48 research outputs found
On Web User Tracking: How Third-Party Http Requests Track Users' Browsing Patterns for Personalised Advertising
On today's Web, users trade access to their private data for content and
services. Advertising sustains the business model of many websites and
applications. Efficient and successful advertising relies on predicting users'
actions and tastes to suggest a range of products to buy. It follows that,
while surfing the Web users leave traces regarding their identity in the form
of activity patterns and unstructured data. We analyse how advertising networks
build user footprints and how the suggested advertising reacts to changes in
the user behaviour.Comment: arXiv admin note: substantial text overlap with arXiv:1605.0653
Potential mass surveillance and privacy violations in proximity-based social applications
Proximity-based social applications let users interact with people that are
currently close to them, by revealing some information about their preferences
and whereabouts. This information is acquired through passive geo-localisation
and used to build a sense of serendipitous discovery of people, places and
interests. Unfortunately, while this class of applications opens different
interactions possibilities for people in urban settings, obtaining access to
certain identity information could lead a possible privacy attacker to identify
and follow a user in their movements in a specific period of time. The same
information shared through the platform could also help an attacker to link the
victim's online profiles to physical identities. We analyse a set of popular
dating application that shares users relative distances within a certain radius
and show how, by using the information shared on these platforms, it is
possible to formalise a multilateration attack, able to identify the user
actual position. The same attack can also be used to follow a user in all their
movements within a certain period of time, therefore identifying their habits
and Points of Interest across the city. Furthermore we introduce a social
attack which uses common Facebook likes to profile a person and finally
identify their real identity
On the Measurement of Privacy as an Attacker's Estimation Error
A wide variety of privacy metrics have been proposed in the literature to
evaluate the level of protection offered by privacy enhancing-technologies.
Most of these metrics are specific to concrete systems and adversarial models,
and are difficult to generalize or translate to other contexts. Furthermore, a
better understanding of the relationships between the different privacy metrics
is needed to enable more grounded and systematic approach to measuring privacy,
as well as to assist systems designers in selecting the most appropriate metric
for a given application.
In this work we propose a theoretical framework for privacy-preserving
systems, endowed with a general definition of privacy in terms of the
estimation error incurred by an attacker who aims to disclose the private
information that the system is designed to conceal. We show that our framework
permits interpreting and comparing a number of well-known metrics under a
common perspective. The arguments behind these interpretations are based on
fundamental results related to the theories of information, probability and
Bayes decision.Comment: This paper has 18 pages and 17 figure
p-probabilistic k-anonymous microaggregation for the anonymization of surveys with uncertain participation
We develop a probabilistic variant of k-anonymous microaggregation which we term p-probabilistic resorting to a statistical model of respondent participation in order to aggregate quasi-identifiers in such a manner that k-anonymity is concordantly enforced with a parametric probabilistic guarantee. Succinctly owing the possibility that some respondents may not finally participate, sufficiently larger cells are created striving to satisfy k-anonymity with probability at least p. The microaggregation function is designed before the respondents submit their confidential data. More precisely, a specification of the function is sent to them which they may verify and apply to their quasi-identifying demographic variables prior to submitting the microaggregated data along with the confidential attributes to an authorized repository.
We propose a number of metrics to assess the performance of our probabilistic approach in terms of anonymity and distortion which we proceed to investigate theoretically in depth and empirically with synthetic and standardized data. We stress that in addition to constituting a functional extension of traditional microaggregation, thereby broadening its applicability to the anonymization of statistical databases in a wide variety of contexts, the relaxation of trust assumptions is arguably expected to have a considerable impact on user acceptance and ultimately on data utility through mere availability.Peer ReviewedPostprint (author's final draft
MobilitApp: Analysing mobility data of citizens in the metropolitan area of Barcelona
MobilitApp is a platform designed to provide smart mobility services in urban
areas. It is designed to help citizens and transport authorities alike.
Citizens will be able to access the MobilitApp mobile application and decide
their optimal transportation strategy by visualising their usual routes, their
carbon footprint, receiving tips, analytics and general mobility information,
such as traffic and incident alerts. Transport authorities and service
providers will be able to access information about the mobility pattern of
citizens to o er their best services, improve costs and planning. The
MobilitApp client runs on Android devices and records synchronously, while
running in the background, periodic location updates from its users. The
information obtained is processed and analysed to understand the mobility
patterns of our users in the city of Barcelona, Spain
SoK: Differentially Private Publication of Trajectory Data
Trajectory analysis holds many promises, from improvements in traffic management to routing advice or infrastructure development. However, learning users\u27 paths is extremely privacy-invasive. Therefore, there is a necessity to protect trajectories such that we preserve the global properties, useful for analysis, while specific and private information of individuals remains inaccessible. Trajectories, however, are difficult to protect, since they are sequential, highly dimensional, correlated, bound to geophysical restrictions, and easily mapped to semantic points of interest.
This paper aims to establish a systematic framework on protective masking and synthetic-generation measures for trajectory databases with syntactic and differentially private (DP) guarantees, including also utility properties, derived from ideas and limitations of existing proposals. To reach this goal, we systematize the utility metrics used throughout the literature, deeply analyze the DP granularity notions, explore and elaborate on the state of the art on privacy-enhancing mechanisms and their problems, and expose the main limitations of DP notions in the context of trajectories