RANYA ALOUFI

I am a PhD student at the Systems and Algorithms Laboratory (SysAL) at Imperial College London advised by Dr. Hamed Haddadi and Dr. David Boyle. My research interests include: Internet of Things (IoT), Data Security & Privacy, Privacy Preserving Technologies (PPTs), Edge AI, Audio Signal Processing, and their intersection. In particular, I am interested in designing and building more effective, secure solutions that enable better use of our digital footprint, while respecting users’ privacy. To protect privacy, it is necessary to understand: (1) what/where information might leak, (2) the constraints of designing protection systems e.g., computational resources and latency requirements, and (3) how to deploy it without compromising the security of these systems. Thus, my contributions can be summarized under three main themes which are:

• Privacy-preserving Representation Learning.
• Privacy-aware Machine Learning for Voice Analytics.
• Trustworthiness and Privacy Preservation.

We start by asking “what are the potential privacy implications of inadvertently leaking personal information or behavior via users’ interaction with their smart devices?”. With advancements in machine learning and predictive analytics, service providers are finding novel new ways to extract value from consumers’ data. For example, we demonstrate the potential for an attacker to correctly infer a target user’s sensitive attributes (e.g., their emotion, gender, or health status) from the output of deep acoustic models (see Emotionless and Disentanglement). To tackle this issue, we propose Emotionless, which aims to filter the affective attributes from the raw speech data before outsourcing it to the cloud-based services for robust analysis. We also think about how to generalize our solution to protect the privacy of multiple user attributes for various scenarios that depend on voice input or speech analysis, enabling various privacy configurations and including the user in the protection loop to have control over their shared data Disentanglement). Unlike other approaches, we consider that privacy preferences and behaviors are subjective and context-dependent with varying attitudes between users, which may even depend on the services (and/or service providers) with which these systems communicate. We, therefore, advocate the principle of configurable privacy. We then introduce EDGY, a configurable, lightweight, disentangled representation learning framework that transforms and filters high-dimensional voice data to identify and contain sensitive attributes at the edge prior to offloading to the cloud. We build EDGY as a composable system to enable configurable privacy and facilitate its deployment on embedded/mobile devices. Finally, we investigates ’what are the challenges to deploy privacy-enhancing technologies in real-world systems concerning security implications?’. Prior works have studied the security and privacy vectors in parallel, and thus it raises an alarm that if a benign user can achieve privacy by privacy-preserving mechanisms, it also means that a malicious user can break security by bypassing the anti-spoofing mechanism. Thus, we take a step towards balancing two seemingly conflicting requirements: security and privacy by devising a unified evaluation framework accounting for both security and privacy may serve as a promising starting point for developing effective countermeasures (see Tandem).

I am always curious to learn more about what new in machine learning techniques and its potential applications to data security and privacy. I also LOVE the hacking world and in my spare time I do ethical hacking using Kali!