Misusability Measure Based Sanitization of Big Data for Privacy Preserving MapReduce Programming

Leakage and misuse of sensitive data is a challenging problem to enterprises. It has become more serious problem with the advent of cloud and big data. The rationale behind this is the increase in outsourcing of data to public cloud and publishing data for wider visibility. Therefore Privacy Preserving Data Publishing (PPDP), Privacy Preserving Data Mining (PPDM) and Privacy Preserving Distributed Data Mining (PPDM) are crucial in the contemporary era. PPDP and PPDM can protect privacy at data and process levels respectively. Therefore, with big data privacy to data became indispensable due to the fact that data is stored and processed in semi-trusted environment. In this paper we proposed a comprehensive methodology for effective sanitization of data based on misusability measure for preserving privacy to get rid of data leakage and misuse. We followed a hybrid approach that caters to the needs of privacy preserving MapReduce programming. We proposed an algorithm known as Misusability Measure-Based Privacy serving Algorithm (MMPP) which considers level of misusability prior to choosing and application of appropriate sanitization on big data. Our empirical study with Amazon EC2 and EMR revealed that the proposed methodology is useful in realizing privacy preserving Map Reduce programming

Location Privacy in LTE: A Case Study on Exploiting the Cellular Signaling Plane's Timing Advance

Location privacy is an oft-overlooked, but exceedingly important niche of the overall privacy macrocosm. An ambition of this work is to raise awareness of concerns relating to location privacy in cellular networks. To this end, we will demonstrate how user location information is leaked through a vulnerability, viz. the timing advance (TA) parameter, in the Long Term Evolution (LTE) signaling plane and how the position estimate that results from that parameter can be refined through a previously introduced method called Cellular Synchronization Assisted Refinement (CeSAR) [1]. With CeSAR, positioning accuracies that meet or exceed the FCC’s E-911 mandate are possible making CeSAR simultaneously a candidate technology for meeting the FCC’s wireless localization requirements and a demonstration of the alarming level of location information sent over the air. We also introduce a geographically diverse data set of TAs collected from actual LTE network implementations utilizing different cell phone chipsets. With this data set we show the appropriateness of modeling the error associated with a TA as normally distributed.

Location Privacy in LTE: A Case Study on Exploiting the Cellular Signaling Plane\u27s Timing Advance

Location privacy is an oft-overlooked, but exceedingly important niche of the overall privacy macrocosm. An ambition of this work is to raise awareness of concerns relating to location privacy in cellular networks. To this end, we will demonstrate how user location information is leaked through a vulnerability, viz. the timing advance (TA) parameter, in the Long Term Evolution (LTE) signaling plane and how the position estimate that results from that parameter can be refined through a previously introduced method called Cellular Synchronization Assisted Refinement (CeSAR) [1]. With CeSAR, positioning accuracies that meet or exceed the FCC’s E-911 mandate are possible making CeSAR simultaneously a candidate technology for meeting the FCC’s wireless localization requirements and a demonstration of the alarming level of location information sent over the air. We also introduce a geographically diverse data set of TAs collected from actual LTE network implementations utilizing different cell phone chipsets. With this data set we show the appropriateness of modeling the error associated with a TA as normally distributed.

DARC : Data Anonymization and Re-identification Challenge

National audienc

Influence of tracking duration on the privacy of individual mobility graphs

Location graphs, compact representations of human mobility without geocoordinates, can be used to personalise location-based services. While they are more privacy-preserving than raw tracking data, it was shown that they still hold a considerable risk for users to be re-identified solely by the graph topology. However, it is unclear how this risk depends on the tracking duration. Here, we consider a scenario where the attacker wants to match the new tracking data of a user to a pool of previously recorded mobility profiles, and we analyse the dependence of the re-identification performance on the tracking duration. We find that the re-identification accuracy varies between 0.41% and 20.97% and is affected by both the pool duration and the test-user tracking duration, it is greater if both have the same duration, and it is not significantly affected by socio-demographics such as age or gender, but can to some extent be explained by different mobility and graph features. Overall, the influence of tracking duration on user privacy has clear implications for data collection and storage strategies. We advise data collectors to limit the tracking duration or to reset user IDs regularly when storing long-term tracking data

민감 정보 전이를 이용한 안전한 이미지 인코딩 변환

학위논문(석사) -- 서울대학교대학원 : 공과대학 컴퓨터공학부, 2022. 8. 장병탁.Local Differential Privacy (LDP) is a widely accepted mathematical notion of privacy that guarantees a quantified privacy budget on sensitive data. However, it is difficult to apply LDP algorithms to unstructured data such as images since the fundamental mechanism underlying in many LDP algorithms, Randomized Response (RR), is suited for structured, tabular data. In this paper, we propose a novel task-agnostic LDP framework that preserves the privacy of selected sensitive attributes in an image representation while conserving other visual aspects. Our framework includes an adversarially trained transition model that portrays the RR mechanism, allowing it to be easily utilized in other LDP algorithms. We provide strict description of the problem formulation, and show how our model can prevent attacks from a potential adversary trying to obtain the sensitive information. Our experimental results verify that the proposed framework outperforms baseline models in protecting sensitive attributes with minimal performance loss in arbitrary downstream tasks.지역적 차등 정보 보안(Local Differntial Privacy, 이하 LDP)은 널리 알려진 보안에 대한 엄밀한 수학적 정의로, 민감한 데이터에 관해 정량화된 강력한 정보 보안을 보장한다. 하지만 LDP를 이루는 근본적인 메커니즘인 무작위 응답(Randomized Response, 이하 RR)은 테이블 데이터와 같은 구조화된 데이터를위해 만들어졌으므로 널리 알려진 LDP 알고리즘들은 이미지와 같은 비구조화된 데이터에는 적용하기 어렵다는 단점이 있다. 본 연구에서는 해당 단점을 보완하기 위해 이미지 인코딩 상에서 다른 시각적 특징들은 유지하면서 선택된 민감한 정보들의 보안을 유지하는 LDP 프레임워크를 제안한다. 제안된 프레임워크는 적대적 학습을 통해 생성된 전이 모델을 이용해 RR 메커니즘을 모사함으로써 다른 LDP 알고리즘들에도 쉽게 적용이 가능하다는 장점이 있다. 본 논문에서는 문제 상황을 엄밀히 정의하고 제안된 프레임워크가 민감 정보를 탈취하려는 목적을 가진 잠재적 적대자로부터 정보를 보호할 수 있다는 것을 입증한다. 또한 본 논문에서는 실험적 결과를 통해 제안된 모델이 다른 기존 모델들에 비해 데이터의 잠재적인 미래 작업들에 최대한 영향을 적게 끼치면서 정보를 보호할 수 있다는 것을 보인다.1 Introduction 1 1.1 Introduction 1 2 Related Works 5 2.1 Privacy-Preserving Machine Learning 5 2.2 Differential Privacy 6 3 Problem Formulation 9 4 Method 11 4.1 Attribute Inference Attack of the Adversary 11 4.1.1 Differential distance learning 13 4.2 Task-agnostic attribute transition model 15 4.2.1 GAN Architecture 15 4.2.2 Distributional Transition Loss 16 4.2.3 Unsensitive attribute preservation 19 4.3 Local Differentially Private Image Representation Transition Framework 20 5 Experimental Results 21 5.1 Experimental Setup 21 5.2 Multi-Label Classification 21 5.2.1 Sensitive attribute transition evaluation 23 5.3 Evaluation on Other Attributes 26 5.4 Qualitative Results 28 5.5 Experiment on CheXpert dataset 31 6 Conclusion 32 Bibliography 33 초 록 39석

User-centric IoT: challenges and perspectives

International audienceThe Internet of Things (IoT), this emerging technology connecting everyone, and everyone’s things’, is not about objects, gadgets, databases, applications and profits to be made from it, but about people, it enriches. Researchers, developers, industries, telecommunication companies, and scientific communities have been interested in this paradigm and have proposed different solutions from different perspectives. They are mainly focused on the technical level, like performance, interoperability, integration, etc. However, whenever use cases are targeting human users, the focus must not be merely on these sides, but on human factors as well. Thus, it is essential to apply a user-centric approach allowing identification of application-specific features and understanding users needs, motivations and beliefs. This survey aims at encouraging other IoT system developers and researchers to pay attention to the relationship between people and IoT systems. We emphasize the value of adopting a user-centric vision. The goal is not to provide solutions, but rather to raise the right issues