5 research outputs found
Health privacy : methods for privacy-preserving data sharing of methylation, microbiome and eye tracking data
This thesis studies the privacy risks of biomedical data and develops mechanisms for privacy-preserving data sharing. The contribution of this work is two-fold: First, we demonstrate privacy risks of a variety of biomedical data types such as DNA methylation data, microbiome data and eye tracking data. Despite being less stable than well-studied genome data and more prone to environmental changes, well-known privacy attacks can be adopted and threaten the privacy of data donors. Nevertheless, data sharing is crucial to advance biomedical research given that collection the data of a sufficiently large population is complex and costly. Therefore, we develop as a second step privacy- preserving tools that enable researchers to share such biomedical data. and second, we equip researchers with tools to enable privacy-preserving data sharing. These tools are mostly based on differential privacy, machine learning techniques and adversarial examples and carefully tuned to the concrete use case to maintain data utility while preserving privacy.Diese Dissertation beleuchtet Risiken für die Privatsphäre von biomedizinischen Daten und entwickelt Mechanismen für privatsphäre-erthaltendes Teilen von Daten. Dies zerfällt in zwei Teile: Zunächst zeigen wir die Risiken für die Privatsphäre auf, die von biomedizinischen Daten wie DNA Methylierung, Mikrobiomdaten und bei der Aufnahme von Augenbewegungen vorkommen. Obwohl diese Daten weniger stabil sind als Genomdaten, deren Risiken der Forschung gut bekannt sind, und sich mehr unter Umwelteinflüssen ändern, können bekannte Angriffe angepasst werden und bedrohen die Privatsphäre der Datenspender. Dennoch ist das Teilen von Daten essentiell um biomedizinische Forschung voranzutreiben, denn Daten von einer ausreichend großen Studienpopulation zu sammeln ist aufwändig und teuer. Deshalb entwickeln wir als zweiten Schritt privatsphäre-erhaltende Techniken, die es Wissenschaftlern erlauben, solche biomedizinischen Daten zu teilen. Diese Techniken basieren im Wesentlichen auf differentieller Privatsphäre und feindlichen Beispielen und sind sorgfältig auf den konkreten Einsatzzweck angepasst um den Nutzen der Daten zu erhalten und gleichzeitig die Privatsphäre zu schützen
Privacy-aware eye tracking using differential privacy
With eye tracking being increasingly integrated into virtual and augmented reality (VR/AR) head-mounted displays, preserving users’ privacy is an ever more important, yet under-explored, topic in the eye tracking community. We report a large-scale online survey (N=124) on privacy aspects of eye tracking that provides the first comprehensive account of with whom, for which services,
and to what extent users are willing to share their gaze data. Using these insights, we design a privacy-aware VR interface that uses differential privacy, which we evaluate on a new 20-participant dataset for two privacy sensitive tasks: We show that our method can prevent user re-identification and protect gender information while maintaining high performance for gaze-based document type
classification. Our results highlight the privacy challenges particular to gaze data and demonstrate that differential privacy is a potential means to address them. Thus, this paper lays important foundations for future research on privacy-aware gaze interfaces
Membership Inference Against DNA Methylation Databases
Biomedical data sharing is one of the key elements
fostering the advancement of biomedical research but poses
severe risks towards the privacy of individuals contributing
their data, as already demonstrated for genomic data. In
this paper, we study whether and to which extent DNA
methylation data, one of the most important epigenetic
elements regulating human health, is prone to membership
inference attacks, a critical type of attack that reveals an
individual’s participation in a given database. We design
and evaluate three different attacks exploiting published
summary statistics, among which one is based on machine
learning and another is exploiting the dependencies between
genome and methylation data. Our extensive evaluation on
six datasets containing a diverse set of tissues and diseases
collected from more than 1,300 individuals in total shows that
such membership inference attacks are effective, even when
the target’s methylation profile is not accessible. It further
shows that the machine-learning approach outperforms the
statistical attacks, and that learned models are transferable
across different datasets
MBeacon: Privacy-Preserving Beacons for DNA Methylation Data
The advancement of molecular profiling techniques
fuels biomedical research with a deluge of data. To facilitate
data sharing, the Global Alliance for Genomics and Health
established the Beacon system, a search engine designed to help
researchers find datasets of interest. While the current Beacon
system only supports genomic data, other types of biomedical
data, such as DNA methylation, are also essential for advancing
our understanding in the field. In this paper, we propose the first
Beacon system for DNA methylation data sharing: MBeacon. As
the current genomic Beacon is vulnerable to privacy attacks, such
as membership inference, and DNA methylation data is highly
sensitive, we take a privacy-by-design approach to construct
MBeacon.
First, we demonstrate the privacy threat, by proposing a
membership inference attack tailored specifically to unprotected
methylation Beacons. Our experimental results show that 100
queries are sufficient to achieve a successful attack with AUC
(area under the ROC curve) above 0.9. To remedy this situation,
we propose a novel differential privacy mechanism, namely SVT2
,
which is the core component of MBeacon. Extensive experiments
over multiple datasets show that SVT2
can successfully mitigate
membership privacy risks without significantly harming utility.
We further implement a fully functional prototype of MBeacon
which we make available to the research communit