当前位置: X-MOL 学术J. Inf. Secur. Appl. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Scaling & fuzzing: Personal image privacy from automated attacks in mobile cloud computing
Journal of Information Security and Applications ( IF 5.6 ) Pub Date : 2021-05-19 , DOI: 10.1016/j.jisa.2021.102850
Shweta Saharan , Vijay Laxmi , Bruhadeshwar Bezawada , Manoj Singh Gaur

The mobile cloud computing (MCC) paradigm provides a range of useful services to smart phone users and enhances the user experience significantly. But, as MCC requires the data to be offloaded to an external server, there are serious concerns regarding the privacy of the users’ personal data such as images. For instance, a cloud server could perform image segmentation on user images to extract interesting artifacts such as restaurants, user’s clothing preferences, tourist locations, participation in social events and so on, which characterize the user’s personal life. The leakage of such private information could lead to milder consequences like targeted advertising or more serious consequences like identity theft. In this work, to protect the privacy of user images, we describe a privacy-preserving image filtering for mobile cloud computing that protects against automated inference attacks based on techniques like image segmentation. The key intuition of our approach is to leverage the inherent properties of the discrete Fourier transform (DFT), which transforms each image pixel into a complex value real and imaginary parts which can be processed independently. By dividing the image in this manner, we are able to process distinct parts of the image on different non-colluding servers and aggregate the results at the client. Furthermore, to prevent information leakage at individual servers, we obfuscate the data sent to any given server using an efficient reversible transformation. We prove our approach to be secure under the semi-honest model and non-colluding servers where at least one server does not collude with the rest of the servers. In comparison to the existing paradigm of outsourced privacy preserving computation, i.e., processing encrypted data using homomorphic encryption, our approach employs easy-to-implement obfuscation techniques without any key management overhead at the client. Using experimental evaluation as well as information theoretic leakage evaluation, we show that our approach is efficient and suitable for users of mobile devices.



中文翻译:

扩展和模糊测试:来自移动云计算中自动攻击的个人图像隐私

移动云计算(MCC)范例为智能手机用户提供了一系列有用的服务,并显着增强了用户体验。但是,由于MCC要求将数据卸载到外部服务器,因此对于用户个人数据(例如图像)的隐私存在严重的担忧。例如,云服务器可以对用户图像执行图像分割,以提取有趣的伪像,例如餐馆,用户的服装偏好,游客位置,参加社交活动等,这些都是用户个人生活的特征。此类私人信息的泄漏可能会导致较温和的后果,例如定向广告,或者更严重的后果,例如身份盗用。在这项工作中,为了保护用户图像的隐私,我们描述了一种用于移动云计算的保护隐私的图像过滤,它可以防止基于图像分割等技术的自动推理攻击。我们方法的主要直觉是利用离散傅里叶变换(DFT)的固有属性,该变换将每个图像像素转换为可以独立处理的复数值实部和虚部。通过以这种方式划分映像,我们能够在不同的非冲突服务器上处理映像的不同部分,并在客户端汇总结果。此外,为了防止信息在单个服务器上泄漏,我们使用有效的可逆转换来混淆发送到任何给定服务器的数据。我们证明了我们的方法在半诚实模型和无冲突服务器(其中至少一台服务器不与其他服务器相互冲突)下是安全的。与外包隐私保护计算的现有范例(即使用同态加密处理加密的数据)相比,我们的方法采用易于实现的混淆技术,而无需在客户端进行任何密钥管理。使用实验评估以及信息理论泄漏评估,我们证明了我们的方法是有效的,适合于移动设备的用户。我们的方法采用易于实现的混淆技术,在客户端没有任何密钥管理开销。使用实验评估以及信息理论泄漏评估,我们证明了我们的方法是有效的,适合于移动设备的用户。我们的方法采用易于实现的混淆技术,在客户端没有任何密钥管理开销。使用实验评估以及信息理论泄漏评估,我们证明了我们的方法是有效的,适合于移动设备的用户。

更新日期:2021-05-19
down
wechat
bug