The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
On the Optimality of the Simple Bayesian Classifier under Zero-One Loss
Machine Learning - Special issue on learning with probabilistic representations
Security of random data perturbation methods
ACM Transactions on Database Systems (TODS)
Limiting privacy breaches in privacy preserving data mining
Proceedings of the twenty-second ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
k-anonymity: a model for protecting privacy
International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems
On the Privacy Preserving Properties of Random Data Perturbation Techniques
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
A formal analysis of information disclosure in data exchange
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Monte Carlo Statistical Methods (Springer Texts in Statistics)
Monte Carlo Statistical Methods (Springer Texts in Statistics)
Data Privacy through Optimal k-Anonymization
ICDE '05 Proceedings of the 21st International Conference on Data Engineering
Deriving private information from randomized data
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Incognito: efficient full-domain K-anonymity
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
To do or not to do: the dilemma of disclosing anonymized data
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Mondrian Multidimensional K-Anonymity
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Achieving anonymity via clustering
Proceedings of the twenty-fifth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Injecting utility into anonymized datasets
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
On privacy preservation against adversarial data mining
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Privacy leakage in multi-relational databases: a semi-supervised learning perspective
The VLDB Journal — The International Journal on Very Large Data Bases
Anatomy: simple and effective privacy preservation
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
L-diversity: Privacy beyond k-anonymity
ACM Transactions on Knowledge Discovery from Data (TKDD)
Proceedings of the 16th international conference on World Wide Web
On anonymizing query logs via token-based hashing
Proceedings of the 16th international conference on World Wide Web
Protecting data privacy through hard-to-reverse negative databases
International Journal of Information Security
Efficient query evaluation on probabilistic databases
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
The boundary between privacy and utility in data publishing
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Minimality attack in privacy preserving data publishing
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Fast data anonymization with low information loss
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Privacy skyline: privacy with multidimensional adversarial knowledge
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Privacy-MaxEnt: integrating background knowledge in privacy quantification
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Estimating labels from label proportions
Proceedings of the 25th international conference on Machine learning
Robust De-anonymization of Large Sparse Datasets
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Resisting structural re-identification in anonymized social networks
Proceedings of the VLDB Endowment
Injector: Mining Background Knowledge for Data Anonymization
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Estimating continuous distributions in Bayesian classifiers
UAI'95 Proceedings of the Eleventh conference on Uncertainty in artificial intelligence
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Privacy-Preserving Data Publishing
Foundations and Trends in Databases
Optimal random perturbation at multiple privacy levels
Proceedings of the VLDB Endowment
Transparent anonymization: Thwarting adversaries who know the algorithm
ACM Transactions on Database Systems (TODS)
Towards an axiomatization of statistical privacy and utility
Proceedings of the twenty-ninth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Non-homogeneous generalization in privacy preserving data publishing
Proceedings of the 2010 ACM SIGMOD International Conference on Management of data
Versatile publishing for privacy preservation
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
ρ-uncertainty: inference-proof transaction anonymization
Proceedings of the VLDB Endowment
Minimizing minimality and maximizing utility: analyzing method-based attacks on anonymized data
Proceedings of the VLDB Endowment
Resisting structural re-identification in anonymized social networks
The VLDB Journal — The International Journal on Very Large Data Bases
Privacy-preserving publishing microdata with full functional dependencies
Data & Knowledge Engineering
Towards privacy for social networks: a zero-knowledge based definition of privacy
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Differentially private data cubes: optimizing noise sources and consistency
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Can the Utility of Anonymized Data be Used for Privacy Breaches?
ACM Transactions on Knowledge Discovery from Data (TKDD)
Differentially private data release for data mining
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Personal privacy vs population privacy: learning to attack anonymization
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
Protecting privacy in data release
Foundations of security analysis and design VI
Cloning for privacy protection in multiple independent data publications
Proceedings of the 20th ACM international conference on Information and knowledge management
Privacy-preserving publishing data with full functional dependencies
DASFAA'10 Proceedings of the 15th international conference on Database Systems for Advanced Applications - Volume Part II
Limiting disclosure of sensitive data in sequential releases of databases
Information Sciences: an International Journal
Secure distributed computation of anonymized views of shared databases
ACM Transactions on Database Systems (TODS)
MaskIt: privately releasing user context streams for personalized mobile applications
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
GUPT: privacy preserving data analysis made easy
SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data
Differentially private summaries for sparse data
Proceedings of the 15th International Conference on Database Theory
Differentially private transit data publication: a case study on the montreal transportation system
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Anonymizing set-valued data by nonreciprocal recoding
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Publishing microdata with a robust privacy guarantee
Proceedings of the VLDB Endowment
Reconstruction attack through classifier analysis
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Secure distributed framework for achieving ε-differential privacy
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
A propagation model for provenance views of public/private workflows
Proceedings of the 16th International Conference on Database Theory
Lightweight privacy-preserving peer-to-peer data integration
Proceedings of the VLDB Endowment
UMicS: from anonymized data to usable microdata
Proceedings of the 22nd ACM international conference on Conference on information & knowledge management
Pufferfish: A framework for mathematical privacy definitions
ACM Transactions on Database Systems (TODS)
Using safety constraint for transactional dataset anonymization
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Efficient Time-Stamped Event Sequence Anonymization
ACM Transactions on the Web (TWEB)
Improving accuracy of classification models induced from anonymized datasets
Information Sciences: an International Journal
A general framework for privacy preserving data publishing
Knowledge-Based Systems
Hi-index | 0.00 |
In this paper we present a method for reasoning about privacy using the concepts of exchangeability and deFinetti's theorem. We illustrate the usefulness of this technique by using it to attack a popular data sanitization scheme known as Anatomy. We stress that Anatomy is not the only sanitization scheme that is vulnerable to this attack. In fact, any scheme that uses the random worlds model, i.i.d. model, or tuple-independent model needs to be re-evaluated. The difference between the attack presented here and others that have been proposedin the past is that we do not need extensive background knowledge. An attacker only needs to know the nonsensitive attributes of one individual in the data, and can carry out this attack just by building a machine learning model over the sanitized data. The reason this attack is successful is that it exploits a subtle flaw in the way prior work computed the probability of disclosure of a sensitive attribute. We demonstrate this theoretically, empirically, and with intuitive examples. We also discuss how this generalizes to many other privacy schemes.