Presentation is loading. Please wait.

Presentation is loading. Please wait.

The End of Anonymity Vitaly Shmatikov. Tastes and Purchases slide 2.

Published byLamar Snipes Modified over 9 years ago

Similar presentations

Presentation on theme: "The End of Anonymity Vitaly Shmatikov. Tastes and Purchases slide 2."— Presentation transcript:

1 The End of Anonymity Vitaly Shmatikov

2 Tastes and Purchases slide 2

3 Social Networks slide 3

4 Health Care and Genetics slide 4

5 Web Tracking slide 5

6 Solution: Anonymity! “… breakthrough technology that uses social graph data to dramatically improve online marketing … "Social Engagement Data" consists of anonymous information regarding the relationships between people” “The critical distinction … between the use of personal information for advertisements in personally-identifiable form, and the use, dissemination, or sharing of information with advertisers in non-personally-identifiable form.” slide 6

7 Phew… slide 7

8 “Privacy-Preserving” Data Release xnxn x n-1  x3x3 x2x2 x1x1 Data “anonymization” “de-identification” “sanitization” Privacy! slide 8

9 Some Privacy Disasters What went wrong? slide 9

10 Data are “anonymized” by removing personally identifying information (PII) – Name, Social Security number, phone number, email, address… what else? Problem: PII has no technical meaning – Defined in disclosure notification laws (if certain information is lost, consumer must be notified) – In privacy breaches, any information can be personally identifying The Myth of the PII slide 10

11 User 1 User 2 User N Item 1Item 2 Item M The Curse of Dimensionality slide 11 Row = user record Column = dimension Thousands or millions of dimensions – Netflix movie ratings: 35,000 – Amazon purchases: 10 7

12 Similarity Netflix Prize dataset: Considering just movie names, for 90% of records there isn’t a single other record which is more than 30% similar Netflix Prize dataset: Considering just movie names, for 90% of records there isn’t a single other record which is more than 30% similar Average record has no “similar” records Sparsity and “Long Tail” slide 12 Fraction of subscribers

13 Global surveillance Phishing Employers, insurers, stalkers, nosy friends Spammers Abusive advertisers and marketers Privacy Threats slide 13

14 User 1 User 2 User N Item 1Item 2 Item M It’s All About the Aux slide 14 No explicit identifiers What can the adversary learn by combining this with auxiliary information? Information available to adversary outside of normal data release process Information available to adversary outside of normal data release process

15 De-anonymizing Sparse Datasets Auxiliary information slide 15

16 De-anonymization Objectives Fix some target record r in the original dataset Goal: learn as much about r as possible Subtler than “identify r in the released dataset” – Don’t fall for the k-anonymity fallacy! Silly example: released dataset contains k copies of each original record – this is k-anonymous! – Can’t identify the “right” record, yet the released dataset completely leaks everything about r slide 16

17 Aux as Noisy Projection slide 17

18 How Much Aux Is Needed? How much does the adversary need to know about a record to find a very similar record in the released dataset? – Under very mild sparsity assumption, O(log N), where N is the number of records What if not enough Aux is available? – Identifying a small number of candidate records similar to the target still reveals a lot of information slide 18

19 De-Anonymization in Practice Sweeney (1998): Massachusetts hospital discharge dataset + voter database Narayanan and Shmatikov (2006): Netflix Prize dataset + IMDb Narayanan and Shmatikov (2009): social networks slide 19

20

21 De-anonymizing the Netflix Dataset 500K users, 18,000 movies 213 dated ratings per user, on average Two is enough to reduce to 8 candidate records Four is enough to identify uniquely (on average) Works even better with relatively rare ratings “The Astro-Zombies” rather than “Star Wars” Long Tail effect: most people watch obscure crap slide 21

22 Exploiting Data Structure slide 22

23 “Jefferson High”: Romantic and Sexual Network Real data! slide 23

24 Phone Call Graphs 2 trillion edges Examples of outsourced call graphs Hungary2.5M nodes France7M nodes India3M nodes 3,000 companies providing wireless services in the U.S 3,000 companies providing wireless services in the U.S slide 24

25 Structural De-anonymization Goal: structural mapping between two graphs For example, Facebook vs. anonymized phone call graph slide 25

26 Winning the IJCNN/Kaggle Social Network Challenge “Anonymized” graph of Flickr used as challenge for a link prediction contest De-anonymization = “oracle” for true answers – 57% coverage – 98% accuracy [Narayanan, Shi, Rubinstein] ? slide 26

27 Social networks – again and again Stylometry (writing style) Location data – De Montjoye et al. (2013): mobility traces from a cell phone carrier - 4 points is enough Credit card transaction meta-data – De Montjoye et al. (2015) – 4 purchases is enough More De-Anonymization slide 27

28 Lesson #1: De-anonymization Is Robust 33 bits of entropy – 6-8 movies, 4-7 friends, etc. Perturbing data to foil de-anonymization often destroys utility We can estimate confidence even without ground truth Accretive and iterative: more de-anonymization  better de-anonymization slide 28

29 PII is info “with respect to which there is a reasonable basis to believe the information can be used to identify the individual.” Lesson #2: “PII” Is Technically Meaningless Any piece of data can be used for re-identification! Narayanan, Shmatikov CACM column, 2010 Narayanan, Shmatikov CACM column, 2010 “blurring of the distinction between personally identifiable information and supposedly anonymous or de-identified information” slide 29

Download ppt "The End of Anonymity Vitaly Shmatikov. Tastes and Purchases slide 2."

Similar presentations

1 Privacy Enhancing Technologies Elaine Shi Lecture 2 Attack slides partially borrowed from Narayanan, Golle and Partridge.

1 Privacy Enhancing Technologies Elaine Shi Lecture 2 Attack slides partially borrowed from Narayanan, Golle and Partridge.
Differentially Private Recommendation Systems Jeremiah Blocki Fall 2009 18739A: Foundations of Security and Privacy.

Differentially Private Recommendation Systems Jeremiah Blocki Fall A: Foundations of Security and Privacy.
De-anonymizing social networks Arvind Narayanan, Vitaly Shmatikov.

De-anonymizing social networks Arvind Narayanan, Vitaly Shmatikov.
Offline & Online Marketing Go Hand in Hand. What?! Not Everything Involves the Web??

Offline & Online Marketing Go Hand in Hand. What?! Not Everything Involves the Web??
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 8 04/04/2011 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 8 04/04/2011 Security and Privacy in Cloud Computing.
Sean Blong Presents: 1. What are they…?  “[…] specific type of information filtering (IF) technique that attempts to present information items (movies,

Sean Blong Presents: 1. What are they…?  “[…] specific type of information filtering (IF) technique that attempts to present information items (movies,
1 Differentially Private Analysis of Graphs and Social Networks Sofya Raskhodnikova Pennsylvania State University.

1 Differentially Private Analysis of Graphs and Social Networks Sofya Raskhodnikova Pennsylvania State University.
UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.

UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.
 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.
COMP 381. Exercise: Data Collection 1.Who are the “fact collectors”? (make a list—be specific) 2.What KINDS of ‘facts’ are stored about you/us? (make.

COMP 381. Exercise: Data Collection 1.Who are the “fact collectors”? (make a list—be specific) 2.What KINDS of ‘facts’ are stored about you/us? (make.
Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.

Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.
Yusuf Simonson Title Suggesting Friends Using the Implicit Social Graph.

Yusuf Simonson Title Suggesting Friends Using the Implicit Social Graph.
Do You Trust Your Recommender? An Exploration of Privacy and Trust in Recommender Systems Dan Frankowski, Dan Cosley, Shilad Sen, Tony Lam, Loren Terveen,

Do You Trust Your Recommender? An Exploration of Privacy and Trust in Recommender Systems Dan Frankowski, Dan Cosley, Shilad Sen, Tony Lam, Loren Terveen,
1 Preserving Privacy in Collaborative Filtering through Distributed Aggregation of Offline Profiles The 3rd ACM Conference on Recommender Systems, New.

1 Preserving Privacy in Collaborative Filtering through Distributed Aggregation of Offline Profiles The 3rd ACM Conference on Recommender Systems, New.
Malicious parties may employ (a) structure-based or (b) label-based attacks to re-identify users and thus learn sensitive information about their rating.

Malicious parties may employ (a) structure-based or (b) label-based attacks to re-identify users and thus learn sensitive information about their rating.
Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Data Privacy.

Privacy Policy, Law and Technology Carnegie Mellon University Fall 2007 Lorrie Cranor 1 Data Privacy.
April 13, 2010 Towards Publishing Recommendation Data With Predictive Anonymization Chih-Cheng Chang †, Brian Thompson †, Hui Wang ‡, Danfeng Yao † †‡

April 13, 2010 Towards Publishing Recommendation Data With Predictive Anonymization Chih-Cheng Chang †, Brian Thompson †, Hui Wang ‡, Danfeng Yao † †‡
Privacy and Networks CPS 96 Eduardo Cuervo Amre Shakimov.

Privacy and Networks CPS 96 Eduardo Cuervo Amre Shakimov.
Privacy-Aware Computing Introduction. Outline  Brief introduction Motivating applications Major research issues  Tentative schedule  Reading assignments.

Privacy-Aware Computing Introduction. Outline  Brief introduction Motivating applications Major research issues  Tentative schedule  Reading assignments.
Structure based Data De-anonymization of Social Networks and Mobility Traces Shouling Ji, Weiqing Li, and Raheem Beyah Georgia Institute of Technology.

Structure based Data De-anonymization of Social Networks and Mobility Traces Shouling Ji, Weiqing Li, and Raheem Beyah Georgia Institute of Technology.

Similar presentations

Ads by Google