IMR:MM-1B: New directions in Privacy-Preserving Telemetry

IMR:MM-1B：隐私保护遥测的新方向

基本信息

批准号：
2220450
负责人：
Rafail Ostrovsky
金额：
$ 60万
依托单位：
University of California-Los Angeles
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2022
资助国家：
美国
起止时间：
2022-09-01 至 2025-08-31
项目状态：
未结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=2220450&HistoricalAwards=false
关键词：
IMR MM 1B New directions

项目摘要

Almost all modern-day devices are connected to the internet. Home appliances, smart watches, phones, cars, industrial tools, and even body weight scales are connected. For example, Samsung Smart TV reports back to Samsung every choice and every click that a consumer makes as well as the duration that a consumer watches any program. Internet browsers collect user browsing data. Internet Service Providers collect user IP access data. The torrent of data collected is typically used to improve user experience, service, and target advertisements. However, collection of ever more intrusive data regarding each individual consumer or organization comes at the price of tremulous invasion of privacy, and increases the risk that the data collected can be harvested for other (unintended) purposes, such as counter-intelligence, political campaigns, as well as identity theft and other criminal activity. How do we allow organizations to collect aggregate statistics regarding streaming data without violating individual consumer privacy?This research aims to explore novel ways to compute aggregate statistics on streaming data in a privacy-preserving way, extending systems such as PRIO, PRIO+, and Poplar. The framework is that users or devices send their data in a secret-shared way to two servers which then communicate with each other to compute telemetry data while not revealing (to each other or anyone else) users’ individual data. This approach was adopted, for example, by the Firefox browser in a Mozilla project titled “Origin Telemetry”. The goals of this research are to explore even more efficient methods to privately compute telemetry data in this setting by exploring how to generalize streaming algorithms (without privacy) that were pioneered by Alon, Matias, and Szegedy to streaming algorithms with privacy. More specifically, can we compute frequency moments in a privacy-preserving and efficient manner by two servers receiving a (secret-shared) stream? While this seems like a very specialized question, it is, in fact, generalizable, as shown by the PI in the paper titled “Zero-One Frequency Laws”. This brings us to the even more interesting question: how to classify all functions that can be privately computed over streaming secret-shared data in one pass and with poly-logarithmic memory. Our goal is to provide new tools for the questions of privacy-preserving analysis of streaming large volume data, specifically called out in section MM-1B of the NSF Internet Measurement Research call for proposals. If successful, our methods will allow large-scale and efficient computation of all aggregate statistics that can be computed in small memory in a privacy-preserving way. This project will also advance the state-of-the-art performance of MPC on streaming data to Internet-size streaming computations. Lastly, our proposal calls for robust training of graduate and undergraduate students, including actively seeking minorities and female students to enter cryptographic research.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

几乎所有现代设备都连接到互联网。连接家用电器，智能手表，电话，汽车，工业工具，甚至体重尺度。例如，三星智能电视向三星报告了每一个选择，以及消费者所做的每次点击以及消费者观看任何程序的持续时间。互联网浏览器收集用户浏览数据。互联网服务提供商收集用户IP访问数据。收集的数据洪流通常用于改善用户体验，服务和目标广告。但是，收集有关每个消费者或组织的越来越侵入性数据的收集是以巨大侵犯隐私的代价，并增加了可以为其他（意外）目的收集收集的数据的风险，例如反智能，政治运动，以及身份盗窃和其他犯罪活动。我们如何允许组织在不违反个人消费者隐私的情况下收集有关流数据的汇总统计信息？该研究旨在探索新颖的方法，以保护隐私的方式计算流式传输数据的汇总统计信息，从而扩展了PRIO，PRIO+和POPLAR等系统。框架是用户或设备以秘密共享的方式将其数据发送给两个服务器，然后彼此通信以计算遥测数据，同时又没有透露（彼此或其他任何人）用户的个人数据。例如，Firefox浏览器在一个名为“ Origin Telemetry”的Mozilla项目中采用了这种方法。这项研究的目标是通过探索如何概括由Alon，Matias和Szegedy策划的流媒体算法（无隐私）来探索在此环境中私下计算遥测数据的更有效方法，以使用隐私来流式流算法。更具体地说，我们可以通过两台接收（秘密）流的服务器以隐私和高效的方式计算频率矩？虽然这似乎是一个非常专业的问题，但实际上，这是可以推广的，如PI所示，题为“零频法”。这使我们提出了一个更有趣的问题：如何在一个通行证中并使用多元素内存来分类可以通过流媒体共享数据私下计算的所有功能。我们的目标是为流式传输大量数据的隐私性分析提供新工具，在NSF Internet测量研究的MM-1B节中特别提出了提议的建议。如果成功的话，我们的方法将允许对所有汇总统计信息进行大规模，有效的计算，这些统计数据可以以隐私保护方式以较小的内存计算。该项目还将将MPC在流数据上的最新性能推进到Internet大小的流式计算中。最后，我们的建议要求对研究生和本科生进行强有力的培训，包括积极寻求少数群体和女学生进入加密研究。该奖项反映了NSF的法定任务，并被认为是通过基金会的智力优点和更广泛的影响来通过评估来获得的支持。