Background and motivation: Homomorphic encryptions allow us to perform specific operations directly on encrypted data. Though Fully homomorphic encryptions are still too costly to build practical systems, partially homomorphic encryptions has been leveraged to build database systems supporting SQL queries (CryptDB). While such advances in cryptographic techniques allow us to process directly on encrypted data, programmer friendly and efficient ways of programming data analysis jobs on large data sets, in a distributed fashion are still missing.
Crypsis: In this project we explore data flow analysis and program transformations for Pig Latin, that automatically enable the execution of standard Pig Latin scripts on encrypted data. We avoid fully homomorphic encryption because of its prohibitively high cost; instead, rely on partial homomorphic encryptions and minimal set of computations done by the client. Depending on the user program, we generate multiple encryptions of the same field to support different operations, allow computations to finish on the client side and perform re-encryptions. Our system is able to operate on average with 3 times overhead as compared to the same data analysis job on plain text.
Distributed Real-Time Event Analysis
Security Information and Event Management (SIEM) systems perform complex event processing over a large number of event streams at high rate. As event streams increase in volume and event processing becomes more complex, traditional approaches such as scaling up to more powerful systems quickly become ineffective. We designed and implemented DRES, a distributed, rule-based event evaluation system that can easily scale to process a large volume of non-trivial events. DRES intelligently forwards events across a cluster of nodes to evaluate complex correlation and aggregation rules. This approach enables DRES to work with any rules engine implementation. Our evaluation shows DRES scales linearly to more than 16 nodes, successfully processing more than half a million events per second.