Associate Professor Jingrui He is developing computational tools to protect against leaks and/or unauthorized use of sensitive data held and distributed among Department of Homeland Security (DHS) agencies and other parties. Her project, "Privacy-Preserving Analytics for Non-IID Data," has been awarded a three-year, $651,927 grant from the DHS Center for Accelerating Operational Efficiency (CAOE).
Innate risks exist from the unprecedented speed in which large amounts of data can be transferred to outside organizations, and these conditions have had negative consequences for DHS in the past.
"In 2019, a subcontractor working for CBP (DHS Customs and Border Protection) transferred copies of CBP's biometric data, such as traveler images, to its own company network and compromised approximately 184,000 traveler images from CBP's facial recognition pilot," He said. "This later led to a major privacy incident, as the subcontractor's network was subjected to a malicious cyberattack."
According to He, while the huge amount of collected data contains critical information that informs policy and decision making, the potential risks pertaining to sensitive information raise serious concerns regarding the use of such collected data. "It is of great importance to develop privacy-enhancing technologies to mitigate these risks while making effective use of the collected data," she said.
He's work is challenging, because the datasets involved in her research are held by multiple parties and distributed in varying ways. She proposes a two-pronged approach to sharing information while providing privacy protection.
One strategy involves generating synthetic data that mimics the actual data, and then sharing the synthetic information. "Our proposed techniques would guarantee that the parties receiving the synthetic data cannot use the synthetic data to recover the original data," she said.
The other method would create predictive analytics that can be performed for multiple parties via federated learning, in which artificial intelligence models are trained without anyone seeing or touching the data. This offers a means to unlock information to feed new artificial intelligence applications and enjoys the privacy protection because individual parties do not have to share data.
"The agencies holding the actual data will need to use their own data for analysis. But the central server responsible for creating the final predictive model orchestrating the efforts from all agencies will not have access to the actual data. Different agencies do not need to share their own data with each other either," He said.
She envisions several DHS agencies, including the Transportation Security Administration, the Office of Intelligence and Analysis, and the Federal Emergency Management Agency, will make use of the new tools.
He's general research theme is to design, build, and test a suite of automated and semi-automated methods to explore, understand, characterize, and predict real-world data by means of statistical machine learning. She received her PhD in machine learning from Carnegie Mellon University.