Sponsor (Acknowlegement of Support)

Any opinions, findings, and conclusions or recommendations expressed in this project are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.

Award Information

Award Title: CAREER: Privacy Preserving Security Analytics: When Security Meets Privacy

Award Duration: 05/01/2021-04/30/2026 (Estimated)

Award Amount: $499,996

Project Abstract

A fast-growing number of enterprises and organizations have outsourced their security analytics tasks to external managed security service providers (MSSPs) for security monitoring and threat detection. However, such cost-effective and reliable security solutions currently request their service tenants to continuously outsource their large-scale and disparate datasets. This project tackles the privacy risks in such security analytics outsourcing services with rigorous privacy guarantees.

This project aims to create a new paradigm of privacy preserving data analysis to privately perform real-time anomaly detection on both structured and unstructured data (e.g., network traffic, surveillance videos, system logs, and emails). The main goal is to fundamentally advance differential privacy and secure multiparty computation in this new context of privacy preserving security analytics. To this end, we propose novel differential privacy mechanisms and secure multiparty computation protocols, explore provable privacy guarantees with theoretical studies, and deploy the privacy preserving techniques in scalable real-time systems. After addressing the fundamental challenges for mitigating privacy risks in a wide variety of data and applications while ensuring high utility and efficiency, the expected research results can be leveraged to many other online monitoring and analysis applications. This project also integrates the research and education at intersections of privacy, security and data analysis. It develops a comprehensive educational and outreach program, including cybersecurity workforce training, educational materials development and distribution, K-12 outreach, and research dissemination to broader communities.

Team Members

PI: Yuan Hong

Ph.D. Students: Han Wang, Shangyu Xie, Bingyu Liu, Hugo Trivino, Hanbin Hong, Meisam Mohammady (graduated)

Related Publications

Research Products (Student Advisee):

  1. Shangyu Xie, Han Wang, Yu Kong and Yuan Hong, Universal 3-Dimensional Perturbations for Blackbox Attacks on Video Recognition Systems In Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P/Oakland), San Francisco, California, USA, May 22-26, 2022. [Acceptance Rate: 37/245=15.1% in the first review cycle]  

Some Related Preliminary Results (Student Advisee):

  1. Shangyu Xie, Bingyu Liu and Yuan Hong, Privacy-Preserving Cloud-based DNN Inference, in Proceedings of the 2021 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP'21), Toronto, Canada, Accepted, 2021.

  2. Meisam Mohammady, Momen Oqaily, Lingyu Wang, Yuan Hong, Habib Louafi, Makan Pourzandi and Mourad Debbabi, A Multi-view Approach to Preserve Both Privacy and Utility in Network Trace Anonymization, ACM Transactions on Privacy and Security (TOPS), Vol 24(3), pages 1-36, 2021.

  3. Meisam Mohammady, Shangyu Xie, Yuan Hong, Mengyuan Zhang, Lingyu Wang, Makan Pourzandi and Mourad Debbabi, R2DP: A Universal and Automated Approach to Optimizing the Randomization Mechanisms of Differential Privacy for Utility Metrics with No Known Optimal Distributions, in Proceedings of the 27th ACM Conference on Computer and Communications Security (CCS'20), Orlando, FL, November 9-13, 2020. [Acceptance Rate: 121/715=16.9%]

  4. Han Wang, Shangyu Xie and Yuan Hong, VideoDP: A Flexible Platform for Video Analytics with Differential Privacy, in Proceedings of the 20th Privacy Enhancing Technologies Symposium (PETS'20), Montreal, Canada, July 14-18, 2020. [Acceptance Rate: 78/338=23%]

  5. Han Wang, Yuan Hong, Yu Kong and Jaideep Vaidya, Publishing Video Data with Indistinguishable Objects, in Proceedings of the 23rd International Conference on Extending Database Technology (EDBT'20), Copenhagen, Denmark, March 30-April 2, 2020, pp. 323-334. [Acceptance Rate: 20.5%]

  6. Meisam Mohammady, Lingyu Wang, Yuan Hong, Habib Louafi, Makan Pourzandi and Mourad Debbabi, Preserving Both Privacy and Utility in Network Trace Anonymization, in Proceedings of the 25th ACM Conference on Computer and Communications Security (CCS'18), Toronto, Canada, Oct 15-19, 2018, pages 459-474. [Acceptance Rate: 134/809=16.6%]