存储
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3374664.3375749
Thang Hoang, R. Behnia, Yeongjin Jang, A. Yavuz
{"title":"MOSE: Practical Multi-User Oblivious Storage via Secure Enclaves","authors":"Thang Hoang, R. Behnia, Yeongjin Jang, A. Yavuz","doi":"10.1145/3374664.3375749","DOIUrl":"https://doi.org/10.1145/3374664.3375749","url":null,"abstract":"Multi-user oblivious storage allows users to access their shared data on the cloud while retaining access pattern obliviousness and data confidentiality simultaneously. Most secure and efficient oblivious storage systems focus on the utilization of the maximum network bandwidth in serving concurrent accesses via a trusted proxy. How- ever, since the proxy executes a standard ORAM protocol over the network, the performance is capped by the network bandwidth and latency. Moreover, some important features such as access control and security against active adversaries have not been thoroughly explored in such proxy settings. In this paper, we propose MOSE, a multi-user oblivious storage system that is efficient and enjoys from some desirable security properties. Our main idea is to harness a secure enclave, namely Intel SGX, residing on the untrusted storage server to execute proxy logic, thereby, minimizing the network bottleneck of proxy-based designs. In this regard, we address various technical design chal- lenges such as memory constraints, side-channel attacks and scala- bility issues when enabling proxy logic in the secure enclave. We present a formal security model and analysis for secure enclave multi-user ORAM with access control. We optimize MOSE to boost its throughput in serving concurrent requests. We implemented MOSE and evaluated its performance on commodity hardware. Our evaluation confirmed the efficiency of MOSE, where it achieves approximately two orders of magnitudes higher throughput than the state-of-the-art proxy-based design, and also, its performance is scalable proportional to the available system resources.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124748003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Evaluation of Secure Remote Offering Service for Information Bank 信息库安全远程提供服务的评价
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3374664.3379526
Keita Kayaba, Hidenobu Oguri, Yuji Yamaoka
{"title":"Evaluation of Secure Remote Offering Service for Information Bank","authors":"Keita Kayaba, Hidenobu Oguri, Yuji Yamaoka","doi":"10.1145/3374664.3379526","DOIUrl":"https://doi.org/10.1145/3374664.3379526","url":null,"abstract":"An information bank is a reliable data ecosystem for the distribution and utilization of personal data (PD). In order to maintain the trust of individuals, sharing of personal data between businesses and the information bank is required to be secure. Therefore, the information bank must prevent abuse and leaking of personal data. There are several measures that can be taken to limit the damage imposed upon the individual in the case of data abuse or leakage. However, it is difficult to prevent abuse and leakage once the data has been shared with businesses. This work focuses on the security of an offering service on the information bank. The information bank offers useful information or services to individuals from businesses' based on shared personal data. We devise a remote offering service enabling businesses to target individuals without sharing personal data. Moreover, we consider a malicious threat on the remote offering service and propose a mechanism for detecting this threat. The experimental results suggest that the proposed mechanism is useful in some real security use cases.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115952661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Explore the Transformation Space for Adversarial Images 探索对抗性图像的转换空间
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3374664.3375728
Jiyu Chen, David Wang, Hao Chen
{"title":"Explore the Transformation Space for Adversarial Images","authors":"Jiyu Chen, David Wang, Hao Chen","doi":"10.1145/3374664.3375728","DOIUrl":"https://doi.org/10.1145/3374664.3375728","url":null,"abstract":"Deep learning models are vulnerable to adversarial examples. Most of current adversarial attacks add pixel-wise perturbations restricted to some (L^p)-norm, and defense models are evaluated also on adversarial examples restricted inside (L^p)-norm balls. However, we wish to explore adversarial examples exist beyond (L^p)-norm balls and their implications for attacks and defenses. In this paper, we focus on adversarial images generated by transformations. We start with color transformation and propose two gradient-based attacks. Since (L^p)-norm is inappropriate for measuring image quality in the transformation space, we use the similarity between transformations and the Structural Similarity Index. Next, we explore a larger transformation space consisting of combinations of color and affine transformations. We evaluate our transformation attacks on three data sets --- CIFAR10, SVHN, and ImageNet --- and their corresponding models. Finally, we perform retraining defenses to evaluate the strength of our attacks. The results show that transformation attacks are powerful. They find high-quality adversarial images that have higher transferability and misclassification rates than C&W's (L^p ) attacks, especially at high confidence levels. They are also significantly harder to defend against by retraining than C&W's (L^p ) attacks. More importantly, exploring different attack spaces makes it more challenging to train a universally robust model.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"912 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126987587","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Session details: Session 6: System Security 会话详细信息:会话6:系统安全
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3388504
Murat Kantarcioglu
{"title":"Session details: Session 6: System Security","authors":"Murat Kantarcioglu","doi":"10.1145/3388504","DOIUrl":"https://doi.org/10.1145/3388504","url":null,"abstract":"","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127482950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Session details: Panel: A Vision for Winning the Cybersecurity Arms Race 小组讨论:赢得网络安全军备竞赛的愿景
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3388503
Rakesh M. Verma
{"title":"Session details: Panel: A Vision for Winning the Cybersecurity Arms Race","authors":"Rakesh M. Verma","doi":"10.1145/3388503","DOIUrl":"https://doi.org/10.1145/3388503","url":null,"abstract":"","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124377828","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
TrustAV
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3374664.3375748
Dimitris Deyannis, Eva Papadogiannaki, Giorgos Kalivianakis, G. Vasiliadis, S. Ioannidis
{"title":"TrustAV","authors":"Dimitris Deyannis, Eva Papadogiannaki, Giorgos Kalivianakis, G. Vasiliadis, S. Ioannidis","doi":"10.1145/3374664.3375748","DOIUrl":"https://doi.org/10.1145/3374664.3375748","url":null,"abstract":"While the number of connected devices is constantly growing, we observe an increased incident rate of cyber attacks that target user data. Typically, personal devices contain the most sensitive information regarding their users, so there is no doubt that they can be a very valuable target for adversaries. Typical defense solution to safeguard user devices and data, are based in malware analysis mechanisms. To amortize the processing and maintenance overheads, the outsourcing of network inspection mechanisms to the cloud has become very popular recently. However, the majority of such cloud-based applications usually offers limited privacy preserving guarantees for data processing in third-party environments. In this work, we propose TrustAV, a practical cloud-based malware detection solution destined for a plethora of device types. TrustAV is able to offload the processing of malware analysis to a remote server, where it is executed entirely inside, hardware supported, secure enclaves. By doing so, TrustAV is capable to shield the transfer and processing of user data even in untrusted environments with tolerable performance overheads, ensuring that private user data are never exposed to malicious entities or honest-but-curious providers. TrustAV also utilizes various techniques in order to overcome performance overheads, introduced by the Intel SGX technology, and reduce the required enclave memory --a limiting factor for malware analysis executed in secure enclave environments-- offering up to 3x better performance.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114682809","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Session details: Session 2: Access Control and Authentication 会话详细信息:会话2:访问控制和认证
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-16 DOI: 10.1145/3388498
Yuan Cheng
{"title":"Session details: Session 2: Access Control and Authentication","authors":"Yuan Cheng","doi":"10.1145/3388498","DOIUrl":"https://doi.org/10.1145/3388498","url":null,"abstract":"","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127117698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
IoT Expunge: Implementing Verifiable Retention of IoT Data 物联网删除:实现物联网数据的可验证保留
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2020-03-10 DOI: 10.1145/3374664.3375737
Nisha Panwar, Shantanu Sharma, Peeyush Gupta, Dhrubajyoti Ghosh, S. Mehrotra, N. Venkatasubramanian
{"title":"IoT Expunge: Implementing Verifiable Retention of IoT Data","authors":"Nisha Panwar, Shantanu Sharma, Peeyush Gupta, Dhrubajyoti Ghosh, S. Mehrotra, N. Venkatasubramanian","doi":"10.1145/3374664.3375737","DOIUrl":"https://doi.org/10.1145/3374664.3375737","url":null,"abstract":"The growing deployment of Internet of Things (IoT) systems aims to ease the daily life of end-users by providing several value-added services. However, IoT systems may capture and store sensitive, personal data about individuals in the cloud, thereby jeopardizing user-privacy. Emerging legislation, such as California's CalOPPA and GDPR in Europe, support strong privacy laws to protect an individual's data in the cloud. One such law relates to strict enforcement of data retention policies. This paper proposes a framework, entitled IoT Expunge that allows sensor data providers to store the data in cloud platforms that will ensure enforcement of retention policies. Additionally, the cloud provider produces verifiable proofs of its adherence to the retention policies. Experimental results on a real-world smart building testbed show that IoT Expunge imposes minimal overheads to the user to verify the data against data retention policies.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"100 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116755769","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
n-m-Variant Systems: Adversarial-Resistant Software Rejuvenation for Cloud-Based Web Applications n-m变体系统:基于云的Web应用程序的抗对抗软件复兴
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2019-10-18 DOI: 10.1145/3374664.3375745
Isaac Polinsky, Kyle Martin, W. Enck, M. Reiter
{"title":"n-m-Variant Systems: Adversarial-Resistant Software Rejuvenation for Cloud-Based Web Applications","authors":"Isaac Polinsky, Kyle Martin, W. Enck, M. Reiter","doi":"10.1145/3374664.3375745","DOIUrl":"https://doi.org/10.1145/3374664.3375745","url":null,"abstract":"Web servers are a popular target for adversaries as they are publicly accessible and often vulnerable to compromise. Compromises can go unnoticed for months, if not years, and recovery often involves a complete system rebuild. In this paper, we propose n-m-Variant Systems, an adversarial-resistant software rejuvenation framework for cloud-based web applications. We improve the state-of-the-art by introducing a variable m that provides a knob for administrators to tune an environment to balance resource usage, performance overhead, and security guarantees. Using m, security guarantees can be tuned for seconds, minutes, days, or complete resistance. We design and implement an n-m-Variant System prototype to protect a Mediawiki PHP application serving dynamic content from an external SQL persistent storage. Our performance evaluation shows a throughput reduction of 65% for 108 seconds of resistance and 83% for 12 days of resistance to sophisticated adversaries, given appropriate resource allocation. Furthermore, we use theoretical analysis and simulation to characterize the impact of system parameters on resilience to adversaries. Through these efforts, our work demonstrates how properties of cloud-based servers can enhance the integrity of Web servers.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126698787","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Rényi Differentially Private ADMM for Non-Smooth Regularized Optimization 非光滑正则化优化的差分私有ADMM
Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy Pub Date : 2019-09-18 DOI: 10.1145/3374664.3375733
Chen Chen, Jaewoo Lee
{"title":"Rényi Differentially Private ADMM for Non-Smooth Regularized Optimization","authors":"Chen Chen, Jaewoo Lee","doi":"10.1145/3374664.3375733","DOIUrl":"https://doi.org/10.1145/3374664.3375733","url":null,"abstract":"In this paper we consider the problem of minimizing composite objective functions consisting of a convex differentiable loss function plus a non-smooth regularization term, such as $L_1$ norm or nuclear norm, under Rényi differential privacy (RDP). To solve the problem, we propose two stochastic alternating direction method of multipliers (ADMM) algorithms: ssADMM based on gradient perturbation and mpADMM based on output perturbation. Both algorithms decompose the original problem into sub-problems that have closed-form solutions. The first algorithm, ssADMM, applies the recent privacy amplification result for RDP to reduce the amount of noise to add. The second algorithm, mpADMM, numerically computes the sensitivity of ADMM variable updates and releases the updated parameter vector at the end of each epoch. We compare the performance of our algorithms with several baseline algorithms on both real and simulated datasets. Experimental results show that, in high privacy regimes (small ε), ssADMM and mpADMM outperform baseline algorithms in terms of classification and feature selection performance, respectively.","PeriodicalId":171521,"journal":{"name":"Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy","volume":"200 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127107258","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信