Issue No. 03 - May/June (2012 vol. 9)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2012.19
Daniele Riboni , University of Milan, Milano
Linda Pareschi , University of Milan, Milano
Claudio Bettini , University of Milan, Milano
Web queries, credit card transactions, and medical records are examples of transaction data flowing in corporate data stores, and often revealing associations between individuals and sensitive information. The serial release of these data to partner institutions or data analysis centers in a nonaggregated form is a common situation. In this paper, we show that correlations among sensitive values associated to the same individuals in different releases can be easily used to violate users' privacy by adversaries observing multiple data releases, even if state-of-the-art privacy protection techniques are applied. We show how the above sequential background knowledge can be actually obtained by an adversary, and used to identify with high confidence the sensitive values of an individual. Our proposed defense algorithm is based on Jensen-Shannon divergence; experiments show its superiority with respect to other applicable solutions. To the best of our knowledge, this is the first work that systematically investigates the role of sequential background knowledge in serial release of transaction data.
Privacy-preserving release of transaction data, anonymity, sequential background knowledge.
L. Pareschi, C. Bettini and D. Riboni, "JS-Reduce: Defending Your Data from Sequential Background Knowledge Attacks," in IEEE Transactions on Dependable and Secure Computing, vol. 9, no. , pp. 387-400, 2012.