Your search keyword '"Wen-Ming Liu"' showing total 10 results

1. Introduction

Author

Wen Ming Liu and Lingyu Wang

Published

2016

2. Data Publishing: Trading Off Privacy with Utility Through the k-Jump Strategy

Author

Lingyu Wang and Wen Ming Liu

Subjects

Information privacy, Computational complexity theory, Property (programming), Generalization, sort, Data publishing, Business, Data mining, Side channel attack, computer.software_genre, Private information retrieval, computer

Abstract

In this chapter, we study the side channel leak of sensitive micro-data in which adversaries combine the published data with their knowledge about the generalization algorithms used to produce such data, in order to refine their mental image about the sensitive data. Today, data owners are usually expected to disclose micro-data for research, analysis, and various other purposes. In disclosing micro-data with sensitive attributes, the goal is usually twofold. First, the data utility of disclosed data should be preserved to a certain level for analysis purposes. Second, the private information contained in such data must be sufficiently hidden. Typically, a disclosure algorithm would first sort potential generalization functions into a predetermined order (e.g., with decreasing utility), and then discloses data using the first generalization function that satisfies the desired privacy property. Knowledge about how such disclosure algorithms work can usually render the algorithm unsafe, because adversaries may refine their guesses of the sensitive data by “simulating” the algorithms and comparing with the disclosed data. In this chapter, we show that an existing unsafe algorithm can be transformed into a large family of safe algorithms, namely, k-jump algorithms. We then prove that the data utility of different k-jump algorithms is generally incomparable, which is independent of utility measures and privacy models. Finally, we analyze the computational complexity of k-jump algorithms, and confirm the necessity of safe algorithms even when a secret choice is made among algorithms.

Published

2016

3. Web Applications: k-Indistinguishable Traffic Padding

Author

Lingyu Wang and Wen Ming Liu

Subjects

business.industry, Network packet, Computer science, Heuristic (computer science), Rounding, Overhead (computing), Web application, Data publishing, Encryption, business, Padding, Computer network

Abstract

In this chapter, we present a formal Privacy-Preserving Traffic Padding (PPTP) model encompassing the privacy requirements, padding costs, and padding methods to prevent side-channel leaks due to unique patterns in packet sizes and directions of the encrypted traffic among components of the Web application. Web-based applications are gaining popularity as they require less client-side resources, and are easier to deliver and maintain. On the other hand, Web applications also pose new security and privacy challenges. In particular, recent research revealed that many high profile Web applications might cause sensitive user inputs to be leaked from encrypted traffic due to side-channel attacks exploiting unique patterns in packet sizes and timing. Moreover, existing solutions, such as random padding and packet-size rounding, were shown to incur prohibitive overhead while still failing to guarantee sufficient privacy protection. In this chapter, we first observe an interesting similarity between this privacy-preserving traffic padding (PPTP) issue and another well studied problem, privacy-preserving data publishing (PPDP). Based on such a similarity, we present a formal PPTP model encompassing the privacy requirements, padding costs, and padding methods. We then formulate PPTP problems under different application scenarios, analyze their complexity, and design efficient heuristic algorithms. Finally, we confirm the effectiveness and efficiency of our algorithms by comparing them to existing solutions through experiments using real-world Web applications.

Published

2016

4. Web Applications: Background-Knowledge Resistant Random Padding

Author

Lingyu Wang and Wen Ming Liu

Subjects

Correctness, Theoretical computer science, Exploit, business.industry, Computer science, Network packet, Web application, Differential privacy, business, Encryption, Padding, Randomness

Abstract

The solutions in the previous chapter rely on the assumption that adversaries do not possess prior background knowledge about possible user inputs, which is a common limitation shared by most existing solutions. In this chapter, we discuss a random ceiling padding approach whose results are resistant to such adversarial knowledge. Recent studies show that a Web-based application may be inherently vulnerable to side-channel attacks which exploit unique packet sizes to identify sensitive user inputs from encrypted traffic. Existing solutions based on packet padding or packet-size rounding generally rely on the assumption that adversaries do not possess prior background knowledge about possible user inputs. In this chapter, we propose a novel random ceiling padding approach whose results are resistant to such adversarial knowledge. Specifically, the approach injects randomness into the process of forming padding groups, such that an adversary armed with background knowledge would still face sufficient uncertainty in estimating user inputs. We formally present a generic scheme and discuss two concrete instantiations. We then confirm the correctness and performance of our approach through both theoretic analysis and experiments with two real world applications.

Published

2016

5. The Big Picture: A Generic Model of Side-Channel Leaks

Author

Lingyu Wang and Wen Ming Liu

Subjects

business.industry, Computer science, Smart meter, Network packet, Linkage (mechanical), Encryption, law.invention, Information sensitivity, law, Web application, Side channel attack, Tacking, business, Computer network

Abstract

The previous chapters have described in-depth studies of side channel leaks in different applications. Although those side channel leaks and their corresponding countermeasures all look very different, there in fact exists some commonality in terms of both challenges and solutions. For example, in previous chapters, we usually apply a similar idea for tacking side channel leaks, i.e., we divide objects into groups and then break the linkage inside each group by obfuscating any observable information about the objects, where objects are either published micro-data records, encrypted packets (sizes) in web applications, or readings reported by a smart meter. In this chapter, we design a general framework for preserving privacy against side-channel leaks. We show how different problems may fit into this framework by revisiting the three side channel leaks covered in previous chapters.

Published

2016

6. Smart Metering: Inferences of Appliance Status from Fine-Grained Readings

Author

Lingyu Wang and Wen Ming Liu

Subjects

Information sensitivity, Focus (computing), Smart grid, Computer science, Smart meter, Metering mode, Side channel attack, Computer security, computer.software_genre, computer, Communication channel

Abstract

In this chapter, we discuss how sensitive information about a household’s appliance status may be leaked from fine-grained smart meter readings. This is also an example of side channel leak because the readings are not supposed to serve as a channel for learning about individual appliances’ on/off status. While the features in smart grid, underpinned by the fine-grained usage information, provide significant benefits for both utility and customers, they also pose new security and privacy challenges. Existing solutions on privacy-preserving smart metering usually assume the readings to be sensitive and aim at protecting the readings through aggregation. In this chapter, we observe that the privacy issue in smart metering goes beyond the fine-grained readings themselves. That is, it may not be sufficient to simply focus on protecting such readings through aggregation or other techniques, without first understanding how such readings may lead to inferences of the truly sensitive information, that is, the appliance status. To address this issue, we present a formal model for privacy based on inferring appliance status from fine-grained meter readings.

Published

2016

7. Related Work

Author

Wen Ming Liu and Lingyu Wang

Published

2016

8. Data Publishing: A Two-Stage Approach to Improving Algorithm Efficiency

Author

Lingyu Wang and Wen Ming Liu

Subjects

Set (abstract data type), Computational complexity theory, Computer science, Generalization, Algorithmic efficiency, Independence (mathematical logic), Context (language use), Data publishing, Data mining, Adversary, computer.software_genre, computer

Abstract

While the strategy in previous chapter is theoretically superior to existing ones due to its independence of utility measures and privacy models, and its privacy guarantee under publicly-known algorithms, it incurs a high computational complexity. In this chapter, we study an efficient strategy for diversity preserving data publishing with publicly known algorithms (algorithms as side-channel). Our main observation is that a high computational complexity is usually incurred when an algorithm conflates the processes of privacy preservation and utility optimization. We then propose a novel privacy streamliner approach to decouple those two processes for improving algorithm efficiency. More specifically, we first identify a set of potential privacy-preserving solutions satisfying that an adversary’s knowledge about this set itself will not help him/her to violate the privacy property; we can then optimize utility within this set without worrying about privacy breaches since such an optimization is now simulatable by adversaries. To make our approach more concrete, we study it in the context of micro-data release with publicly known generalization algorithms. The analysis and experiments both confirm our algorithms to be more efficient than existing solutions.

Published

2016

9. Preserving Privacy Against Side-Channel Leaks

Author

Wen Ming Liu and Lingyu Wang

Subjects

business.industry, Process (engineering), Privacy software, Computer science, Data publishing, Computer security, computer.software_genre, Padding, Key (cryptography), Web application, Side channel attack, business, computer, Randomness

Abstract

The privacy preserving issues have received significant attentions in various domains. Various models and techniques have been proposed to achieve optimal privacy with minimal costs. However, side-channel leakages (such as, publicly-known algorithms of data publishing, observable traffic information in web application, fine-grained readings in smart metering) further complicate the process of privacy preservation. In this thesis, we make the first effort on investigating a general framework to model side-channel attacks across different domains and applying the framework to various categories of applications. In privacy-preserving data publishing with publicly-known algorithms, we first theoretically study a generic strategy independent of data utility measures and syntactic privacy properties. We then propose an efficient approach to preserving diversity. In privacy-preserving traffic padding in Web applications, we first propose a formal PPTP model to quantify the privacies and costs based on the key observation about the similarity between data publishing and traffic padding. We then introduce randomness into the previous solutions to provide background knowledge-resistant privacy guarantee. In privacy-preserving smart metering, we propose a light-weight approach to simultaneously preserving privacy on both billing and consumption aggregation based on the key observation about the privacy issue beyond the fine-grained readings.

Published

2016

10. Review of Sensors and Its Applications in the Welding Robot

Author

Wen-Ming Liu, Yi-Xiong Wu, and Xue-Qin Lu

Subjects

Robot welding, Computer science, Robot, Laser beam welding, Mobile robot, Control engineering, Motion planning, Closing (morphology), Spot welding, Position sensor, Manufacturing engineering

Abstract

The use of sensors is of paramount importance for closing the feedback control loops that secure efficient and automated/autonomous operation of mobile robots in real-life applications. This paper reviews the development of sensing in welding robot and vision sensing for the weld line inspection. The robot requires several types of sensors for balancing and path planning. High accuracy and resolution of these sensors is of paramount importance for successful control of the robot. In this paper we review some of these sensors and evaluate their suitability for use in the robot. Various vision sensors and position sensors are reviewed and their advantages and disadvantages are discussed. These sensors have been incorporated and evaluated.

Published

2015