ObscureNet

Abstract: In this paper, we introduce ObscureNet, an encoder-decoder architecture that effectively conceals private attributes associated with time series data generated by sensors in IoT devices, while preserving the information content of the original time series. Drawing on conditional generative models and adversarial information factorization, ObscureNet learns latent representations that are invariant to the user-specified private attributes. This allows for modifying the private attributes or generating them rand… Show more

“…The sensitive attributes, like Bob's weight, can be inferred from a few seconds of IMU data using deep learning [11]. Such amount of data is available on sensors and fog devices (e.g., smartwatch and smart hub), whose hardware is performant to carry inferences of sensitive attributes in real-time [11]. Hence, this threat happens on HBC sensor-and fog-layer nodes, during processing of Bob's IMU data (cf.…”

“…After describing critical privacy threats and their conduct in multilayered SPSs, we utilize (1) assets that need protection, (2) target utility metrics, and (3) the computing capabilities of SPS's layers as our criteria to select exemplary PPMs for Prinseps. We identify three types of PPMs that satisfy our criteria while being frequently used by real-world applications [7,11]: machine learning (ML)-, differential privacy (DP)-, and access control (AC)-based PPMs. We showcase how these PPMs address sensitive attributes, private patterns, and invasive queries threats in multilayered SPSs (cf.…”

“…PPM Selection. Among ML-, DP-, and AC-based PPMs, we see that the former fits best to conceal sensitive attributes, as they: (1) work directly on raw data streams (P2), minimizing the information on the sensitive attribute, like weight (P1); and (2) show near real-time performance [11], allowing Prinseps to meet the utility goal related to this threat-low latency. Contrarily, DP-based PPMs target raw data streams by adding noise to query results on such data (cf.…”

“…The AC-based PPMs could, in principle, conceal sensitive attributes by limiting access to parts of raw data, satisfying P1 and P2. Yet, sensitive attributes are embedded in raw data (e.g., gender in the IMU data of Bob) [11], making it difficult to formulate such AC-rules.…”

“…To see how Prinseps can utilize ML-based PPMs, we review one recent PPM-ObscureNet that uses the variational autoencoder (VAE) neural network to transform IMU data, hiding sensitive attributes in near real-time [11]. This PPM reduces the success of inferring a sensitive attribute, like gender, from 90% to 50% while keeping the accuracy of public HAR events, searched by an SPS, above 90%.…”

No One Size (PPM) Fits All: Towards Privacy in Stream Processing Systems

“…The sensitive attributes, like Bob's weight, can be inferred from a few seconds of IMU data using deep learning [11]. Such amount of data is available on sensors and fog devices (e.g., smartwatch and smart hub), whose hardware is performant to carry inferences of sensitive attributes in real-time [11]. Hence, this threat happens on HBC sensor-and fog-layer nodes, during processing of Bob's IMU data (cf.…”

“…After describing critical privacy threats and their conduct in multilayered SPSs, we utilize (1) assets that need protection, (2) target utility metrics, and (3) the computing capabilities of SPS's layers as our criteria to select exemplary PPMs for Prinseps. We identify three types of PPMs that satisfy our criteria while being frequently used by real-world applications [7,11]: machine learning (ML)-, differential privacy (DP)-, and access control (AC)-based PPMs. We showcase how these PPMs address sensitive attributes, private patterns, and invasive queries threats in multilayered SPSs (cf.…”

“…PPM Selection. Among ML-, DP-, and AC-based PPMs, we see that the former fits best to conceal sensitive attributes, as they: (1) work directly on raw data streams (P2), minimizing the information on the sensitive attribute, like weight (P1); and (2) show near real-time performance [11], allowing Prinseps to meet the utility goal related to this threat-low latency. Contrarily, DP-based PPMs target raw data streams by adding noise to query results on such data (cf.…”

“…The AC-based PPMs could, in principle, conceal sensitive attributes by limiting access to parts of raw data, satisfying P1 and P2. Yet, sensitive attributes are embedded in raw data (e.g., gender in the IMU data of Bob) [11], making it difficult to formulate such AC-rules.…”

“…To see how Prinseps can utilize ML-based PPMs, we review one recent PPM-ObscureNet that uses the variational autoencoder (VAE) neural network to transform IMU data, hiding sensitive attributes in near real-time [11]. This PPM reduces the success of inferring a sensitive attribute, like gender, from 90% to 50% while keeping the accuracy of public HAR events, searched by an SPS, above 90%.…”

No One Size (PPM) Fits All: Towards Privacy in Stream Processing Systems

An investigation of the private-attribute leakage in WiFi sensing

PGAN framework for synthesizing sensor data privately