privacy attacks practicum
play

Privacy Attacks Practicum Privacy & Fairness in Data Science - PowerPoint PPT Presentation

Jan 15, 2023 •224 likes •677 views

Privacy Attacks Practicum Privacy & Fairness in Data Science CS848 Fall 2019 2 Module 1: Intro to Privacy 1. Privacy Attacks Practicum 2. Differential Privacy 3. Basic Algorithms 4. Designing Complex Algorithms & Composition 3

  1. Privacy Attacks Practicum Privacy & Fairness in Data Science CS848 Fall 2019

  2. 2 Module 1: Intro to Privacy 1. Privacy Attacks Practicum 2. Differential Privacy 3. Basic Algorithms 4. Designing Complex Algorithms & Composition

  3. 3 Outline • Recap Privacy Attacks • Privacy Attack Exercises • Desiderata of Privacy

  4. 4 The Massachusetts Governor Privacy Breach [Sweeney IJUFKS 2002] • Governor of MA •Name •Name uniquely identified •SSN •Address • Zip using ZipCode, •Date •Visit Date • Birth Registered •Diagnosis Birth Date, and Sex. date •Party •Procedure affiliation •Medication Name linked to • Sex •Date last •Total Charge Diagnosis voted Medical Data Voter List

  5. 5 The Massachusetts Governor Privacy Breach [Sweeney IJUFKS 2002] • Governor of MA 87 % of US population •Name •Name uniquely identified •SSN •Address • Zip using ZipCode, •Date •Visit Date • Birth Registered •Diagnosis Birth Date, and Sex. date •Party •Procedure affiliation •Medication • Sex •Date last •Total Charge voted Quasi Medical Data Voter List Identifier

  6. 6 AOL data publishing fiasco

  7. User IDs replaced with random 7 numbers 865712345 Uefa cup 865712345 Uefa champions league 865712345 Champions league final 865712345 Champions league final 2013 236712909 exchangeability 236712909 Proof of deFinitti’s theorem 112765410 Zombie games 112765410 Warcraft 112765410 Beatles anthology 112765410 Ubuntu breeze 865712345 Python in thought 865712345 Enthought Canopy

  8. Privacy Breach 8 [NYTimes 2006]

  9. 9 Your Turn! • Divide into groups of 3 • Attack 4 problems as a group (15 mins)

  10. 10 Problem 1 • Social networks: graphs where each node represents a social entity, and each edge represents certain relationship between two entities • Example: email communication graphs, social interactions like in Facebook, Yahoo! Messenger, etc.

  11. 11 Problem 1 • Anonymized email communication graph • Unfortunately for the email service providers, investigative journalists Alice and Cathy are part of this graph. What can they deduce?

  12. 12 Problem 2 • The email service provider also released perturbed records as per a linear function, but with secret parameters. Node ID Age (perturbed) 1 40 2 34 3 52 4 28 5 48 6 22 7 92 • What can Alice and Cathy deduce now?

  13. 13 Problem 3 • Releasing tables that achieve k-anonymity – At least k records share the same quasi-identifier – E.g. 4-anonymous table by generalization

  14. 14 Problem 3 • 2 tables of k-anonymous patient records Hospital A (4-anonymous) Hospital B (6-anonymous) • If Alice visited both hospitals, can you deduce Alice’s medical condition?

  15. 15 Problem 4

  16. 16 Problem 4 • Publishes tables of counts, for counts that are less than 10, they are suppressed as * • Can you tell their values?

  17. 17 Let’s begin! (15 mins) • Divide into groups of 3 • Attack 3 problems as a group (15 mins) – Each member presents one problem during the discussion

  18. 18 Problem 1: Naïve Anonymization • Auxiliary knowledge: – Alice has sent emails to Bob, Cathy, and Ed – Cathy has sent emails to everyone, except Ed Alice • Only one node has a degree 3 à node 1: Alice

  19. 19 Problem 1: Naïve Anonymization • Auxiliary knowledge: – Alice has sent emails to Bob, Cathy, and Ed – Cathy has sent emails to everyone, except Ed Alice Cathy • Only one node has a degree 5 à node 5: Cathy

  20. 20 Problem 1: Naïve Anonymization • Auxiliary knowledge: – Alice has sent emails to Bob, Cathy, and Ed – Cathy has sent emails to everyone, except Ed Alice Bob Cathy • Alice and Cathy know that only Bob has sent emails to both of them à node 3: Bob

  21. 21 Problem 1: Naïve Anonymization • Auxiliary knowledge: – Alice has sent emails to Bob, Cathy, and Ed – Cathy has sent emails to everyone, except Ed Alice Bob Cathy Ed • Alice has sent emails to Bob, Cathy, and Ed only à node 2 : Ed

  22. 22 Attacks using Background Knowledge • Degrees of nodes [Liu and Terzi, SIGMOD 2008] • The network structure, e.g., a subgraph of the network. [Zhou and Pei, ICDE 2008, Hay et al., VLDB 2008] • Anonymized graph with labeled nodes [Pang et al., SIGCOMM CCR 2006]

  23. 23 Desiderata for a Privacy Definition 1. Resilience to background knowledge – A privacy mechanism must be able to protect individuals’ privacy from attackers who may possess background knowledge

  24. 24

  25. 25 Problem 2: Privacy by Obscurity • Many organization think their data are private because they perturb the data and make the parameters of perturbation secret.

  26. 26 Problem 2: Privacy by Obscurity Node ID Name Age ( 𝜷𝒚 + 𝜸 ) True Age Alice 1 40 25 2 Ed 34 𝜷 = 𝟑, 𝜸 = −𝟐𝟏 3 Bob 52 4 28 5 Cathy 48 29 6 22 7 92

  27. 27 Problem 2: Privacy by Obscurity Node ID Name Age ( 𝜷𝒚 + 𝜸 ) True Age Alice 1 40 25 2 Ed 34 22 𝜷 = 𝟑, 𝜸 = −𝟐𝟏 3 Bob 52 31 4 28 19 5 Cathy 48 29 16 6 22 7 92 51

  28. 28 Desiderata for a Privacy Definition 1. Resilience to background knowledge – A privacy mechanism must be able to protect individuals’ privacy from attackers who may possess background knowledge 2. Privacy without obscurity Attacker must be assumed to know the algorithm used as – well as all parameters [MK15]

  29. 29 Problem 4: Post-processing Counts less than k are suppressed achieving k-anonymity Age #disc White Black Hispani Asian/ Native Other Missing harge c Pcf American s Hlnder #dischar 735 535 82 58 18 * 19 22 ges 1-17 * * * * * * * * 18-44 70 40 13 * * * * * 45-64 330 236 31 32 * * 11 * 65-84 298 229 35 13 * * * * 85+ 34 29 * * * * * *

  30. 30 Problem 4: Post-processing Age #disc White Black Hispani Asian/ Native Other Missing harge c Pcf American s Hlnder 1 #dischar 735 535 82 58 18 19 22 ges 1-17 * * * * * * 3 1 = 535 – 18-44 70 40 13 * * * * * (40+236+229+29) 45-64 330 236 31 32 * * 11 * 65-84 298 229 35 13 * * * * 85+ 34 29 * * * * * *

  31. 31 Problem 4: Post-processing Age #disc White Black Hispani Asian/ Native Other Missing harge c Pcf American s Hlnder 1 #dischar 735 535 82 58 18 19 22 ges 1-17 3 1 [0-2] [0-2] [0-2] [0-2] [0-2] [0-2] 18-44 70 40 13 * * * * * 45-64 330 236 31 32 * * 11 * 65-84 298 229 35 13 * * * * 85+ 34 29 * * * * * *

  32. 32 Problem 4: Post-processing Age #disc White Black Hispani Asian/ Native Other Missing harge c Pcf American s Hlnder 1 #dischar 735 535 82 58 18 19 22 ges 1-17 3 1 [0-2] [0-2] [0-2] [0-2] [0-2] [0-2] 18-44 70 40 13 * * * * * 45-64 330 236 31 32 * * 11 * 65-84 298 229 35 13 * * * * 85+ 34 29 [1-3] * * * * *

  33. 33 Can Construct Tight Bounds on Rest of Data [VSJO 13] Age #disch White Black Hispanic Asian/ Native Other Missing arges Pcf American Hlnder #dischar 735 535 82 58 18 1 19 22 ges 1-17 3 1 [0-2] [0-2] [0-1] [0] [0-1] [0-1] 18-44 70 40 13 [9-10] [0-6] [0] [0-6] [1-8] 45-64 330 236 31 32 [10] [0] 11 [10] 65-84 298 229 35 13 [2-8] [1] [2-8] [4-10] 85+ 34 29 [1-3] [1-4] [0-1] [0] [0-1] [0-1]

  34. 34 Can Construct Tight Bounds on Rest of Data [VSJO 13] Age #disch White Black Hispanic Asian/ Native Other Missing arges Pcf American Hlnder #dischar 735 535 82 58 18 1 19 22 ges 1-17 3 1 [0-2] [0-2] [0-1] [0] [0-1] [0-1] 18-44 70 40 13 [9-10] [0-6] [0] [0-6] [1-8] 45-64 330 236 31 32 [10] [0] 11 [10] 65-84 298 229 35 13 [2-8] [1] [2-8] [4-10] 85+ 34 29 [1-3] [1-4] [0-1] [0] [0-1] [0-1]

  35. 35 Desiderata for a Privacy Definition 1. Resilience to background knowledge – A privacy mechanism must be able to protect individuals’ privacy from attackers who may possess background knowledge 2. Privacy without obscurity Attacker must be assumed to know the algorithm used as – well as all parameters [MK15] 3. Post-processing Post-processing the output of a privacy mechanism must – not change the privacy guarantee [KL10, MK15]

  36. 36 Problem 3: Multiple Releases • 2 tables of k-anonymous patient records [GKS08] Hospital A (4-anonymous) Hospital B (6-anonymous) • Alice is 28 and she visits both hospitals

  37. 37 Problem 3: Multiple Releases • 2 tables of k-anonymous patient records [GKS08] Hospital A (4-anonymous) Hospital B (6-anonymous) • 4-anonymity + 6-anonymity ⇏ k-anonymity , for any k

  38. 38 Desiderata for a Privacy Definition 1. Resilience to background knowledge A privacy mechanism must be able to protect individuals’ privacy – from attackers who may possess background knowledge 2. Privacy without obscurity Attacker must be assumed to know the algorithm used as well as – all parameters [MK15] 3. Post-processing Post-processing the output of a privacy mechanism must not – change the privacy guarantee [KL10, MK15] 4. Composition over multiple releases Allow a graceful degradation of privacy with multiple invocations – on the same data [DN03, GKS08]

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

UL Engage How to set up a UL Practicum What is a UL Practicum? For communities, UL

UL Engage How to set up a UL Practicum What is a UL Practicum? For communities, UL

UL Engage How to set up a UL Practicum What is a UL Practicum? For communities, UL Practicum projects are established in response to community identified needs and are designed and implemented by collaborative teams comprising UL staff,

100 views • 8 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality Welcome user29. (IP address: 131.174.16.131) RU Nijmegen, NL; male german

1.11k views • 58 slides
Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth

Software and Web Security 2 More attacks on Clients: More attacks on Clients: Privacy (Section 7.2.5 on Privacy Attacks) sws2 1 [Peter Steiner,1993] 2 myth reality y y Welcome user29. (IP address: (IP address:

691 views • 50 slides
Implementing Differential Privacy & Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy & Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy & Side-channel attacks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 14 : 590.03 Fall 12 1 Outline Differential Privacy Implementations PINQ: Privacy Integrated Queries [McSherry SIGMOD

1.22k views • 40 slides
Fairness in Machine Learning: Practicum Privacy & Fairness in Data Science CS848 Fall 2019

Fairness in Machine Learning: Practicum Privacy & Fairness in Data Science CS848 Fall 2019

Fairness in Machine Learning: Practicum Privacy & Fairness in Data Science CS848 Fall 2019 Human Decision Making Suppose we want to recommend a movie. Data Decision Maker Decision Jane likes Bollywood musicals. Bob: You should

3.14k views • 26 slides
CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks

CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks

CS525: Who s Your Best Friend? Targeted Privacy Attacks In Location sharing Social Networks Wei Wang ECE Dept. Worcester Polytechnic Institute (WPI) Security and Privacy Problems in the mobile and cloud computing Security and Privacy

608 views • 19 slides
-7 lends Cia ' cat ' print(x) 42 ERROR ! 1 Functions + Scope Function parameters

-7 lends Cia ' cat ' print(x) 42 ERROR ! 1 Functions + Scope Function parameters

http://bit.ly/ds2oo1 practicum 4 Read final project spec for class next week DS 2001:Programming Practicum Fall 2020 Felix Muzny Practicum 4: Lists! Trace the value of x as the given code executes. What is printed by this code x = 4 x DX

405 views • 15 slides
Health Leaders Fellowship Practicum Overview Purpose of the Practicum For fellows to gain

Health Leaders Fellowship Practicum Overview Purpose of the Practicum For fellows to gain

Health Leaders Fellowship Practicum Overview Purpose of the Practicum For fellows to gain hands on experience putting into practice the information and skills gained during the program To work on real campaigns that impact

108 views • 6 slides
Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012

Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012

Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012 Outline Introduction VANETs: an overview VANET privacy - Anonymity - Location Privacy - VPKI Privacy Attacks Countermeasures

703 views • 42 slides
When Encryption is Not Enough Privacy Attacks in Content- Centric Networking ACM ICN 2017 1

When Encryption is Not Enough Privacy Attacks in Content- Centric Networking ACM ICN 2017 1

When Encryption is Not Enough Privacy Attacks in Content- Centric Networking ACM ICN 2017 1 Privacy with IP GET /a/b/c C S RESPONSE: <data> ACM ICN 2017 2 Privacy with IP secure channel GET /a/b/c C S RESPONSE: <data>

386 views • 37 slides
Phonological trends in the lexicon Practicum Michael Becker University of Massachusetts

Phonological trends in the lexicon Practicum Michael Becker University of Massachusetts

Phonological trends in the lexicon Practicum Michael Becker University of Massachusetts Amherst michael.becker@phonologist.org EVELIN 2012 MIT / UNICAMP Campinas, Brazil 1 / 20 Practicum overview Practicum overview Formulating

759 views • 53 slides
Insider attacks and RFID Privacy models Ton van Deursen and Saa Radomirovi c

Insider attacks and RFID Privacy models Ton van Deursen and Saa Radomirovi c

Insider attacks and RFID Privacy models Ton van Deursen and Saa Radomirovi c {ton.vandeursen, sasa.radomirovic}@uni.lu University of Luxembourg Financial support received from the Fonds National de la Recherche (Luxembourg) Ton van Deursen

144 views • 12 slides
Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks Chetan

Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks Chetan

Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks Chetan Kumar, Riazat Ryan, Ming Shao Department of Computer and Information Science, University of Massachusetts, Dartmouth Data Leakage: Limited time

294 views • 27 slides
Preserving Privacy in Social Networks Against Neighborhood Attacks Bin Zhou Jian Pei School of

Preserving Privacy in Social Networks Against Neighborhood Attacks Bin Zhou Jian Pei School of

Preserving Privacy in Social Networks Against Neighborhood Attacks Bin Zhou Jian Pei School of Computing Science, Simon Fraser University 8888 University Drive, Burnaby, B.C., V5A1S6 Canada { bzhou, jpei } @cs.sfu.ca Dell Ed Abstract

278 views • 10 slides
Privacy Leakage Attacks in Browser by Colluding Extensions Presentation by Anil Saini 1 , Manoj

Privacy Leakage Attacks in Browser by Colluding Extensions Presentation by Anil Saini 1 , Manoj

Privacy Leakage Attacks in Browser by Colluding Extensions Presentation by Anil Saini 1 , Manoj Singh Gaur 1 , Vijay Laxmi 1 , Tushar Singhal 1 , Mauro Conti 2 1 Malaviya National Institute of Technology, Jaipur, India 2 University of Padua, Italy

882 views • 58 slides
Types la Milner Benjamin C. Pierce University of Pennsylvania April 2012 Type inference

Types la Milner Benjamin C. Pierce University of Pennsylvania April 2012 Type inference

Types are the leaven of computer programming: they make it digestible. - R. Milner Types la Milner Benjamin C. Pierce University of Pennsylvania April 2012 Type inference Abstract types Types la Milner Types for interaction

637 views • 42 slides
A Method to Compress and Anonymize Packet Traces Markus Peuhkuri 2001-11-02 Abstract Data

A Method to Compress and Anonymize Packet Traces Markus Peuhkuri 2001-11-02 Abstract Data

A Method to Compress and Anonymize Packet Traces Markus Peuhkuri 2001-11-02 Abstract Data volume and privacy issues are one of problems related to large-scale packet capture. Utilizing flow nature of

375 views • 3 slides
Prologue World Association for Medical Law 2019 Annual Congress Recently, many countries are

Prologue World Association for Medical Law 2019 Annual Congress Recently, many countries are

Prologue World Association for Medical Law 2019 Annual Congress Recently, many countries are trying to fully utilize medical records building up in hospitals and clinics. Japanese Effort to Utilize Medical Big Data: In April 2017, the Japanese

299 views • 8 slides
Sharing Multimedia on the Internet and the Impact for Online Privacy Dr. Gerald Friedland

Sharing Multimedia on the Internet and the Impact for Online Privacy Dr. Gerald Friedland

Sharing Multimedia on the Internet and the Impact for Online Privacy Dr. Gerald Friedland Senior Research Scientist International Computer Science Institute Berkeley, CA friedland@icsi.berkeley.edu A Popular Introduction to the Problem 3

550 views • 39 slides
Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Detecting Hoaxes, Frauds and Deception in Writing Style Online Sadia Afroz, Michael Brennan and

Detecting Hoaxes, Frauds and Deception in Writing Style Online Sadia Afroz, Michael Brennan and

Detecting Hoaxes, Frauds and Deception in Writing Style Online Sadia Afroz, Michael Brennan and Rachel Greenstadt Privacy, Security and Automation Lab Drexel University What do we mean by deception? Let me give an example A Gay

906 views • 65 slides
Towards Constraint Logic Programming over Strings for Test Data Generation Sebastian Krings, J.

Towards Constraint Logic Programming over Strings for Test Data Generation Sebastian Krings, J.

Towards Constraint Logic Programming over Strings for Test Data Generation Sebastian Krings, J. Schmidt, P. Skowronek, J. Dunkelau, D. Ehmke Test Data vs. Privacy Software testing needs Personal data should has appropriate test data to be

212 views • 18 slides
Understanding Online Social Network Usage from a Network Perspective Fabian Schneider

Understanding Online Social Network Usage from a Network Perspective Fabian Schneider

Understanding Online Social Network Usage from a Network Perspective Fabian Schneider fabian@net.t-labs.tu-berlin.de Anja Feldmann Balachander Krishnamurthy Walter Willinger Work done while at AT&T LabsResearch

294 views • 26 slides

More recommend