-
A Generative Framework for Low-Cost Result Validation of Machine Learning-as-a-Service Inference
Authors:
Abhinav Kumar,
Miguel A. Guirao Aguilera,
Reza Tourani,
Satyajayant Misra
Abstract:
The growing popularity of Machine Learning (ML) has led to its deployment in various sensitive domains, which has resulted in significant research focused on ML security and privacy. However, in some applications, such as Augmented/Virtual Reality, integrity verification of the outsourced ML tasks is more critical--a facet that has not received much attention. Existing solutions, such as multi-par…
▽ More
The growing popularity of Machine Learning (ML) has led to its deployment in various sensitive domains, which has resulted in significant research focused on ML security and privacy. However, in some applications, such as Augmented/Virtual Reality, integrity verification of the outsourced ML tasks is more critical--a facet that has not received much attention. Existing solutions, such as multi-party computation and proof-based systems, impose significant computation overhead, which makes them unfit for real-time applications. We propose Fides, a novel framework for real-time integrity validation of ML-as-a-Service (MLaaS) inference. Fides features a novel and efficient distillation technique--Greedy Distillation Transfer Learning--that dynamically distills and fine-tunes a space and compute-efficient verification model for verifying the corresponding service model while running inside a trusted execution environment. Fides features a client-side attack detection model that uses statistical analysis and divergence measurements to identify, with a high likelihood, if the service model is under attack. Fides also offers a re-classification functionality that predicts the original class whenever an attack is identified. We devised a generative adversarial network framework for training the attack detection and re-classification models. The evaluation shows that Fides achieves an accuracy of up to 98% for attack detection and 94% for re-classification.
△ Less
Submitted 24 April, 2024; v1 submitted 31 March, 2023;
originally announced April 2023.
-
Harpocrates: Anonymous Data Publication in Named Data Networking
Authors:
Md Washik Al Azad,
Reza Tourani,
Abderrahmen Mtibaa,
Spyridon Mastorakis
Abstract:
Named-Data Networking (NDN), a prominent realization of the Information-Centric Networking (ICN) vision, offers a request-response communication model where data is identified based on application-defined names at the network layer. This amplifies the ability of censoring authorities to restrict user access to certain data/websites/applications and monitor user requests. The majority of existing N…
▽ More
Named-Data Networking (NDN), a prominent realization of the Information-Centric Networking (ICN) vision, offers a request-response communication model where data is identified based on application-defined names at the network layer. This amplifies the ability of censoring authorities to restrict user access to certain data/websites/applications and monitor user requests. The majority of existing NDN-based frameworks have focused on enabling users in a censoring network to access data available outside of this network, without considering how data producers in a censoring network can make their data available to users outside of this network. This problem becomes especially challenging, since the NDN communication paths are symmetric, while producers are mandated to sign the data they generate and identify their certificates. In this paper, we propose Harpocrates, an NDN-based framework for anonymous data publication under censorship conditions. Harpocrates enables producers in censoring networks to produce and make their data available to users outside of these networks while remaining anonymous to censoring authorities. Our evaluation demonstrates that Harpocrates achieves anonymous data publication under different settings, being able to identify and adapt to censoring actions.
△ Less
Submitted 16 January, 2022;
originally announced January 2022.
-
DLWIoT: Deep Learning-based Watermarking for Authorized IoT Onboarding
Authors:
Spyridon Mastorakis,
Xin Zhong,
Pei-Chi Huang,
Reza Tourani
Abstract:
The onboarding of IoT devices by authorized users constitutes both a challenge and a necessity in a world, where the number of IoT devices and the tampering attacks against them continuously increase. Commonly used onboarding techniques today include the use of QR codes, pin codes, or serial numbers. These techniques typically do not protect against unauthorized device access-a QR code is physical…
▽ More
The onboarding of IoT devices by authorized users constitutes both a challenge and a necessity in a world, where the number of IoT devices and the tampering attacks against them continuously increase. Commonly used onboarding techniques today include the use of QR codes, pin codes, or serial numbers. These techniques typically do not protect against unauthorized device access-a QR code is physically printed on the device, while a pin code may be included in the device packaging. As a result, any entity that has physical access to a device can onboard it onto their network and, potentially, tamper it (e.g.,install malware on the device). To address this problem, in this paper, we present a framework, called Deep Learning-based Watermarking for authorized IoT onboarding (DLWIoT), featuring a robust and fully automated image watermarking scheme based on deep neural networks. DLWIoT embeds user credentials into carrier images (e.g., QR codes printed on IoT devices), thus enables IoT onboarding only by authorized users. Our experimental results demonstrate the feasibility of DLWIoT, indicating that authorized users can onboard IoT devices with DLWIoT within 2.5-3sec.
△ Less
Submitted 17 October, 2020;
originally announced October 2020.
-
Predictive and Causal Implications of using Shapley Value for Model Interpretation
Authors:
Sisi Ma,
Roshan Tourani
Abstract:
Shapley value is a concept from game theory. Recently, it has been used for explaining complex models produced by machine learning techniques. Although the mathematical definition of Shapley value is straight-forward, the implication of using it as a model interpretation tool is yet to be described. In the current paper, we analyzed Shapley value in the Bayesian network framework. We established t…
▽ More
Shapley value is a concept from game theory. Recently, it has been used for explaining complex models produced by machine learning techniques. Although the mathematical definition of Shapley value is straight-forward, the implication of using it as a model interpretation tool is yet to be described. In the current paper, we analyzed Shapley value in the Bayesian network framework. We established the relationship between Shapley value and conditional independence, a key concept in both predictive and causal modeling. Our results indicate that, eliminating a variable with high Shapley value from a model do not necessarily impair predictive performance, whereas eliminating a variable with low Shapley value from a model could impair performance. Therefore, using Shapley value for feature selection do not result in the most parsimonious and predictively optimal model in the general case. More importantly, Shapley value of a variable do not reflect their causal relationship with the target of interest.
△ Less
Submitted 11 August, 2020;
originally announced August 2020.
-
Democratizing the Edge: A Pervasive Edge Computing Framework
Authors:
Reza Tourani,
Srikathyayani Srikanteswara,
Satyajayant Misra,
Richard Chow,
Lily Yang,
Xiruo Liu,
Yi Zhang
Abstract:
The needs of emerging applications, such as augmented and virtual reality, federated machine learning, and autonomous driving, have motivated edge computing--the push of computation capabilities to the edge. Various edge computing architectures have emerged, including multi-access edge computing and edge-cloud, all with the premise of reducing communication latency and augmenting privacy. However,…
▽ More
The needs of emerging applications, such as augmented and virtual reality, federated machine learning, and autonomous driving, have motivated edge computing--the push of computation capabilities to the edge. Various edge computing architectures have emerged, including multi-access edge computing and edge-cloud, all with the premise of reducing communication latency and augmenting privacy. However, these architectures rely on static and pre-deployed infrastructure, falling short in harnessing the abundant resources at the network's edge. In this paper, we discuss the design of Pervasive Edge Computing (PEC)--a democratized edge computing framework, which enables end-user devices (e.g., smartphones, IoT devices, and vehicles) to dynamically participate in a large-scale computing ecosystem. Our vision of the democratized edge involves the real-time composition of services using available edge resources like data, software, and compute-hardware from multiple stakeholders. We discuss how the novel Named-Data Networking architecture can facilitate service deployment, discovery, invocation, and migration. We also discuss the economic models critical to the adoption of PEC and the outstanding challenges for its full realization.
△ Less
Submitted 1 July, 2020;
originally announced July 2020.
-
LASeR: Lightweight Authentication and Secured Routing for NDN IoT in Smart Cities
Authors:
Travis Mick,
Reza Tourani,
Satyajayant Misra
Abstract:
Recent literature suggests that the Internet of Things (IoT) scales much better in an Information-Centric Networking (ICN) model instead of the current host-centric Internet Protocol (IP) model. In particular, the Named Data Networking (NDN) project (one of the ICN architecture flavors) offers features exploitable by IoT applications, such as stateful forwarding, in- network caching, and built-in…
▽ More
Recent literature suggests that the Internet of Things (IoT) scales much better in an Information-Centric Networking (ICN) model instead of the current host-centric Internet Protocol (IP) model. In particular, the Named Data Networking (NDN) project (one of the ICN architecture flavors) offers features exploitable by IoT applications, such as stateful forwarding, in- network caching, and built-in assurance of data provenance. Though NDN-based IoT frameworks have been proposed, none have adequately and holistically addressed concerns related to secure onboarding and routing. Additionally, emerging IoT applications such as smart cities require high scalability and thus pose new challenges to NDN routing. Therefore, in this work, we propose and evaluate a novel, scalable framework for lightweight authentication and hierarchical routing in the NDN IoT (ND- NoT). Our ns-3 based simulation analyses demonstrate that our framework is scalable and efficient. It supports deployment densities as high as 40,000 nodes/km2 with an average onboarding convergence time of around 250 seconds and overhead of less than 20 KiB per node. This demonstrates its efficacy for emerging large-scale IoT applications such as smart cities.
△ Less
Submitted 24 March, 2017;
originally announced March 2017.
-
AccConF: An Access Control Framework for Leveraging In-Network Cached Data in ICNs
Authors:
S. Misra,
R. Tourani,
F. Natividad,
T. Mick,
N. Majd,
H. Huang
Abstract:
The fast-growing Internet traffic is increasingly becoming content-based and driven by mobile users, with users more interested in data rather than its source. This has precipitated the need for an information-centric Internet architecture. Research in information-centric networks (ICNs) have resulted in novel architectures, e.g., CCN/NDN, DONA, and PSIRP/PURSUIT; all agree on named data based add…
▽ More
The fast-growing Internet traffic is increasingly becoming content-based and driven by mobile users, with users more interested in data rather than its source. This has precipitated the need for an information-centric Internet architecture. Research in information-centric networks (ICNs) have resulted in novel architectures, e.g., CCN/NDN, DONA, and PSIRP/PURSUIT; all agree on named data based addressing and pervasive caching as integral design components. With network-wide content caching, enforcement of content access control policies become non-trivial. Each caching node in the network needs to enforce access control policies with the help of the content provider. This becomes inefficient and prone to unbounded latencies especially during provider outages.
In this paper, we propose an efficient access control framework for ICN, which allows legitimate users to access and use the cached content directly, and does not require verification/authentication by an online provider authentication server or the content serving router. This framework would help reduce the impact of system down-time from server outages and reduce delivery latency by leveraging caching while guaranteeing access only to legitimate users. Experimental/simulation results demonstrate the suitability of this scheme for all users, but particularly for mobile users, especially in terms of the security and latency overheads.
△ Less
Submitted 10 March, 2016;
originally announced March 2016.
-
Security, Privacy, and Access Control in Information-Centric Networking: A Survey
Authors:
Reza Tourani,
Travis Mick,
Satyajayant Misra,
Gaurav Panwar
Abstract:
Information-Centric Networking (ICN) is a new networking paradigm, which replaces the widely used host-centric networking paradigm in communication networks (e.g., Internet, mobile ad hoc networks) with an information-centric paradigm, which prioritizes the delivery of named content, oblivious of the contents origin. Content and client security are more intrinsic in the ICN paradigm versus the cur…
▽ More
Information-Centric Networking (ICN) is a new networking paradigm, which replaces the widely used host-centric networking paradigm in communication networks (e.g., Internet, mobile ad hoc networks) with an information-centric paradigm, which prioritizes the delivery of named content, oblivious of the contents origin. Content and client security are more intrinsic in the ICN paradigm versus the current host centric paradigm where they have been instrumented as an after thought. By design, the ICN paradigm inherently supports several security and privacy features, such as provenance and identity privacy, which are still not effectively available in the host-centric paradigm. However, given its nascency, the ICN paradigm has several open security and privacy concerns, some that existed in the old paradigm, and some new and unique. In this article, we survey the existing literature in security and privacy research sub-space in ICN. More specifically, we explore three broad areas: security threats, privacy risks, and access control enforcement mechanisms.
We present the underlying principle of the existing works, discuss the drawbacks of the proposed approaches, and explore potential future research directions. In the broad area of security, we review attack scenarios, such as denial of service, cache pollution, and content poisoning. In the broad area of privacy, we discuss user privacy and anonymity, name and signature privacy, and content privacy. ICN's feature of ubiquitous caching introduces a major challenge for access control enforcement that requires special attention. In this broad area, we review existing access control mechanisms including encryption-based, attribute-based, session-based, and proxy re-encryption-based access control schemes. We conclude the survey with lessons learned and scope for future work.
△ Less
Submitted 1 June, 2017; v1 submitted 10 March, 2016;
originally announced March 2016.