Keynote Speaker: Ashwin Machanavajjhala


Ashwin Machanavajjhala is an Assistant Professor in the Department of Computer Science, Duke University and an Associate Director at the Information Initiative@Duke (iiD). Previously, he was a Senior Research Scientist in the Knowledge Management group at Yahoo! Research. His primary research interests lie in algorithms for ensuring privacy in databases and augmented reality applications. He is a recipient of the National Science Foundation Faculty Early CAREER award in 2013, and the 2008 ACM SIGMOD Jim Gray Dissertation Award Honorable Mention. Ashwin graduated with a Ph.D. from the Department of Computer Science, Cornell University and a B.Tech in Computer Science and Engineering from the Indian Institute of Technology, Madras.

Keynote Title:  Differential Privacy in the Wild

Abstract: Differential privacy has emerged as an important standard for privacy preserving computation over databases containing sensitive information about individuals. Research on differential privacy spanning a decade has resulted in a variety of privacy preserving algorithms for a number of analysis tasks. Despite maturing research efforts, the adoption of differential privacy by practitioners in industry, academia, or government agencies has so far been rare.

In this talk we identify challenges to the wide adoption of differential privacy, which include a lack of understanding of the semantics of differential privacy for complex data types (beyond tabular data), and a lack of awareness of the state of the art in differentially private algorithm design. I will describe our ongoing work on bridging this gap between the research and practice of differential privacy.


Keynote Speaker: Cyrus Shahabi

Picture1Cyrus Shahabi is a Professor of Computer Science and Electrical Engineering and the Director of the Information Laboratory (InfoLAB) at the Computer Science Department and also the Director of the NSF’s Integrated Media Systems Center (IMSC) at the University of Southern California (USC). He is also the director of Informatics at USC Viterbi School of Engineering. He was the CTO and co-founder of a USC spin-off, Geosemble Technologies, which was acquired in July 2012. Since then, he founded another company, ClearPath (recently rebranded as TallyGo), focusing on predictive path-planning for car navigation systems. He received his B.S. in Computer Engineering from Sharif University of Technology in 1989 and then his M.S. and Ph.D. Degrees in Computer Science from the University of Southern California in May 1993 and August 1996, respectively. He authored two books and more than two hundred research papers in the areas of databases, GIS and multimedia with more than 12 US Patents.

Dr. Shahabi was an Associate Editor of IEEE Transactions on Parallel and Distributed Systems (TPDS) from 2004 to 2009, IEEE Transactions on Knowledge and Data Engineering (TKDE) from 2010-2013 and VLDB Journal from 2009-2015. He is currently on the editorial board of the ACM Transactions on Spatial Algorithms and Systems (TSAS) and ACM Computers in Entertainment. He is the founding chair of IEEE NetDB workshop and also the general co-chair of SSTD’15, ACM GIS 2007, 2008 and 2009. He chaired the nomination committee of ACM SIGSPATIAL for the 2011-2014 terms. He is a PC co-Chair of BigComp’2016 and MDM’2016. In the past, he has been PC co-chair of DASFAA 2015, IEEE MDM 2013 and IEEE BigData 2013, and regularly serves on the program committee of major conferences such as VLDB, ACM SIGMOD, IEEE ICDE, ACM SIGKDD, IEEE ICDM, and ACM Multimedia.

Dr. Shahabi is a fellow of IEEE, and a recipient of the ACM Distinguished Scientist award in 2009, the 2003 U.S. Presidential Early Career Awards for Scientists and Engineers (PECASE), the NSF CAREER award in 2002, and the 2001 Okawa Foundation Research Grant for Information and Telecommunications.


Keynote Title:

Privacy-Preserving Inference of Social Relationships from Location Data

Abstract: For decades, social scientists have been studying people’s social behaviors by utilizing sparse datasets obtained by observations and surveys.  These studies received a major boost in the past decade due to the availability of web data (e.g., social networks, blogs and review web sites). However, due to the nature of the utilized dataset, these studies were confined to behaviors that were observed mostly in the virtual world. Differing from all the earlier work, here, we aim to study social behaviors by observing people’s behaviors in the real world.  This is now possible due to the availability of large high-resolution spatiotemporal location data collected by GPS-enabled mobile devices through mobile apps (Google’s Map/Navigation/Search/Chrome, Facebook, Foursquare, WhatsApp, Twitter) or through online services, such as geo-tagged contents (tweets from Twitter, pictures from Instagram, Flickr or Google+ Photo), etc.

In particular, we focus on inferring two specific social measures: 1) pair-wise strength — the strength of social connections between a pair of users, and 2) pair-wise influence – the amount of influence that an individual exerts on another, by utilizing the available high-fidelity location data representing people’s movements.

Finally, we argue that due to the sensitivity of location data and user privacy concerns, these inferences cannot be largely carried out on individually contributed data without privacy guarantees. Hence, we discuss open problems in protecting individuals’ location information while enabling these inference analyses.

Keynote Speaker: Murat Kantarcioglu


Dr. Murat Kantarcioglu is a Professor of Computer Science and Director of the UTD Data Security and Privacy Lab at The University of Texas at Dallas. He holds a BS in Computer Engineering from Middle East Technical University, and MS and PhD degrees in Computer Science from Purdue University. He is recipient of an NSF CAREER award and a Purdue CERIAS Diamond Award for academic excellence. Currently, he is a visiting scholar at Harvard’s Data Privacy Lab.

Dr. Kantarcioglu’s research focuses on creating technologies that can efficiently extract useful information from any data without sacrificing privacy or security. His research has been supported by awards from NSF, AFOSR, ONR, NSA, and NIH. He has published over 150 peer-reviewed papers. His work has been covered by media outlets such as Boston Globe and ABC News, among others and has received three best paper awards. He is a senior member of both ACM and IEEE.

Keynote Title:

Practical Searchable Encryption Schemes for Secure Information Retrieval

Abstract:  With the advent of cloud computing, outsourcing data to cloud providers is becoming more popular due to the lower cost and increased flexibility. At the same time, concerns related to security of the outsourced data are increasing. To address these concerns, various protocols have been proposed in the literature to outsource data in an encrypted format and execute queries over encrypted data. Oblivious RAM protocols allow access to remote encrypted data without revealing access pattern even to the remote server. Unfortunately, even the most efficient Oblivious RAM protocol is too expensive to be used in most practical applications. Alternatively, a lot of efficient protocols have been proposed in the literature that allow query execution over encrypted data. There are practical Searchable Symmetric Encryption (SSE) techniques that allow keyword search over remote encrypted data. Database-As-a-Service (DAS), on the other hand, allows SQL queries to be executed over remote encrypted data. All these efficient techniques purposefully reveal data access pattern to an adversary for the sake of efficiency.
In this talk, we discuss how an adversary can exploit access pattern disclosure to launch inference attacks against SSE techniques as well as DAS models. Our proposed attack, when used against a SSE technique, can successfully infer a very high percentage of encrypted query words. Similarly, an extended version of such an attack can be used to infer encrypted range queries on DAS models. Our empirical analysis with real world datasets demonstrates that our attacks are highly successful against both SSE techniques and DAS models. Furthermore, we propose an efficient differentially private noise addition based mitigation technique that can thwart these type of attacks successfully. In addition, we talk about how to protect the encryption keys needed for such techniques against cloud base virtual machine attacks.

Keynote Speaker: Frederik Armknecht


Frederik Armknecht is an associate professor for cryptography at the University of Mannheim, Germany. His research interests include cloud security, lightweight cryptography, and security for cyber-physical systems. He has numerous publications on the top conferences in cryptography/IT-security and has been co-author of several patents.
Moreover, he was one of the initiators of TrustED, the international workshop on trustworthy embedded devices. From 2006-2007, he worked as a Research Staff member in the Mobile Internet group at NEC Europe Ltd. in Heidelberg focusing on cryptographic and security issues in various kinds of networks. From 2007-2008, he worked as a postdoc at the Ruhr-University Bochum, Germany where he conducted research on provable security and operating on encrypted data. From 2008-2009, he was an assistant professor at the Ruhr-University Bochum, where he headed the group for cryptographic methods and security models. From 2009-2010, he was a visiting professor at Technische Universität Darmstadt, Germany.

Keynote Title:

Private Information Retrieval from Encrypted Data

One major challenge in the context of private information retrieval is that the data holder has direct access to the requested data. One obvious countermeasure would be to intrinsically conceal the content of the data by encrypting it. But this usually prevents that the data holder who should not know the decryption key can process the data any further. That is, the use of encryption stays in direct conflict to the concept of answering (non-trivial) data requests.

To overcome this gap, several encryption techniques have been proposed in the recent years that protect the content of the data while enabling the data holder to perform certain operations on the encrypted data on behalf of the requesting party. However, generic schemes are too inefficient and are restricted to certain data formats only. Moreover, they usually require that the person who aims to retrieve the data also needs to know the decryption key – an assumption that does not hold in general.

In this talk, we demonstrate that in concrete use cases, alternative approaches may be possible that allow to overcome some of these limitations. The first is a recommendation system that enables a user to request recommendations without revealing his preferences. Its appealing features are conceptual simplicity and high flexibility with respect to supported data types. The second one is motivated by forensic investigations. It enables to perform keyword searches on encrypted data such that the investigator can autonomously decrypt those (and only those) emails that contain these keywords.