• Publications
  • Influence
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
TLDR
It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine. Expand
Stealing Machine Learning Models via Prediction APIs
TLDR
Simple, efficient attacks are shown that extract target ML models with near-perfect fidelity for popular model classes including logistic regression, neural networks, and decision trees against the online services of BigML and Amazon Machine Learning. Expand
Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures
TLDR
A new class of model inversion attack is developed that exploits confidence values revealed along with predictions and is able to estimate whether a respondent in a lifestyle survey admitted to cheating on their significant other and recover recognizable images of people's faces given only their name. Expand
DupLESS: Server-Aided Encryption for Deduplicated Storage
TLDR
It is shown that encryption for deduplicated storage can achieve performance and space savings close to that of using the storage service with plaintext data. Expand
Message-Locked Encryption and Secure Deduplication
TLDR
The work shows that MLE is a primitive of both practical and theoretical interest, and makes connections with deterministic encryption, hash functions secure on correlated inputs and the sample-then-extract paradigm to deliver schemes under different assumptions and for different classes of message sources. Expand
Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail
TLDR
It is unlikely that bandwidth-efficient, general-purpose TA countermeasures can ever provide the type of security targeted in prior work, and it is shown that nine known countermeasures are vulnerable to simple attacks that exploit coarse features of traffic. Expand
Leakage-Abuse Attacks Against Searchable Encryption
TLDR
This work empirically investigates the security of searchable encryption by providing query recovery and plaintext recovery attacks that exploit these leakage profiles, and presents attack models based on an adversarial server's prior knowledge. Expand
Cross-VM side channels and their use to extract private keys
TLDR
This paper details the construction of an access-driven side-channel attack by which a malicious virtual machine (VM) extracts fine-grained information from a victim VM running on the same physical computer and demonstrates the attack in a lab setting by extracting an ElGamal decryption key from a victims using the most recent version of the libgcrypt cryptographic library. Expand
Peeking Behind the Curtains of Serverless Platforms
TLDR
This work conducts the largest measurement study to date, launching more than 50,000 function instances across AWS Lambda, Azure Functions, and Google Cloud Functions, in order to characterize their architectures, performance, and resource management efficiency. Expand
Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing
TLDR
It is concluded that current DP mechanisms do not simultaneously improve genomic privacy while retaining desirable clinical efficacy, highlighting the need for new mechanisms that should be evaluated in situ using the general methodology introduced by this work. Expand
...
1
2
3
4
5
...