Automatic security classification by machine learning for cross-domain information exchange

Hammer, Hugo Lewi; Kongsgard, Kyrre Wahl; Bai, Aleksander; Yazidi, Anis; Nordbotten, Nils Agne; Engelstad, Paal E.

doi:10.1109/milcom.2015.7357672

Cited by 14 publications

(4 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similar studies later reproduced and expanded upon these results [6], [15], [1] by using the complete document contents, multiple securityclassification levels and per-paragraph sensitivity predictions, while the concept of controlled environments was introduced by us in [8].…”

Section: Related Workmentioning

confidence: 72%

See 1 more Smart Citation

Data Leakage Prevention for Secure Cross-Domain Information Exchange

et al. 2017

Self Cite

View full text Add to dashboard Cite

Abstract-Cross-domain information exchange is an increasingly important capability for conducting efficient and secure operations, both within coalitions and within single nations. A data guard is a common cross-domain sharing solution that inspects and validates that the security labels of exported data objects are such that they can be released according to policy. While we see that guard solutions can be implemented with high assurance, we find that obtaining an equivalent level of assurance in the correctness of the security labels easily becomes a hard problem in practical scenarios. Thus, a weakness of the guardbased solution is that there is often limited assurance in the correctness of the security labels. To mitigate this, guards make use of content checkers such as dirty word lists as a means for detecting mislabeled data.To improve the overall security of such cross-domain solutions we investigate more advanced content checkers based on the use of machine learning. Instead of relying on manually specified dirty word lists, we can build data-driven methods that automatically infer the words associated with classified content. However, care must be taken when constructing and deploying these methods as naive implementations are vulnerable to manipulation attacks. In order to provide a better context for performing classification, we monitor the incoming information flow and use the audit trail to construct controlled environments. The usefulness of said deployment scheme is demonstrated using a real collection of classified and unclassified documents.

show abstract

Section: Related Workmentioning

confidence: 72%

“…Estimating the sensitivity for completely new [3], [6], [15] or heavily processed (rewritten, summarized etc.) [8] information on the other hand is more challenging and is better handled using machine learning.…”

Section: Machine Learning-based Content Checkingmentioning

confidence: 99%

Data Leakage Prevention for Secure Cross-Domain Information Exchange

et al. 2017

Self Cite

View full text Add to dashboard Cite

show abstract

“…Redaction is currently the most common method used in day-to-day operations to maintain the confidentiality of words 43,44,45 or documents 46 . While some work has been done on automatic redaction 45 , semi-automatic redaction 43 , and human-assistance tools 44 , there is often a high cost associated with failing to redact something sensitive (i.e., a false negative), making automatic redaction difficult to trust in real-world scenarios.…”

Section: Redactionmentioning

confidence: 99%

Hash the Universe: Differentially Private Text Extraction with Feature Hashing

Fletcher,

Roegiest,

Hudek

2024

Preprint

View full text Add to dashboard Cite

Using artificial intelligence for text extraction can often require handling privacy-sensitive text. To avoid revealing confidential information, data owners and practitioners can use differential privacy, a definition of privacy with provable guarantees. In this work, we show how differential privacy can be applied to feature hashing. Feature hashing is a common technique for handling out-of-dictionary vocabulary, and for creating a lookup table to find feature weights in constant time. One of the special qualities of feature hashing is that all possible features are mapped to a discrete, finite output space. Our proposed technique takes advantage of this fact, and makes hashed feature sets Renyi-differentially private. The technique enables data owners to privatize any model that stores the data-dependent weights in a hash table, and provides protection against inference attacks on the model output. As a case study, we show how we have implemented our technique in commercial software that enables users to train text sequence classifiers on their own documents, and share the classifiers with other users without leaking training data. Results show that even common words can be protected with 0.06, 10^-5)-differential privacy, with only a 1% average reduction in Recall and no change in Precision.

show abstract

“…Redaction is currently the most common method used in day-to-day operations to maintain the confidentiality of words [8,15,39] or documents [23]. While some work has been done on automatic redaction [39], semi-automatic redaction [8], and human-assistance tools [15], there is often a high cost associated with failing to redact something sensitive (i.e., a false negative), making automatic redaction difficult to trust in real-world scenarios.…”

Section: Redactionmentioning

confidence: 99%

Hash the Universe: Differentially Private Text Extraction with Feature Hashing

Fletcher¹,

Roegiest²,

Hudek³

2022

Preprint

View full text Add to dashboard Cite

Using artificial intelligence for text extraction can often require handling privacy-sensitive text. To avoid revealing confidential information, data owners and practitioners can use differential privacy, a definition of privacy with provable guarantees. In this work, we show how differential privacy can be applied to feature hashing.Feature hashing is a common technique for handling out-of-dictionary vocabulary, and for creating a lookup table to find feature weights in constant time. One of the special qualities of feature hashing is that all possible features are mapped to a discrete, finite output space. Our proposed technique takes advantage of this fact, and makes hashed feature sets Renyi-differentially private. The technique enables data owners to privatize any model that stores the data-dependent weights in a hash table, and provides protection against inference attacks on the model output, as well as against linkage attacks directly on the model's hashed features and weights. As a case study, we show how we have implemented our technique in commercial software that enables users to train text sequence classifiers on their own documents, and share the classifiers with other users without leaking training data. Results show that even common words can be protected with (0.06, 10^-5)-differential privacy, with only a 1% average reduction in Recall and no change in Precision.

show abstract

Automatic security classification by machine learning for cross-domain information exchange

Cited by 14 publications

References 7 publications

Data Leakage Prevention for Secure Cross-Domain Information Exchange

Data Leakage Prevention for Secure Cross-Domain Information Exchange

Hash the Universe: Differentially Private Text Extraction with Feature Hashing

Hash the Universe: Differentially Private Text Extraction with Feature Hashing

Contact Info

Product

Resources

About