Protecting Individual Information Against Inference Attacks in Data Publishing

Li, Chen; Shirani-Mehr, Houtan; Yang, Xiaochun

doi:10.1007/978-3-540-71703-4_37

Cited by 24 publications

(13 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this study, we consider the inference attack [3] as the targeted threat model. As described above, we consider that each user has two types of data: i) public data (e.g., her activity data) that she is willing to release for getting personalized recommendations, and ii) private data (e.g., gender) that she wants to keep private.…”

Section: Threat Modelmentioning

confidence: 99%

“…For example, one's political affiliation can be inferred from her rating of TV shows [1]; one's gender can be inferred from her activities on location-based social networks [2]. These studies show that private data often suffers from inference attacks [3], where an adversary analyzes a user's public data to illegitimately gain knowledge about her private data. It is thus crucial to protect user private data when releasing public data to recommendation engines.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Privacy-Preserving Social Media Data Publishing for Personalized Ranking-Based Recommendation

Yang

Cudré-Mauroux

2019

IEEE Trans. Knowl. Data Eng.

View full text Add to dashboard Cite

Personalized recommendation is crucial to help users find pertinent information. It often relies on a large collection of user data, in particular users' online activity (e.g., tagging/rating/checking-in) on social media, to mine user preference. However, releasing such user activity data makes users vulnerable to inference attacks, as private data (e.g., gender) can often be inferred from the users' activity data. In this paper, we proposed PrivRank, a customizable and continuous privacy-preserving social media data publishing framework protecting users against inference attacks while enabling personalized ranking-based recommendations. Its key idea is to continuously obfuscate user activity data such that the privacy leakage of user-specified private data is minimized under a given data distortion budget, which bounds the ranking loss incurred from the data obfuscation process in order to preserve the utility of the data for enabling recommendations. An empirical evaluation on both synthetic and real-world datasets shows that our framework can efficiently provide effective and continuous protection of user-specified private data, while still preserving the utility of the obfuscated data for personalized ranking-based recommendation. Compared to state-of-the-art approaches, PrivRank achieves both a better privacy protection and a higher utility in all the ranking-based recommendation use cases we tested.

show abstract

Section: Threat Modelmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Privacy-Preserving Social Media Data Publishing for Personalized Ranking-Based Recommendation

Yang

Cudré-Mauroux

2019

IEEE Trans. Knowl. Data Eng.

View full text Add to dashboard Cite

show abstract

“…A simple example is the selling of user information to marketing companies. In short, there is no guarantee that third-party applications are benign, and that they use user data in accordance to the purpose of the applications [4]. While the above problem has to do with the misuse of legitimately accessible information, this work is instead about an even more challenging problem: i.e., through the extension API, malicious applications may obtain some private information for which they are not authorized.…”

Section: Proposed Systemmentioning

confidence: 99%

A Mechanism to Preserve Private Data in Social Networking System

Vidyadharan¹,

Karthigha²,

Thomas³

2015

IJCA

View full text Add to dashboard Cite

Social Networking System (SNS) like Facebook and Twitter have gained more popularity in this new era. It allows millions of individuals to create online profiles and share their personal information with vast networks of friend's. SNS allows third party extensions to access the users' information through Application Programming Interface (API). Since millions of users are using these sites it will lead to privacy problems and leakage of private information. This leakage happens without the knowledge of user, which leads to security problems like identity theft and phishing attack. Unknown user taking the information without our knowledge is called inference attack. This paper uses a permission based protection mechanism which limits the direct access of user data. Once an extension is certified by the user to access data from users' profile, then there is no more control on how it uses the data. Third party application can be built on trusted or un-trusted server. If it is an un-trusted server it will lead to inference attack and malicious user may use the information for unintended purposes and our data will be at risk. The main objective of this project is to enable the security access control scheme against inference attack.

show abstract

“…More precisely, Kifer has introduced the deFinetti attack [5] that aims at building a classifier predicting the sensitive attribute corresponding to a set of non-sensitive attributes. Finally, we refer the reader to [7] for a study evaluating the usefulness of some privacy-preserving techniques for preventing inference attacks.…”

Section: Background and Related Workmentioning

confidence: 99%

Reconstruction Attack through Classifier Analysis

Gambs

Gmati

Hurfin

2012

Data and Applications Security and Privacy XXVI

View full text Add to dashboard Cite

In this paper, we introduce a novel inference attack that we coin as the reconstruction attack whose objective is to reconstruct a probabilistic version of the original dataset on which a classifier was learnt from the description of this classifier and possibly some auxiliary information. In a nutshell, the reconstruction attack exploits the structure of the classifier in order to derive a probabilistic version of dataset on which this model has been trained. Moreover, we propose a general framework that can be used to assess the success of a reconstruction attack in terms of a novel distance between the reconstructed and original datasets. In case of multiple releases of classifiers, we also give a strategy that can be used to merge the different reconstructed datasets into a single coherent one that is closer to the original dataset than any of the simple reconstructed datasets. Finally, we give an instantiation of this reconstruction attack on a decision tree classifier that was learnt using the algorithm C4.5 and evaluate experimentally its efficiency. The results of this experimentation demonstrate that the proposed attack is able to reconstruct a significant part of the original dataset, thus highlighting the need to develop new learning algorithms whose output is specifically tailored to mitigate the success of this type of attack.

show abstract

Protecting Individual Information Against Inference Attacks in Data Publishing

Cited by 24 publications

References 16 publications

Privacy-Preserving Social Media Data Publishing for Personalized Ranking-Based Recommendation

Privacy-Preserving Social Media Data Publishing for Personalized Ranking-Based Recommendation

A Mechanism to Preserve Private Data in Social Networking System

Reconstruction Attack through Classifier Analysis

Contact Info

Product

Resources

About