可免於內部攻擊的隱私保存資料探勘系統 — 基於導入加法同形代理重加密協定之差分隱私

Abstract

本論文針對分散式核基資料探勘系統(例如分散式支持向量機)提出一種新型態的間諜攻擊威脅並討論如何防止此種威脅。在目前已知的隱私洩漏問題中，間諜攻擊是過去幾年間成長最快速，並已成為排名前三名的隱私洩漏問題。然而，在分散式核基資料探勘領域中，目前與間諜攻擊相關的研究仍非常有限，並且，已知的研究工作也多集中於探討如何防止「組織之間」的串謀攻擊，尚未有人提出如何防止「組織內間諜與外部攻擊者之間」的串謀攻擊。對於後者，受到此種攻擊的系統其原始資料可能會被攻擊者在核資料傳輸時擷取並還原出來。這種攻擊的特色是只需要少少幾筆由間諜提供的資料，就能夠推知其他全部使用者的資料，這跟以往需要駭客費時費力駭入受害者的電腦系統，有時甚至需要進一步取得電腦管理者最高權限才行的攻擊手法相比，是更加難以防範的。據我們所知，我們是第一個指出分散式核基資料探勘系統可能遭受這種新型的間諜攻擊手法的人，並且我們在此論文中也提出了這種間諜攻擊產生的環境條件的規則分析：需要多少個間諜就能夠完成此種間諜攻擊。 在本論文中，我們也提出了兩種防止這種間諜攻擊的防禦方法。第一種防禦方法的基本原理是利用升高資料的維度或減少間諜個數的方法來阻止目前系統的環境滿足此種攻擊產生的環境條件規則；第二種防禦方法的基本原理則是基於差分隱私：差分隱私是目前安全等級最高的隱私保護方法之一，我們將在本論文中證明符合差分隱私的系統能夠有效防禦此種間諜攻擊。在本論文中我們更提出使用加法同形代理重加密協定的差分隱私保護方法，不僅能夠透過符合差分隱私的標準來防止間諜攻擊，並且與過去其他常用於解決隱私洩漏問題所採用的重加密協定相比，能夠減少更多不必要的時間浪費，進而大幅提升系統運算速度。

In this thesis, we consider a new insider threat for the privacy preserving work of distributed kernel-based data mining (DKBDM), such as distributed Support Vector Machine (SVM). Among several known data breaching problems, those associated with insider attacks have been rising significantly, making this one of the fastest growing types of security breaches. Once considered a negligible concern, insider attacks have risen to be one of the top three central data violations. Insider-related research involving the distribution of kernel-based data mining is limited, resulting in substantial vulnerabilities in designing protection against “collaborative organizations.” Prior works often fall short by addressing a multifactorial model that is more limited in scope and implementation than addressing “insiders within an organization” colluding with outsiders. A faulty system allows collusion to go unnoticed when an insider shares data with an outsider, who can then recover the original data from message transmissions (intermediary kernel values) among organizations. This attack requires only accessibility to a few data entries within the organizations rather than requiring the encrypted administrative privileges typically found in the distribution of data mining scenarios. To the best of our knowledge, we are the first to explore this new insider threat in DKBDM. We also analytically demonstrate the minimum amount of insider data necessary to launch the insider attack. For countering the described attack, we then present two privacy-preserving methods to defend against the attack. For the first method, we reduce the number of insiders or expand the data dimensions to prevent the satisfaction of the privacy breach rule. For the second method, as differential privacy is one of the most theoretically sound and widespread privacy concepts, we will prove differential private method effective against the serious insider attack. Besides, Homomorphic Encryption method, which allows calculations on encrypted information to be performed without first decrypting the information, has been successfully used to solve the privacy issue of DKBDM in the past. However, this method is too time-consuming. Thus, we propose a Differentially-Private model based on Additive Homomorphic Proxy Re-Encryption for SVM (DAHOPE-SVM), which can drastically reduce the use of Homomorphic Encryption with the help of Proxy Re-Encryption and thus reduce the time required to perform. Our proposed method has been the quickest method of applying Homomorphic Encryption in DKBDM until now; at the same time, our method maintains a high standard of privacy protection by including a proven differential privacy component.