sip: secure information provider
DESCRIPTION
SIP: Secure Information Provider. Pallavi Arora and Huy Nguyen WiSeR – Wireless System Research Group Department of Computer Science University of Houston, TX, USA COSC 7388 Project Presentation. Agenda. Smart phone: a threat to privacy Attacker model Applicability Existing Work - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/1.jpg)
SIP: Secure Information Provider
Pallavi Arora and Huy NguyenWiSeR – Wireless System Research Group
Department of Computer ScienceUniversity of Houston, TX, USA
COSC 7388 PROJECT PRESENTATION
![Page 2: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/2.jpg)
COSC 7388 Project Presentation
Agenda• Smart phone: a threat to privacy• Attacker model• Applicability• Existing Work• System architecture• Evaluation• Conclusion and future work
2
![Page 3: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/3.jpg)
COSC 7388 Project Presentation
Smart phone a threat to privacy• Grand Jury Investigation Targets Smartphone
Privacy: treat the responsibility with respect.
• Paul Wilson of Dallas: "No way will a game have access to
my contact list or call log. Next they'll want me to send them a key to my house so they can go through my bank and tax statements."
3
![Page 4: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/4.jpg)
COSC 7388 Project Presentation
What kind of information do smartphone apps collect?
– Contacts– Location history– Times of past meetings and future appointments– Photographs and videos, access to camera (in
some case)– Details of who the user contacted and when,
whether it was via voice, e-mail, SMS, IM, or social networking -- often including a verbatim transcript of the message.
• Virtually anything that you have on the phone.
4
![Page 5: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/5.jpg)
COSC 7388 Project Presentation
What can go wrong ,in wrong hands?
• Contact list – Lead to lost friendships, missed business
opportunities, or a ruined marriage.• Appointment calendar
– Could inadvertently disclose a medical condition
• Location data– Let burglars know when you're away
from home– Tell pedophiles what route your children
walk to school.
5
![Page 6: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/6.jpg)
COSC 7388 Project Presentation
Attacker model• Semihonest:
– Honest and can correctly process and respond to messages, but are curious in that they may attempt to determine the identity of a user based on what they “see”
• Honest But curious:– All parties are curious, in that they try to
find out as much as possible about the other inputs despite following the protocol.
6
![Page 7: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/7.jpg)
COSC 7388 Project Presentation
How about a Big Daddy? Who?• Government
– Electronic Frontier Foundation• App Developers
– Request only those permissions that are absolutely necessary for the app.
– Disclose in detail why your apps need certain permissions.
– Establish trust early, and maintain that trust by giving users fine-grained control over their own data.
• Our solution a trusted Middle guy.– Not feasible for all third party applications.– Can’t save from the phone company. 7
![Page 8: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/8.jpg)
COSC 7388 Project Presentation
Scope• Services tolerant/invertible to perturbed
results.• Tolerant: indifferent to low noise levels
– Recommendation services.• Music, videos
– Services like Reddit ( social news website).• Invertible: can remove noise completely
from result– Location based services.
8
![Page 9: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/9.jpg)
COSC 7388 Project Presentation
Existing work• “Protecting Location Privacy
with Personalized k-Anonymity: Architecture and Algorithms”
9
![Page 10: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/10.jpg)
COSC 7388 Project Presentation
Existing work• CAP: A Context-Aware Privacy
Protection System for Location-Based Services– “Context aware” perturbation– Various-grid length Hilbert
Curve (VHC)-mapping• privacy protection• LBS accuracy
10
![Page 11: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/11.jpg)
COSC 7388 Project Presentation
Existing work• Homomorphic Encryption
– Algebraic operation performed on the plaintext is equivalent to another (possibly different) algebraic operation performed on the ciphertext.
11
![Page 12: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/12.jpg)
COSC 7388 Project Presentation
System architecture
12
SIP Server
SIP Web Portal
![Page 13: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/13.jpg)
COSC 7388 Project Presentation
Cloaking mechanism
13
![Page 14: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/14.jpg)
COSC 7388 Project Presentation 14
Demo Session
![Page 15: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/15.jpg)
COSC 7388 Project Presentation
Evaluation• Song similarity index
SI(s1, s2) = (a + b)w + c• Evaluation scenarios
– With/without SIP service– Varying system parameters
15
a = 1 if (s1.genre == s2.genre)b = 1 if (s1.album == s2.album)c = γ / (α + β + γ)
α = no. of genres of artist1, but not artist2β = no. of genres of artist2, but not artist1γ = no. of genres of both artists
![Page 16: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/16.jpg)
COSC 7388 Project Presentation
Eval 1: weight factor
16
Exp Setup• noise = 20%• w [0, 0.5]• decoy = 5• list size = 5• round = 10
![Page 17: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/17.jpg)
COSC 7388 Project Presentation
Eval 2: number of decoys
17
Exp Setup• noise = 20%• w = 0.2• decoy [5, 10]• list size = 5• round = 10
![Page 18: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/18.jpg)
COSC 7388 Project Presentation
Eval 3: noise level
18
Exp Setup• noise [0,0.8]• w = 0.2• decoy = 5• list size = 5• round = 10
![Page 19: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/19.jpg)
COSC 7388 Project Presentation
Contribution• Pallavi
– Literature research– Client implementation– Cloaking mechanism– Song similarity algorithm
• Huy– Server implementation– Music service implementation– Evaluation– Cloaking mechanism
19
![Page 20: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/20.jpg)
COSC 7388 Project Presentation
Challenges• Project idea (innovative!!)• Limited programming ability of WP7 SDK
– No phone settings/user info access– No TCP/IP socket connection supported (yet)
• Workstation is behind firewall– Cannot connect to SQL Azure DB
• Slow and unstable last.fm server– Frequently crashes the evaluation
20
![Page 21: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/21.jpg)
COSC 7388 Project Presentation
Conclusion and future work• Protect user privacy w/o scarifying
service performance• Applicable for other types of services• Evaluation proves system efficiency• Future work:
– Extend the application pool– Devise rigorous mathematical formulation– Compare against other algorithms
21
![Page 22: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/22.jpg)
COSC 7388 Project Presentation
THANK YOU FOR YOUR ATTENTION
22
http://wireless.cs.uh.edu/
![Page 23: SIP: Secure Information Provider](https://reader036.vdocuments.net/reader036/viewer/2022062323/56816187550346895dd120d2/html5/thumbnails/23.jpg)
COSC 7388 Project Presentation
References• “Why users don't trust mobile apps” originally
appeared at InfoWorld.com. • Finding Similar Music Artists for Recommendation,
Abhay Goel, Prerak Trivedi, USC Viterbi.• Protecting Location Privacy with Personalized k-
anonymity: Architecture and Algorithms, B. Gedik,Ling Liu
• CAP: A Context-Aware Privacy Protection System for Location-Based Services, Aniket Pingley et al.
23