A fast-growing number of enterprises and organizations have outsourced their security analytics tasks to external managed security service providers (MSSPs) for security monitoring and threat detection. However, such cost-effective and reliable security solutions currently request their service tenants to continuously outsource their large-scale and disparate datasets. This project tackles the privacy risks in such security analytics outsourcing services with rigorous privacy guarantees.
This project aims to create a new paradigm of privacy preserving data analysis to privately perform real-time anomaly detection on both structured and unstructured data (e.g., network traffic, surveillance videos, system logs, and emails). The main goal is to fundamentally advance differential privacy and secure multiparty computation in this new context of privacy preserving security analytics. To this end, we propose novel differential privacy mechanisms and secure multiparty computation protocols, explore provable privacy guarantees with theoretical studies, and deploy the privacy preserving techniques in scalable real-time systems. After addressing the fundamental challenges for mitigating privacy risks in a wide variety of data and applications while ensuring high utility and efficiency, the expected research results can be leveraged to many other online monitoring and analysis applications. This project also integrates the research and education at intersections of privacy, security and data analysis. It develops a comprehensive educational and outreach program, including cybersecurity workforce training, educational materials development and distribution, K-12 outreach, and research dissemination to broader communities.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.