Toward Safe Life Experiences through Security and Privacy

Recently, smartphones, numerous IoT devices, and wearable devices have entered our daily lives with advances in IT technologies, significantly improving qualities of our lives with the convergence of big data, AI, and 5G technologies. Such advancements offer new and convenient experiences to end users. These benefits, however, provide a new security challenge to protect exponentially growing users’ private data in these circumstances, and to provide strong privacy assurances. Further, the recent COVID-19 pandemic has increased interests and demands for protection and transparent management of personal information. Considering these environmental and technological changes, we are rigorously working toward next-generation security technologies that are essential in providing more secure and privacy-preserving user experiences. This talk will present our efforts to ensure safe experiences for end users, including advanced security research being conducted at Samsung Research, and the security and privacy protection features deployed on Samsung products.

Elisa Bertino is the Samuel D. Conte Professor of Computer Science at Purdue University. She serves as Director of the Purdue Cyberspace Security Lab (Cyber2Slab). In her role as Director of Cyber2SLab she leads multi-disciplinary research in data security and privacy. Prior to joining Purdue, she was a professor and department head at the Department of Computer Science and Communication of the University of Milan. She has been a visiting researcher at the IBM Research Laboratory (now Almaden) in San Jose, at the Microelectronics and Computer Technology Corporation, at Telcordia Technologies, and visiting professor at the Singapore Management University and the National University of Singapore. Her recent research focuses on cybersecurity and privacy of cellular networks and IoT systems, and edge analytics and machine learning for cybersecurity. Elisa Bertino is a Fellow member of IEEE, ACM, and AAAS. She received the 2002 IEEE Computer Society Technical Achievement Award for “For outstanding contributions to database systems and database security and advanced data management systems”, the 2005 IEEE Computer Society Tsutomu Kanai Award for “Pioneering and innovative research contributions to secure distributed systems”, the 2014 ACM SIGSAC Outstanding Contributions Award with citation “For her seminal research contributions and outstanding leadership to data security and privacy for the past 25 years”, and the 2019-2020 ACM Athena Lecturer Award.

Privacy in the Era of Big Data, Machine Learning, IoT, and 5G

Technological advances, such as IoT devices, cyber-physical systems, smart mobile devices, cloud systems, data analytics, social networks and increased communication capabilities, are making possible to capture, and to quickly process and analyze huge amounts of data from which to extract information critical for many critical tasks, such as healthcare security and cyber security. In the area of cyber security, such tasks include user authentication, access control, anomaly detection, user monitoring, and protection from insider threat. By analyzing and integrating data collected on the Internet and Web one can identify connections and relationships among individuals that may in turn help with homeland protection. By collecting and mining data concerning user travels, contacts and disease outbreaks one can predict disease spreading across geographical areas. And those are just a few examples. The use of data for those tasks raises however major privacy concerns. Collected data, even if anonymized by removing identifiers such as names or social security numbers, when linked with other data may lead to re-identify the individuals to which specific data items are related to. Also, as organizations, such as governmental agencies, often need to collaborate on security tasks, data sets are exchanged across different organizations, resulting in these data sets being available to many different parties. Privacy breaches may occur at many different layers and components in our interconnected systems. In this talk, I first present an interesting privacy attack that exploits paging occasion in 5G cellular networks and possible defenses. Such attack shows that achieving privacy is challenging and there is no unique technique that one can use; rather one must combine different techniques depending also on the intended use of data. Examples of these techniques and their applications are presented. Finally, I discuss the notion of data transparency – critical when dealing with user sensitive data, and elaborate on the different dimensions of data transparency.

Nicolas Papernot is an Assistant Professor at the University of Toronto and a faculty member at the Vector Institute where he holds a Canada CIFAR AI Chair. His research interests are at the intersection of security, privacy, and machine learning. He received a best paper award at ICLR 2017 and serves on the program committees of several conferences including ACM CCS, IEEE S&P, and USENIX Security.

He earned his Ph.D. at the Pennsylvania State University, working with Prof. Patrick McDaniel and supported by a Google PhD Fellowship. Upon graduating, he worked at Google Brain in Ulfar Erlingsson's group.

What does it mean for ML to be Trustworthy?

The attack surface of machine learning is large: training data can be poisoned, predictions manipulated using adversarial examples, models exploited to reveal sensitive information contained in trainingdata, etc. This is in large parts due to the absence of security and privacy considerations in the design of ML algorithms. Yet, adversaries have clear incentives to target these systems. Thus, there is a need to ensure that computer systems that rely on MLare trustworthy.

Fortunately, we are at a turning point where ML is still being adopted, which creates a rare opportunity to address the shortcomings of the technology before it is widely deployed. Designing secure ML requiresthat we have a solid understanding as to what we expect legitimate model behavior to look like. We structure our discussion around three directions, which we believe are likely to lead to significant progress.

The first encompasses a spectrum of approaches to verification and admission control, which is a prerequisite to enable fail-safe defaults in machine learning systems. The second seeks to design mechanisms forassembling reliable records of compromise that would help understand the degree to which vulnerabilities are exploited by adversaries, as well as favor psychological acceptability of machine learning applications. The third pursues formal frameworks for securityand privacy in machine learning, which we argue should strive to align machine learning goals such as generalization with security and privacy desiderata like robustness or privacy. We illustrate these directions with recent work on model extraction, privacy-preservingML and machine unlearning.

Yeongjin Jang is an assistant professor of Computer Science at Oregon State University. He hacks a variety of computer systems, from iPhone and CPUs to systems with new technologies such as IoT devices, Blockchain, and automobiles, for analyzing emerging cyber threats on those systems and develop defense mechanisms to counter them. He holds a B.S. degree from KAIST (2010), an M.S. (2016), and a Ph.D. degree (2017) from Georgia Tech, and won twice in DEF CON CTF (2015 and 2018).

Confidential and Private Computing using ORAM and TEE

Cloud computing runtimes are unprotected. Unlike data in transit and at rest, which are protected by network/disk encryption, runtime data on DRAM remain unencrypted. Because physical machines are owned by the cloud operator (e.g., AWS), such runtime data are transparently visible to their administrators or attackers who break into the cloud server. This inherent trust problem of 'outsourced' cloud computing prohibits the use of cloud in critical operations such as processing confidential data (e.g., government/defense), applying machine learning on medical data (e.g., federated learning), etc.

Many existing approaches to solving this problem are either incomplete or impractical. Trusted execution environments (TEEs), such as Intel SGX and AMD SEV, are fast, however, those techniques are not resistant to side-channel or memory access inference attacks. Fully homomorphic encryption (FHE) and secure multiparty computation (MPC) can provide cryptographic security, however, they are extremely slow to run general computations in the cloud.

This talk introduces a hybrid construction of Trusted Execution Environment (TEE, e.g., Intel SGX) and Oblivious Random Access Machine (ORAM) as a practical solution for securely outsourcing computation in the cloud. Essentially, each technique complements each other in this hybrid construction. Intel SGX, which is fast but not resistant to attacks against memory access patterns, can be protected by ORAM, which is proven to be resistant to such attacks. ORAM, which is secure but much slower than the regular execution, can be speeded up by running its protocol in Intel SGX enclaves. The talk begins with a brief history of SGX+ORAM constructions, presents technical details and recent performance improvements, and ends with demonstrating potential application usages.