Office Use Only
Semester One 2021
Examination Period
Faculty of Information Technology
EXAM CODES: FIT 5124
TITLE OF PAPER: Advanced Topics in Security
EXAM DURATION: 2 hours 10 minutes
THIS PAPER IS FOR STUDENTS STUDYING AT: (tick where applicable)
□ Caulfield ✔Clayton □ Parkville □ Peninsula
□Monash Extension □ Off Campus Learning □ Malaysia □ Sth Africa
□ Other (specify)
During an exam, you must not have in your possession any item/material that has not been authorised for
your exam. This includes books, notes, paper, electronic device/s, mobile phone, smart watch/device,
calculator, pencil case, or writing on any part of your body. Any authorised items are listed below.
Items/materials on your desk, chair, in your clothing or otherwise on your person will be deemed to be in
your possession.
No examination materials are to be removed from the room. This includes retaining, copying, memorising
or noting down content of exam material for personal use or to share with any other person by any means
following your exam.
Failure to comply with the above instructions, or attempting to cheat or cheating in an exam is a discipline
offence under Part 7 of the Monash University (Council) Regulations, or a breach of instructions under Part
3 of the Monash University (Academic Board) Regulations.
AUTHORISED MATERIALS
OPEN BOOK □ YES ✔ NO
CALCULATORS □ YES ✔ NO
SPECIFICALLY PERMITTED ITEMS □ YES ✔ NO
if yes, items permitted are:
Candidates must complete this section if required to write answers within this paper
STUDENT ID: __ __ __ __ __ __ __ __ DESK NUMBER: __ __ __ __ __
Page 1 of 4
Test contents: 6 questions, 60 marks total.
PART A (10 marks)
TRUE/FALSE questions (final exam will contain 10 questions)
1. The database admin cannot access a database in cleartext, if it is protected by transparent
encryption.
a) True
b) False
2. The attacker can always recover the query keyword in count attack based on the access
pattern.
a) True
b) False
3. In secure multi-party computation (MPC), the attacker cannot infer the information from
the computation results.
a) True
b) False
4. In garbled circuit, each bit of an input will be mapped into a random string.
a) True
b) False
PART B (10 marks)
Single answer questions. (final exam will contain 10 questions)
1. Which of the following is a security service provided by Intel SGX?
a) Keyboard input protection
b) Remote attestation
c) Cryptographic hash functions
d) Encrypted network communications
e) Encoded storage
2. Which of the following is FALSE about arithmetic sharing?
a) Arithmetic sharing is operated on the integer ring
b) Addition in arithmetic sharing is free
c) Multiplication triplets are generated independently without relying on the input data
d) Multiplication over arithmetic shares needs to consume a constant round of
communications between two parties.
e) Multiplication over arithmetic shares cannot support large integers
Page 2 of 4
3. Which of the following is a challenge specifically considered in federated learning (FL)?
a) The server can be compromised by the attacker.
b) Some users produce significantly more data than others.
c) Mobile devices cannot generate the data that FL requires.
d) Mobile devices do not support FL algorithms.
e) Communication between the client and server can be compromised.
4. Which of the following is TRUE regarding the model extraction attack (MEA)?
a) MEA can exactly recover any neural network models
b) MEA can steal the models in the real-world machine learning as a service
c) MEA requires the attacker to know all the details of the model before launching the
attack
d) MEA attempts to recover the model no matter how many queries need to be submitted to
the machine learning as a service.
e) MEA requires the attacker to compromise the server of the machine learning as a service
to extract the model
PART C (40 marks)
(final exam will contain 4 questions)
Q1 Machine Learning Security. (10 marks) Let’s consider an attacker who attempts to launch the
membership inference attack from the machine learning as a service.
a) Please explain the attack assumption (2 marks) and the procedure of the membership
inference attacks (6 marks)
(b) Please explain the reason why MIA can success (1 mark), and name one countermeasure
against MIA (1mark)
Q2 Searchable symmetric encryption. (10 marks) Assume that a client wants to store her
documents to a cloud storage service. Her documents are sensitive and need to be strongly
protected. Therefore, she plans to use searchable symmetric encryption to protect her
documents while preserving the function of keyword search over encrypted documents.
a) Please explain how each algorithm works in searchable symmetric encryption. We consider
an SSE scheme with three functions, i.e., setup, token generation, search (4 marks)
Page 3 of 4
b) Explain the leakage in SSE (6 marks).
Page 4 of 4

欢迎咨询51作业君