FIT5124 Advanced Topics in Security
Unit Revision
Dr Xingliang Yuan
Department of Software Systems and Cybersecurity
Faculty of Information Technology
Monash University
Learning Outcomes
• Identify security and privacy issues in cloud, networked,
and machine learning systems
• Describe the operations of several advanced
cryptosystems and protocols and their underlying
assumptions and applications
• Apply hardware-assisted techniques to design secure
and trustworthy systems
• Explain advanced attacks against cryptosystems and
machine learning systems
• Analyse the strengths and limitations of emerging
cybersecurity technologies
Remarks on Final Exam
• 10 true/false questions
• 10 single-choice questions
• 4 short answers questions
• No calculation questions
• No coding questions
Database and Data Storage
Security
Week 1 Main Points
• Understand why encrypted databases are needed
• Describe why the current practice (transparent encryption) fails
• Interpret the system model and threat assumptions of encrypted
databases
• Explain and apply property-preserving encryption (PPE) to
encrypted databases
– Deterministic encryption, order-preserving encryption
– Mechanism and benefits of onion encryption
– How is an SQL query encrypted and executed?
Week 2 Main Points
• Understand the application scenario of searchable
symmetric encryption (SSE)
– Single keyword search over encrypted documents
• Explain the security model of SSE
– Leakage functions in SSE
– Simulation-based security definition (real and ideal paradigm)
• Interpret the constructions of SSE
• Pros and Cons of SSE
Week 3 Main Points
• Explain the attack assumptions and goals of inference attacks against
property preserving encrypted databases
– Assumption: prior knowledge of the database
– Goal: recovery values in certain attributes of data records
• Describe the methodologies of inference attacks against PPE
– Frequency analysis and LP optimization via leakage in the ciphertexts
• Explain the attack assumptions and goals of leakage-abuse attacks against
searchable symmetric encryption
– Assumption: prior knowledge of the database
– Goal: recovery the query keywords from query tokens
• Describe the methodologies of leakage-abuse attacks against SSE
– Count attack
• Apply countermeasures (padding) to mitigate leakage-abuse attacks
Week 4 Main Points
• Understand the security properties of ORAM
• Describe the definition of ORAM
• Explain the construction of the Path ORAM protocol
– Focus on the running example in the lecture slides
– Present why ORAM can hide access pattern
• Describe how to apply ORAM to searchable encryption
Week 5 Main Points
• List the benefits of secure deduplication in cloud storage
• Understand the security goals of secure deduplication
• Describe the methodology of Convergent Encryption
• Understand the leakage in cross-user deduplication
• Not to be assessed: the server-aided secure
deduplication protocol, and the client-side secure
deduplication protocol
Secure Computation and Its
Application to Privacy-
Preserving Machine Learning
Week 6 Main Points
• Explain the need of secure multiparty computation (MPC)
• Describe the secure goals and limitations of MPC
• Present the methodology of Garbled Circuits and Oblivious Transfer
• Present the methodology of Secure Sharing and Multiplication
Triplet
• Interpret conversion between Yao and Arithmetic Shares
Week 7 Main Points
• Explain how to apply secure multiparty computation (MPC)
techniques to realise privacy-preserving linear regression and neural
network inference
• Describe the two-server model in MPC
• Interpret the architecture of Federated Learning (FL)
– Explain the challenges in FL
• Understand how the FedAvg protocol works in FL
– Explain how each factor in FedAvg affects the performance of FL
• Describe the security guarantees of privacy-preserving machine
learning protocols
Week 8 Main Points
• Understand the security properties of ZKP in the
challenge-response identification protocol
• Describe Schnorr’s ZK ID protocol
• Not to be assessed
– Security analysis of the Schnorr’s ZK ID protocol
– Generalization of ZKP
– Sigma protocols
Attacks and Defenses in
Machine Learning Systems
Week 9 Main Points
• Understand the attack surface of machine learning systems
• Describe the threat assumption of the model extraction attack (MEA)
• Explain the methodologies of MEA and the corresponding countermeasures
– Exact equation solving for LR models
– Training a surrogate model for non-linear models
• Describe the threat assumption of the membership inference attack (MIA)
• Explain the methodologies of MIA and the corresponding countermeasures
– Exploit the overfitting issue to train an attack model via shadow datasets
and models
• Not to be assessed: adversarial machine learning
Week 10 Main Points
• Understand the concept and programming
model of Intel SGX
• Present the threat model and security services
of Intel SGX
– Trusted computing base
– Hardware secrets
– Remote attestation
– Sealed storage
– Memory encryption
Week 11 Main Points
• Understand general side-channel techniques via timing
• Describe memory access side-channels against SGX
• Describe speculative execution side-channels against
SGX
• Understand countermeasures
– Oblivious primitives against memory access side channels
Week 12
• Not to be assessed

欢迎咨询51作业君