ZIDS: A Privacy-Preserving Intrusion Detection System Using Secure Two-Party Computation Protocols

Niksefat, Salman; Sadeghiyan, Babak; Mohassel, Payman; Sadeghian, Seyed Saeed

doi:10.1093/comjnl/bxt019

Cited by 20 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors mention that in case the topology of the SQL formula and the circuit have to be kept private, a generic UC should be utilized. Further applications of PFE given in [53] are evaluation of branching programs on encrypted data [37] and privacy-preserving intrusion detection [56].…”

Section: Applications Of Pfementioning

confidence: 99%

Efficient and Scalable Universal Circuits

et al. 2020

View full text Add to dashboard Cite

A universal circuit (UC) can be programmed to simulate any circuit up to a given size n by specifying its program inputs. It provides elegant solutions in various application scenarios, e.g., for private function evaluation (PFE) and for improving the flexibility of attribute-based encryption schemes. The asymptotic lower bound for the size of a UC is (n log n), and Valiant (STOC'76) provided two theoretical constructions, the so-called 2-way and 4-way UCs (i.e., recursive constructions with 2 and 4 substructures), with asymptotic sizes ∼ 5n log 2 n and ∼ 4.75n log 2 n, respectively. In this article, we present and extend our results published in (Kiss and Schneider EUROCRYPT'16) and (Günther et al. ASIACRYPT'17). We validate the practicality of Valiant's UCs by realizing the 2-way and 4-way UCs in our modular open-source implementation. We also provide an example implementation for PFE using these sizeoptimized UCs. We propose a 2/4-hybrid approach that combines the 2-way and the 4-way UCs in order to minimize the size of the resulting UC. We realize that the bottleneck in universal circuit generation and programming becomes the memory consumption of the program since the whole structure of size O(n log n) is handled by the algorithms in memory. In this work, we overcome this by designing novel scalable algorithms for the UC generation and programming. Both algorithms use only O(n) memory at any point in time. We prove the practicality of our scalable design with a scalable proof-of-concept implementation for generating Valiant's 4-way UC. We note that this can be extended to work with optimized building blocks analogously. Moreover, we substantially improve the size of our UCs by including and implementing the recent optimization of Zhao et al. (ASIACRYPT'19) that reduces the asymptotic size of the 4-way UC to ∼ 4.5n log 2 n. Furthermore, we include their optimization in the implementation of our 2/4-hybrid UC which yields the smallest UC construction known so far.

show abstract

Section: Applications Of Pfementioning

confidence: 99%

Efficient and Scalable Universal Circuits

et al. 2020

View full text Add to dashboard Cite

show abstract

“…In addition, it could be embarrassing for a participant to be pointed out by the third party as a particular weak participant. Niksefat et al [43] designed ZIDS, a clientserver solution for private detection of intrusions. The system consists of an IDS server including sensitive signatures for zero-day attacks and IDS clients for handling sensitive data.…”

Section: Related Workmentioning

confidence: 99%

A fog-based privacy-preserving approach for distributed signature-based intrusion detection

Wang

Meng²,

et al. 2018

Journal of Parallel and Distributed Computing

View full text Add to dashboard Cite

 Users may download and print one copy of any publication from the public portal for the purpose of private study or research.  You may not further distribute the material or use it for any profit-making activity or commercial gain  You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

show abstract

“…One of the first applications for PFE was privacy-preserving checking for credit worthiness [FAZ05], where not only the loanee's data, but also the loaner's function needs to be kept private. PFE allows for running proprietary software on private data, such as privacy-preserving software diagnosis [BPSW07], medical programs [BFK+09], or privacy-preserving intrusion detection [NSMS14]. UCs can be applied to obliviously filter remote streaming data [OI05] and for hiding queries in private database management systems such as Blind Seer [PKV+14,FVK+15].…”

Section: Applications Of Universal Circuitsmentioning

confidence: 99%

More Efficient Universal Circuit Constructions

Günther

Kiss

Schneider

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

A universal circuit (UC) can be programmed to simulate any circuit up to a given size n by specifying its program bits. UCs have several applications, including private function evaluation (PFE). The asymptotical lower bound for the size of a UC is proven to be Ω(n log n). In fact, Valiant (STOC'76) provided two theoretical UC constructions using so-called 2-way and 4-way constructions, with sizes 5n log 2 n and 4.75n log 2 n, respectively. The 2-way UC has recently been brought into practice in concurrent and independent results by Kiss and Schneider (EUROCRYPT'16) and Lipmaa et al. (Eprint 2016/017). Moreover, the latter work generalized Valiant's construction to any k-way UC. In this paper, we revisit Valiant's UC constructions and the recent results, and provide a modular and generic embedding algorithm for any k-way UC. Furthermore, we discuss the possibility for a more efficient UC based on a 3-way recursive strategy. We show with a counterexample that even though it is a promising approach, the 3-way UC does not yield an asymptotically better result than the 4-way UC. We propose a hybrid approach that combines the 2-way with the 4-way UC in order to minimize the size of the resulting UC. We elaborate on the concrete size of all discussed UC constructions and show that our hybrid UC yields on average 3.65% improvement in size over the 2-way UC. We implement the 4-way UC in a modular manner based on our proposed embedding algorithm, and show that our methods for programming the UC can be generalized for any k-way construction.

show abstract

ZIDS: A Privacy-Preserving Intrusion Detection System Using Secure Two-Party Computation Protocols

Cited by 20 publications

References 21 publications

Efficient and Scalable Universal Circuits

Efficient and Scalable Universal Circuits

A fog-based privacy-preserving approach for distributed signature-based intrusion detection

More Efficient Universal Circuit Constructions

Contact Info

Product

Resources

About