Presentation is loading. Please wait.

Presentation is loading. Please wait.

The world’s libraries. Connected. Managing your Private and Public Data: Bringing down Inference Attacks against your Privacy Group Meeting in 2015.

Published byAmanda Goodwin Modified over 8 years ago

Similar presentations

Presentation on theme: "The world’s libraries. Connected. Managing your Private and Public Data: Bringing down Inference Attacks against your Privacy Group Meeting in 2015."— Presentation transcript:

1 The world’s libraries. Connected. Managing your Private and Public Data: Bringing down Inference Attacks against your Privacy Group Meeting in 2015

2 The world’s libraries. Connected. Interested Papers Salman Salamatian, Amy Zhang, Flávio du Pin Calmon, Sandilya Bhamidipati, Nadia Fawaz, Branislav Kveton, Pedro Oliveira, Nina Taft: Managing Your Private and Public Data: Bringing Down Inference Attacks Against Your Privacy. J. Sel. Topics Signal Processing 9(7): 1240-1255 (2015) Stratis Ioannidis, Andrea Montanari, Udi Weinsberg, Smriti Bhagat, Nadia Fawaz, Nina Taft: Privacy tradeoffs in predictive analytics. SIGMETRICS 2014: 57-69 Group Meeting in 2015

3 The world’s libraries. Connected. Background (1) Online users are routinely asked to provide feedback about their preferences and tastes Group Meeting in 2015

4 The world’s libraries. Connected. Motivation (1) Public data  such data enables useful services  such attributes ate rarely considered private Private data  such as income level, political affiliation..... Group Meeting in 2015 Inference attack: adversary can learn user’s private data from the public information

5 The world’s libraries. Connected. Motivation (2) Inference threats from user data is everywhere Group Meeting in 2015 Narayanan et al. show that disclosure of movie ratings can lead to full de- anonymization Kosinski et al. show that several personality traits, including political views, sexual orientation, and drug use can be accurately predicted from Facebook " "likes" Weinsberg et al. show that gender can be inferred from movie ratings with close to 80% accuracy

6 The world’s libraries. Connected. Problem Definition How can a user release her public data, but is able to prevent against inference attacks that may learn her private data from the public information? Group Meeting in 2015

7 The world’s libraries. Connected. Method Distorting data prior to its release to an untrusted analyst Distortion vs. estimation accuracy tradeoffs X X Y Y Y Y f(X) A distortion Mutual information < threshold Public data Private data Group Meeting in 2015

8 The world’s libraries. Connected. Content Filtering Approach (2) should render:  Any statistical inference of A based on the observation of harder  Preserves some utility to the released data Group Meeting in 2015 This can be modeled by a constraint on the average distortion

9 The world’s libraries. Connected. Threat Model (1) : the vector of personal attributes that the user wants to keep private : the vector of data he is willing to make public : the sets from which A and B can assume values Group Meeting in 2015 A are linked to B by p A, B Release a distorted version of B, denoted : privacy-preserving mapping

10 The world’s libraries. Connected. Threat Model (2) Group Meeting in 2015 Step 1: prior to observing, the adversary chooses a belief on the data A   The belief q is obtained by minimizing an expected cost function Step 2: after observing, the adversary update his inference method by minimizing

11 The world’s libraries. Connected. Threat Model (3) Group Meeting in 2015 The average cost gain by the adversary after observing Goal: minimize thus gain. Perfect privacy: How to compute the gain ?

12 The world’s libraries. Connected. Preparation Group Meeting in 2015 The self information (or log-loss) cost function is given by Explanation Differential entropy Hence, for the minimum q

13 The world’s libraries. Connected. Preparation Group Meeting in 2015 The self information (or log-loss) cost function is given by Differential entropy Explanation Hence, for the minimum q H(A | )

14 The world’s libraries. Connected. Preparation Group Meeting in 2015 Combine Hence H(A | ) = H(A) −H(A | ) = H(A, ) − H( ) Moreover

15 The world’s libraries. Connected. Threat Model (2) Hence Group Meeting in 2015 I(A, B’) = H(A) + H(B’) – H(A, B’) = H(A) + H(B’) – (H(A | B’) + H(B’)) = H(A) – H(A | B’) d

16 The world’s libraries. Connected. Privacy-Accuracy Framework Group Meeting in 2015 Since Substitute the above equation into the definition of Denote:

17 The world’s libraries. Connected. Motivation (1) Group Meeting in 2015

18 The world’s libraries. Connected. Practical challenges Group Meeting in 2015 Challenge 1: Mismatched prior  Prior distribution is as input a. Often the true prior distribution is not available b. Only a limited set of samples of the private and public data can be observed Privacy non-conscious Challenge 2: Large data  Designing the mapping requires characterizing the value of for all possible pairs

19 The world’s libraries. Connected. Solve the First Challenge is a good estimate of Group Meeting in 2015 Inference attack: adversary can learn user’s private data from the public information

20 The world’s libraries. Connected. Solve the First Challenge Bound on the probability of being large Group Meeting in 2015

21 The world’s libraries. Connected. Solve the Second Challenge Step 1: quantization step maps the symbols in alphabet representative examples in a smaller alphabet Group Meeting in 2015 Step 2: we learn a privacy-preserving mapping on the new alphabet, where Step 3: the symbols in are mapped to the representative examples based on the learned mapping

22 The world’s libraries. Connected. Preparation Group Meeting in 2015

23 The world’s libraries. Connected. Threat Model (3) Group Meeting in 2015 The joint probability distribution over A and C is defined as where b ∼ c means that the symbol b is in the cluster represented by center c The symbols in are mapped to according to where is a function that maps a symbol in B to a cluster center in C

24 The world’s libraries. Connected. Threat Model (3) Group Meeting in 2015

Download ppt "The world’s libraries. Connected. Managing your Private and Public Data: Bringing down Inference Attacks against your Privacy Group Meeting in 2015."

Similar presentations

Answering Approximate Queries over Autonomous Web Databases Xiangfu Meng, Z. M. Ma, and Li Yan College of Information Science and Engineering, Northeastern.

Answering Approximate Queries over Autonomous Web Databases Xiangfu Meng, Z. M. Ma, and Li Yan College of Information Science and Engineering, Northeastern.
Technische Universität Ilmenau CCSW 2013 Sander Wozniak

Technische Universität Ilmenau CCSW 2013 Sander Wozniak
Protecting Location Privacy: Optimal Strategy against Localization Attacks Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux,

Protecting Location Privacy: Optimal Strategy against Localization Attacks Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux,
1 ECE 776 Project Information-theoretic Approaches for Sensor Selection and Placement in Sensor Networks for Target Localization and Tracking Renita Machado.

1 ECE 776 Project Information-theoretic Approaches for Sensor Selection and Placement in Sensor Networks for Target Localization and Tracking Renita Machado.
Differentially Private Recommendation Systems Jeremiah Blocki Fall 2009 18739A: Foundations of Security and Privacy.

Differentially Private Recommendation Systems Jeremiah Blocki Fall A: Foundations of Security and Privacy.
Object Specific Compressed Sensing by minimizing a weighted L2-norm A. Mahalanobis.

Object Specific Compressed Sensing by minimizing a weighted L2-norm A. Mahalanobis.
CHAPTER 8 More About Estimation. 8.1 Bayesian Estimation In this chapter we introduce the concepts related to estimation and begin this by considering.

CHAPTER 8 More About Estimation. 8.1 Bayesian Estimation In this chapter we introduce the concepts related to estimation and begin this by considering.
Rutgers CS440, Fall 2003 Review session. Rutgers CS440, Fall 2003 Topics Final will cover the following topics (after midterm): 1.Uncertainty & introduction.

Rutgers CS440, Fall 2003 Review session. Rutgers CS440, Fall 2003 Topics Final will cover the following topics (after midterm): 1.Uncertainty & introduction.
ECE 8443 – Pattern Recognition LECTURE 05: MAXIMUM LIKELIHOOD ESTIMATION Objectives: Discrete Features Maximum Likelihood Resources: D.H.S: Chapter 3 (Part.

ECE 8443 – Pattern Recognition LECTURE 05: MAXIMUM LIKELIHOOD ESTIMATION Objectives: Discrete Features Maximum Likelihood Resources: D.H.S: Chapter 3 (Part.
Christopher Dougherty EC220 - Introduction to econometrics (chapter 7) Slideshow: exercise 7.5 Original citation: Dougherty, C. (2012) EC220 - Introduction.

Christopher Dougherty EC220 - Introduction to econometrics (chapter 7) Slideshow: exercise 7.5 Original citation: Dougherty, C. (2012) EC220 - Introduction.
Robust Allocation of a Defensive Budget Considering an Attacker’s Private Information Mohammad E. Nikoofal and Jun Zhuang Presenter: Yi-Cin Lin Advisor:

Robust Allocation of a Defensive Budget Considering an Attacker’s Private Information Mohammad E. Nikoofal and Jun Zhuang Presenter: Yi-Cin Lin Advisor:
1 In-Network PCA and Anomaly Detection Ling Huang* XuanLong Nguyen* Minos Garofalakis § Michael Jordan* Anthony Joseph* Nina Taft § *UC Berkeley § Intel.

1 In-Network PCA and Anomaly Detection Ling Huang* XuanLong Nguyen* Minos Garofalakis § Michael Jordan* Anthony Joseph* Nina Taft § *UC Berkeley § Intel.
Sérgio Pequito Phd Student

Sérgio Pequito Phd Student
Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)

Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)
1 Distributed Online Simultaneous Fault Detection for Multiple Sensors Ram Rajagopal, Xuanlong Nguyen, Sinem Ergen, Pravin Varaiya EECS, University of.

1 Distributed Online Simultaneous Fault Detection for Multiple Sensors Ram Rajagopal, Xuanlong Nguyen, Sinem Ergen, Pravin Varaiya EECS, University of.
Cumulative Violation For any window size  t  Communication-Efficient Tracking for Distributed Cumulative Triggers Ling Huang* Minos Garofalakis.

Cumulative Violation For any window size  t  Communication-Efficient Tracking for Distributed Cumulative Triggers Ling Huang* Minos Garofalakis.
Malicious parties may employ (a) structure-based or (b) label-based attacks to re-identify users and thus learn sensitive information about their rating.

Malicious parties may employ (a) structure-based or (b) label-based attacks to re-identify users and thus learn sensitive information about their rating.
Collaborative Ordinal Regression Shipeng Yu Joint work with Kai Yu, Volker Tresp and Hans-Peter Kriegel University of Munich, Germany Siemens Corporate.

Collaborative Ordinal Regression Shipeng Yu Joint work with Kai Yu, Volker Tresp and Hans-Peter Kriegel University of Munich, Germany Siemens Corporate.
Using Entropy to Trade Privacy for Trust Yuhui Zhong Bharat Bhargava {zhong, Department of Computer Sciences Purdue University This work.

Using Entropy to Trade Privacy for Trust Yuhui Zhong Bharat Bhargava {zhong, Department of Computer Sciences Purdue University This work.
Privacy Preserving Data Mining: An Overview and Examination of Euclidean Distance Preserving Data Transformation Chris Giannella cgiannel AT acm DOT org.

Privacy Preserving Data Mining: An Overview and Examination of Euclidean Distance Preserving Data Transformation Chris Giannella cgiannel AT acm DOT org.

Similar presentations

Ads by Google