Guarantee
Our work “GuaranTEE: Towards Attestable and Private ML with CCA” will appear at EuroMLSys 2024! 🎉
Imperial College London & Brave Software
Our work “GuaranTEE: Towards Attestable and Private ML with CCA” will appear at EuroMLSys 2024! 🎉
Jan 2024: We are looking for a postdoctoral researcher to join us for my EPSRC fellowship. Please see the job ad here https://www.imperial.ac.uk/jobs/description/ENG02969/research-associate-user-centred-systems’-securityprivacy. Deadline : 30 Apr.
The rapid rise in the connected sensors, actuators, and their accompanying applications surrounding us, often collectively referred to as the Internet of Things (IoT) has lead to a growing interest and attention from the governments, the industry, the scientific community amongst other communities. The numerous opportunities presented by the IoT industry, however, often come at the cost of excessive energy usage, or privacy and security threats, in exchange for fine-grained sensing and data analytics. In this post, I advocate for the use of optimisation trade-offs between the utility and value gained from information, the privacy risks and security threats to the data subject, and the cost (e.g., energy and bandwidth) of performing the sensing and analytics. We argue for leveraging the network edge (i.e., the IoT device itself) to support this optimisation process and provide a cooperative framework between the edge and the cloud. Such an architecture will play a pivotal role in protecting the individuals’ privacy, while reducing the cost of the operation and the privacy and security risks.
More and more devices, claiming to make us fitter, stronger, and healthier were flooding the marked over the last couple of years. While those devices started out as mere ‘smart’ pedometers to count our steps during the day and magically transferring the collected data to the cloud for users to view in online dashboards or on their phone. Over the years, additional sensors and metrics, such as sleep quality, heart rate, VOmax or even stress have been added to those smart gadgets. But the question remains: How smart, accurate and suitable are those wearables really?
An increasing number of sensors on mobile, Internet of things (IoT), and wearable devices generate time-series measurements of physical activities. Though access to the sensory data is critical to the success of many beneficial applications such as health monitoring or activity recognition, a wide range of potentially sensitive information about the individuals can also be discovered through access to sensory data and this cannot easily be protected using traditional privacy approaches.
A recent NSF report and a number of security and privacy disasters in the IoT space (see the blog post on Schneier’s blog) highlighted the challenges and opportunities in Edge Computing, leveraging the high processing capabilities and low latency offered at the edge of the network (IoT devices, smartphones, cloudlets) for achieving scalable yet secure and private analytics. Recently we put a few papers on ArXiv, focusing on Privacy-Preserving Analytics using smartphones and constrained devices on the network (such as a Raspberry Pi and Smartphones). I encourage the privacy, machine learning, and mobile computing enthusiasts to read these papers and kindly provide us with any feedback on the analytics which can improve the research efforts in this space.
https://team.inria.fr/magnet/workshop-on-decentralized-machine-learning-optimization-and-privacy/
With constantly evolving hardware and increased competitiveness from manufacturers in the construction of the IoT enabled home, the difficulty in managing and securing the multitude of internet enabled devices at any individual’s disposal is ever greater, with competing applications tailored to manage Bluetooth devices, Wi-Fi Direct or NFC enabled “things”. While the means of connectivity are ever increasing, the lack of a single standard of IoT connectivity as well as the lack of a single interoperability solution difficult consumer adoption of an internet enabled home.
http://www.corporesano.no/eventspersonal-data-systems-workshop-2017pds-2017-program-preliminary/
I will be joining the Dyson School of Design Engineering at Imperial College London from November 2017 as a Senior Lecturer (~Associate Professor) in the Faculty of Engineering. I will be contuing my research in the areas of Networked Systems, Privacy, Sensing, IoT with a stronger focus on building large-scale, user-centred systems. I will be recruiting a number of postdocs this year and PhD students next year. So please keep in touch with me via h.surname@imperial.ac.uk
Attending MobiSys 2017? Please check out our demos on Group sensing Using iBeacon and AppleWatch Sensing and use the open source code on http://www.sensingkit.org
Chris Greenhalgh explains the basic concept of the databox in a few simple slides. See the videos on YouTube:
We have had a lot of interest in some of our recent work: “A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN Clients”, which has just been published at the Privacy Enhancing Technologies Symposium in Philadelphia. We’re delighted this has made a positive impact, with many VPNs announcing fixes to deal with the issues we raised and notified them all months before publishing the paper. However, we wanted to add a few extra comments in light of the statements made in recent days.