Privacy Against Statistical Matching: Inter-User Correlation

Takbiri, Nazanin; Houmansadr, Amir; Goeckel, Dennis; Pishro-Nik, Hossein

doi:10.1109/isit.2018.8437352

Cited by 13 publications

(13 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Now, given the fact that all P (l) 's are outside of H (n) , we prove P n s l=2 D P (1) , P (l) Π ≤ ∆ n → 0. We show that P (l) Π 's are close to P (l) 's, and as a result, they will be outside of F (n) .…”

Section: • Secondmentioning

confidence: 74%

See 1 more Smart Citation

Privacy of Dependent Users Against Statistical Matching

Takbiri¹,

Houmansadr

Goeckel³

et al. 2020

IEEE Trans. Inform. Theory

Self Cite

View full text Add to dashboard Cite

Modern applications significantly enhance user experience by adapting to each user's individual condition and/or preferences. While this adaptation can greatly improve a user's experience or be essential for the application to work, the exposure of user data to the application presents a significant privacy threat to the users-even when the traces are anonymized-since the statistical matching of an anonymized trace to prior user behavior can identify a user and their habits. Because of the current and growing algorithmic and computational capabilities of adversaries, provable privacy guarantees as a function of the degree of anonymization and obfuscation of the traces are necessary. Our previous work has established the requirements on anonymization and obfuscation in the case that data traces are independent between users. However, the data traces of different users will be dependent in many applications, and an adversary can potentially exploit such. In this paper, we consider the impact of dependency between user traces on their privacy. First, we demonstrate that the adversary can readily identify the association graph of the obfuscated and anonymized version of the data, revealing which user data traces are dependent. Next, we demonstrate that the adversary can use this association graph to break user privacy with significantly shorter traces than in the case of independent users, and that obfuscating data traces independently across users is often insufficient to remedy such leakage. Finally, we discuss how users can improve privacy by employing joint obfuscation that removes or reduces the data dependency.

show abstract

Section: • Secondmentioning

confidence: 74%

“…In the next step, we prove P n s l=2 D P (1) , P (l) Π ≤ ∆ n → 0. Note that for all groups other than Group 1, we have…”

Section: Proof Of Theoremmentioning

confidence: 91%

Privacy of Dependent Users Against Statistical Matching

Takbiri¹,

Houmansadr

Goeckel³

et al. 2020

IEEE Trans. Inform. Theory

Self Cite

View full text Add to dashboard Cite

show abstract

“…In [5], [6], a comprehensive analysis of the asymptotic (in the length of the time series) optimal matching of time series to source distributions is presented in a non-Bayesian setting, where the number of users is a fixed, finite value. In contrast, we have adopted a Bayesian setting in [7]- [10], where a powerful adversary is assumed to have accurate prior distributions for user behavior through past observations or other sources. We consider the length of observations available to the adversary that guarantee privacy, or, conversely, the Nazanin Takbiri and Minting Chen contributed equally to this work.…”

Section: Introductionmentioning

confidence: 99%

Asymptotic Privacy Loss Due to Time Series Matching of Dependent Users

et al. 2021

Self Cite

View full text Add to dashboard Cite

The Internet of Things (IoT) promises to improve user utility by tuning applications to user behavior, but revealing the characteristics of a user's behavior presents a significant privacy risk. Our previous work has established the challenging requirements for anonymization to protect users' privacy in a Bayesian setting in which we assume a powerful adversary who has perfect knowledge of the prior distribution for each user's behavior. However, even sophisticated adversaries do not often have such perfect knowledge; hence, in this paper, we turn our attention to an adversary who must learn user behavior from past data traces of limited length. We also assume there exists dependency between data traces of different users, and the data points of each user are drawn from a normal distribution. Results on the lengths of training sequences and data sequences that result in a loss of user privacy are presented.

show abstract

“…friends, relatives), and the adversary can potentially exploit such. In [20], [21], we extended the results of [16], [17] to the case where users are dependent and the adversary knows only the structure of the association graph, i.e., whether each pair of users are linked. As expected, the knowledge of the dependency graph results in a significant degradation in privacy [16], [17].…”

Section: Introductionmentioning

confidence: 99%

Asymptotic Loss in Privacy due to Dependency in Gaussian Traces

Takbiri

Soltani

Goeckel

et al. 2019

2019 IEEE Wireless Communications and Networking Conference (WCNC)

Self Cite

View full text Add to dashboard Cite

The rapid growth of the Internet of Things (IoT) necessitates employing privacy-preserving techniques to protect users' sensitive information. Even when user traces are anonymized, statistical matching can be employed to infer sensitive information. In our previous work, we have established the privacy requirements for the case that the user traces are instantiations of discrete random variables and the adversary knows only the structure of the dependency graph, i.e., whether each pair of users is connected. In this paper, we consider the case where data traces are instantiations of Gaussian random variables and the adversary knows not only the structure of the graph but also the pairwise correlation coefficients. We establish the requirements on anonymization to thwart such statistical matching, which demonstrate the significant degree to which knowledge of the pairwise correlation coefficients further significantly aids the adversary in breaking user anonymity.

show abstract

Privacy Against Statistical Matching: Inter-User Correlation

Cited by 13 publications

References 18 publications

Privacy of Dependent Users Against Statistical Matching

Privacy of Dependent Users Against Statistical Matching

Asymptotic Privacy Loss Due to Time Series Matching of Dependent Users

Asymptotic Loss in Privacy due to Dependency in Gaussian Traces

Contact Info

Product

Resources

About