Office Use Only Semester One 2021 Examination Period Faculty of Information Technology EXAM CODES: FIT 5124 TITLE OF PAPER: Advanced Topics in Security EXAM DURATION: 2 hours 10 minutes THIS PAPER IS FOR STUDENTS STUDYING AT: (tick where applicable) □ Caulfield ✔Clayton □ Parkville □ Peninsula □Monash Extension □ Off Campus Learning □ Malaysia □ Sth Africa □ Other (specify) During an exam, you must not have in your possession any item/material that has not been authorised for your exam. This includes books, notes, paper, electronic device/s, mobile phone, smart watch/device, calculator, pencil case, or writing on any part of your body. Any authorised items are listed below. Items/materials on your desk, chair, in your clothing or otherwise on your person will be deemed to be in your possession. No examination materials are to be removed from the room. This includes retaining, copying, memorising or noting down content of exam material for personal use or to share with any other person by any means following your exam. Failure to comply with the above instructions, or attempting to cheat or cheating in an exam is a discipline offence under Part 7 of the Monash University (Council) Regulations, or a breach of instructions under Part 3 of the Monash University (Academic Board) Regulations. AUTHORISED MATERIALS OPEN BOOK □ YES ✔ NO CALCULATORS □ YES ✔ NO SPECIFICALLY PERMITTED ITEMS □ YES ✔ NO if yes, items permitted are: Candidates must complete this section if required to write answers within this paper STUDENT ID: __ __ __ __ __ __ __ __ DESK NUMBER: __ __ __ __ __ Page 1 of 4 Test contents: 6 questions, 60 marks total. PART A (10 marks) TRUE/FALSE questions (final exam will contain 10 questions) 1. The database admin cannot access a database in cleartext, if it is protected by transparent encryption. a) True b) False 2. The attacker can always recover the query keyword in count attack based on the access pattern. a) True b) False 3. In secure multi-party computation (MPC), the attacker cannot infer the information from the computation results. a) True b) False 4. In garbled circuit, each bit of an input will be mapped into a random string. a) True b) False PART B (10 marks) Single answer questions. (final exam will contain 10 questions) 1. Which of the following is a security service provided by Intel SGX? a) Keyboard input protection b) Remote attestation c) Cryptographic hash functions d) Encrypted network communications e) Encoded storage 2. Which of the following is FALSE about arithmetic sharing? a) Arithmetic sharing is operated on the integer ring b) Addition in arithmetic sharing is free c) Multiplication triplets are generated independently without relying on the input data d) Multiplication over arithmetic shares needs to consume a constant round of communications between two parties. e) Multiplication over arithmetic shares cannot support large integers Page 2 of 4 3. Which of the following is a challenge specifically considered in federated learning (FL)? a) The server can be compromised by the attacker. b) Some users produce significantly more data than others. c) Mobile devices cannot generate the data that FL requires. d) Mobile devices do not support FL algorithms. e) Communication between the client and server can be compromised. 4. Which of the following is TRUE regarding the model extraction attack (MEA)? a) MEA can exactly recover any neural network models b) MEA can steal the models in the real-world machine learning as a service c) MEA requires the attacker to know all the details of the model before launching the attack d) MEA attempts to recover the model no matter how many queries need to be submitted to the machine learning as a service. e) MEA requires the attacker to compromise the server of the machine learning as a service to extract the model PART C (40 marks) (final exam will contain 4 questions) Q1 Machine Learning Security. (10 marks) Let’s consider an attacker who attempts to launch the membership inference attack from the machine learning as a service. a) Please explain the attack assumption (2 marks) and the procedure of the membership inference attacks (6 marks) (b) Please explain the reason why MIA can success (1 mark), and name one countermeasure against MIA (1mark) Q2 Searchable symmetric encryption. (10 marks) Assume that a client wants to store her documents to a cloud storage service. Her documents are sensitive and need to be strongly protected. Therefore, she plans to use searchable symmetric encryption to protect her documents while preserving the function of keyword search over encrypted documents. a) Please explain how each algorithm works in searchable symmetric encryption. We consider an SSE scheme with three functions, i.e., setup, token generation, search (4 marks) Page 3 of 4 b) Explain the leakage in SSE (6 marks). Page 4 of 4
欢迎咨询51作业君