Wen Ming Liu

k -indistinguishable traffic padding in web applications

While web-based applications are becoming increasingly ubiquitous, they also present new security and privacy challenges. In particular, recent research revealed that many high profile Web applications might cause private user information to leak from encrypted traffic due to side-channel attacks exploiting packet sizes and timing. Moreover, existing solutions, such as random padding and packet-size rounding, are shown to incur prohibitive cost while still not ensuring sufficient privacy protection. In this paper, we propose a novel k-indistinguishable traffic padding technique to achieve the optimal tradeoff between privacy protection and communication and computational cost. Specifically, we first present a formal model of the privacy-preserving traffic padding (PPTP). We then formulate PPTP problems under different application scenarios, analyze their complexity, and design efficient heuristic algorithms. Finally, we confirm the effectiveness and efficiency of our algorithms by comparing them to existing solutions through experiments using real-world Web applications.

Privacy-preserving traffic padding in web-based applications

Web-based applications are gaining popularity as they require less client-side resources, and are easier to deliver and maintain. On the other hand, web applications also pose new security and privacy challenges. In particular, recent research revealed that many high profile web applications might cause sensitive user inputs to be leaked from encrypted traffic due to side-channel attacks exploiting unique patterns in packet sizes and timing. Moreover, existing solutions, such as random padding and packet-size rounding, were shown to incur prohibitive overhead while still failing to guarantee sufficient privacy protection. In this paper, we first observe an interesting similarity between this privacy-preserving traffic padding (PPTP) issue and another well studied problem, privacy-preserving data publishing (PPDP). Based on such a similarity, we present a formal PPTP model encompassing the privacy requirements, padding costs, and padding methods. We then formulate PPTP problems under different application scenarios, analyze their complexity, and design efficient heuristic algorithms. Finally, we confirm the effectiveness and efficiency of our algorithms by comparing them to existing solutions through experiments using real-world web applications.

Privacy streamliner: a two-stage approach to improving algorithm efficiency

In releasing data with sensitive information, a data owner usually has seemingly conflicting goals, including privacy preservation, utility optimization, and algorithm efficiency. In this paper, we observe that a high computational complexity is usually incurred when an algorithm conflates the processes of privacy preservation and utility optimization. We then propose a novel privacy streamliner approach to decouple those two processes for improving algorithm efficiency. More specifically, we first identify a set of potential privacy-preserving solutions satisfying that an adversarys knowledge about this set itself will not help him/her to violate the privacy property; we can then optimize utility within this set without worrying about privacy breaches since such an optimization is now simulatable by adversaries. To make our approach more concrete, we study it in the context of micro-data release with publicly known generalization algorithms. The analysis and experiments both confirm our algorithms to be more efficient than existing solutions.

Privacy Preserving Smart Meter Streaming Against Information Leakage of Appliance Status

The smart grid frequently collects consumers’ fine-grained power usage data through smart meters to facilitate various applications, such as billing, load monitoring, regional statistics, and demand response. However, the smart meter reading streams may also pose severe privacy threats to the consumers by leaking their appliances’ ON/OFF status. In this paper, we first quantitatively measure the information leakage with respect to specific appliances’ status from any reading stream, and define a novel privacy notion to bound such information leakage. In addition, we propose a privacy preserving streaming algorithm with different options to effectively convert readings and promptly stream safe readings in different fashions. The output time series readings satisfy our privacy notion while guaranteeing excellent utility, such as extremely low aggregation errors and billing errors. Finally, we experimentally validate the effectiveness and efficiency of our approach using real data sets.

PPTP: Privacy-Preserving Traffic Padding in Web-Based Applications

Web-based applications are gaining popularity as they require less client-side resources, and are easier to deliver and maintain. On the other hand, web applications also pose new security and privacy challenges. In particular, recent research revealed that many high profile web applications might cause sensitive user inputs to be leaked from encrypted traffic due to side-channel attacks exploiting unique patterns in packet sizes and timing. Moreover, existing solutions, such as random padding and packet-size rounding, were shown to incur prohibitive overhead while still failing to guarantee sufficient privacy protection. In this paper, we first observe an interesting similarity between this privacy-preserving traffic padding (PPTP) issue and another well studied problem, privacy-preserving data publishing (PPDP). Based on such a similarity, we present a formal PPTP model encompassing the privacy requirements, padding costs, and padding methods. We then formulate PPTP problems under different application scenarios, analyze their complexity, and design efficient heuristic algorithms. Finally, we confirm the effectiveness and efficiency of our algorithms by comparing them to existing solutions through experiments using real-world web applications.

Background Knowledge-Resistant Traffic Padding for Preserving User Privacy in Web-Based Applications

While enjoying the convenience of Software as a Service (SaaS), users are also at an increased risk of privacy breaches. Recent studies show that a Web-based application may be inherently vulnerable to side-channel attacks which exploit unique packet sizes to identify sensitive user inputs from encrypted traffic. Existing solutions based on packet padding or packet-size rounding generally rely on the assumption that adversaries do not possess prior background knowledge about possible user inputs. In this paper, we propose a novel random ceiling padding approach whose results are resistant to such adversarial knowledge. Specifically, the approach injects randomness into the process of forming padding groups, such that an adversary armed with background knowledge would still face sufficient uncertainty in estimating user inputs. We formally present a generic scheme and discuss two concrete instantiations. We then confirm the correctness and performance of our approach through both theoretic analysis and experiments with two real world applications.

k-jump: A strategy to design publicly-known algorithms for privacy preserving micro-data disclosure

Data owners are expected to disclose micro-data for research, analysis, and various other purposes. In disclosing micro-data with sensitive attributes, the goal is usually two fold. First, the data utility of disclosed data should be maximized for analysis purposes. Second, the private information contained in such data must be to an acceptable level. Typically, a disclosure algorithm evaluates potential generalization functions in a predetermined order, and then discloses the first generalization that satisfies the desired privacy property. Recent studies show that adversarial inferences using knowledge about such disclosure algorithms can usually render the algorithm unsafe. In this paper, we show that an existing unsafe algorithm can be transformed into a large family of safe algorithms, namely, k-jump algorithms. We then prove that the data utility of different k-jump algorithms is generally incomparable. The comparison of data utility is independent of utility measures and syntactic privacy models. Finally, we analyze the computational complexity of k-jump algorithms, and confirm the necessity of safe algorithms even when a secret choice is made among algorithms.

Accurate and efficient query clustering via top ranked search results

To make the search engine more user-friendly, commercial search engines commonly develop applications to provide suggestion or recommendation for every posed query. Clustering semantically similar queries acts as an essential prerequisite to function well in those applications. However, clustering queries effectively is quite challenging, since they are usually short, incomplete and ambiguous. Existing prevalent clustering methods, such as K-Means or DBSCAN cannot guarantee good performance in such a highly dimensional environment. Through analyzing users’ click-through query logs, hierarchical agglomerative clustering gives good results but is computationally quite expensive. This paper identifies a novel feature for clustering search queries based on a key insight – queries’ top ranked search results can themselves be used to quantify query similarity. After investigating such feature, we propose a new similarity metric for comparing those diverse queries. This facilitates us to develop two very efficient and accurate algorithms integrated in query clustering. We conduct comprehensive experiments to compare the accuracy of our approach against the known baselines along two dimensions: 1) quantifying the cohesion/separation of clustered queries, and 2) justifying the results by real-world Internet users. The experimental results demonstrate that our two algorithms and the similarity metric can generate more accurate results within a significantly shorter time.