Skip to main content
SpringerLink
Log in

Flexible adversary disclosure risk measure for identity and attribute disclosure attacks

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Individuals generate tremendous amount of personal data each day, with a wide variety of uses. This datum often contains sensitive information about individuals, which can be disclosed by “adversaries”. Even when direct identifiers such as social security numbers are masked, an adversary may be able to recognize an individual’s identity for a data record by looking at the values of quasi-identifiers (QIDs), known as identity disclosure, or can uncover sensitive attributes (SAs) about an individual through attribute disclosure. In data privacy field, multiple disclosure risk measures have been proposed. These share two drawbacks: they do not consider identity and attribute disclosure concurrently, and they consider a restrictive attack model by assuming certain attributes, namely QIDs and SAs. In this paper, we present a flexible adversary disclosure risk measure that addresses these limitations, by presenting a single combined metric of identity and attribute disclosure, and generalizing attack models by considering all scenarios for an adversary’s knowledge and disclosure targets while providing the flexibility to model a specific disclosure preference. We have developed an efficient algorithm for computing our proposed risk measure and evaluated the performance of our approach on a benchmark dataset from 1994 Census database.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Research Data Policy and Data Availability Statements

The datasets generated during and/or analyzed during the current study are available in the UCI machine learning repository, https://archive.ics.uci.edu/ml/datasets/adult.

References

  1. Sweeney, L.: k-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzzin. Knowled. Based Syst. 10, 557–570 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  2. Orooji, M., Knapp, G.M.: Improving suppression to reduce disclosure risk and enhance data utility. In: Proceedings of the 2018 IISE Annual Conference, pp 1415–1420 (2018)

  3. Orooji, M., Knapp, G. M.: A novel microdata privacy disclosure risk measure. In: Proceedings of the 2018 IISE Annual Conference, pp 1397–1402 (2018)

  4. Manning, A.M., Haglin, D.J., Keane, J.A.: A recursive search algorithm for statistical disclosure assessment. Data Min. Knowl. Disc. 16, 165–196 (2008)

    Article  MathSciNet  Google Scholar 

  5. Abril, D., Navarro-Arribas, G., Torra, V.: Improving record linkage with supervised learning for disclosure risk assessment. Inf. Fusion. 13, 274–284 (2012)

    Article  MATH  Google Scholar 

  6. Abril, D., Navarro-Arribas, G., Torra, V.: Choquet integral for record linkage. Ann. Oper. Res. 195, 97–110 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  7. Torra, V., Navarro-Arribas, G., Abril, D.: Supervised learning for record linkage through weighted means and OWA operators. Control. Cybern. 39, 1011–1026 (2010)

    MATH  Google Scholar 

  8. Abril, D., Torra, V., Navarro-Arribas, G.: Supervised learning using a symmetric bilinear form for record linkage. Inf. Fusion. 26, 144–153 (2015)

    Article  Google Scholar 

  9. Muralidhar, K., Domingo-Ferrer, J.: Rank-based record linkage for re-identification risk assessment. In: International Conference on Privacy in Statistical Databases, pp. 225–236 (2016)

  10. Domingo-Ferrer, J., Ricci, S., Soria-Comas, J.: Disclosure risk assessment via record linkage by a maximum-knowledge attacker. In: 2015 13th Annual Conference on Privacy, Security and Trust (PST), pp. 28–35 (2015)

  11. Andreou, A., Goga, O., Loiseau, P.: Identity vs. attribute disclosure risks for users with multiple social profiles. In: Proceedings of the 2017 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2017, pp. 163–170 (2017)

  12. Nin, J., Herranz, J., Torra, V.: Using classification methods to evaluate attribute disclosure risk. In: Modeling Decisions for Artificial Intelligence, pp. 277–286 (2010)

  13. Herranz, J., Matwin, S., Nin, J., Torra, V.: Classifying data from protected statistical datasets. Comput. Secur. 29, 875–890 (2010)

    Article  Google Scholar 

  14. Torra, V.: Privacy models and disclosure risk measures. In: Data Privacy: Foundations, New Developments and the Big Data Challenge, pp. 111–189. Springer, Cham (2017)

  15. Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: l-diversity: privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data (TKDD) 1, 3 (2007)

    Article  Google Scholar 

  16. Soria-Comas, J., Domingo-Ferrer, J., Sanchez, D., Martinez, S.: t-closeness through microaggregation: strict privacy with enhanced utility preservation. IEEE Trans. Knowl. Data Eng. 27, 3098–3110 (2015)

    Article  Google Scholar 

  17. Motwani, R., Xu, Y.: Efficient algorithms for masking and finding quasi-identifiers. In: Proceedings of the Conference on Very Large Data Bases (VLDB), pp. 83–93 (2007)

  18. El Emam, K., Dankar, F.: Re-identification risk in de-identified databases containing personal information. Google Patents (2012)

  19. El Emam, K.: Risk-based de-identification of health data. IEEE Secur. Privacy 64–67 (2010)

  20. Prasser, F., Kohlmayer, F.: Putting statistical disclosure control into practice: the ARX data anonymization tool. In: Medical Data Privacy Handbook, pp. 111–148. Springer (2015)

  21. Cambria, E., White, B.: Jumping NLP curves: a review of natural language processing research. IEEE Comput. Intell. Mag. 9, 48–57 (2014)

    Article  Google Scholar 

  22. Shvaiko, P., Euzenat, J.: Ontology matching: state of the art and future challenges. IEEE Trans. Knowl. Data Eng. 25, 158–176 (2013)

    Article  Google Scholar 

  23. Martínez, S., Valls, A., Sánchez, D.: An ontology-based record linkage method for textual microdata. In: CCIA, pp. 130–139 (2011)

  24. Wang, H., Han, J., Wang, J., Wang, L.: (k, )-Anonymity: an anonymity model for thwarting similarity attack. In: 2013 IEEE International Conference on Granular Computing (GrC), pp. 332–337 (2013)

  25. Wang, H., Han, J., Wang, J., Wang, L.: (l, e)-diversity-a privacy preserving model to resist semantic similarity attack. J. Comput. 9, 59–65 (2014)

    Google Scholar 

  26. Mubark, A.A., Elabd, E., Abdulkader, H.: Semantic anonymization in publishing categorical sensitive attributes. In: 2016 8th International Conference on Knowledge and Smart Technology (KST), pp. 89–95 (2016)

  27. Balsa, E., Troncoso, C., Diaz, C.: A metric to evaluate interaction obfuscation in online social networks. Int. J. Uncertain. Fuzzin. Knowl. Based Syst. 20, 877–892 (2012)

    Article  MathSciNet  Google Scholar 

  28. Aghasian, E., Garg, S., Gao, L., Yu, S., Montgomery, J.: Scoring users’ privacy disclosure across multiple online social networks. IEEE Access 5, 13118–13130 (2017)

    Article  Google Scholar 

  29. Wang, Q., Zhang, Y., Lu, X., Wang, Z., Qin, Z., Ren, K.: Real-time and spatio-temporal crowd-sourced social network data publishing with differential privacy. IEEE Trans. Depend. Secure Comput. (2016)

  30. Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Theory of Cryptography Conference, pp. 265–284 (2006)

  31. Shin, H., Kim, S., Shin, J., Xiao, X.: Privacy enhanced matrix factorization for recommendation with local differential privacy. IEEE Trans. Knowl. Data Eng. 30, 1770–1782 (2018)

    Article  Google Scholar 

  32. Cheng, X., Su, S., Xu, S., Xiong, L., Xiao, K., Zhao, M.: A two-phase algorithm for differentially private frequent subgraph mining. IEEE Trans. Knowl. Data Eng. 30, 1411–1425 (2018)

    Article  Google Scholar 

  33. Xiong, X., Chen, F., Huang, P., Tian, M., Hu, X., Chen, B., Qin, J.: Frequent itemsets mining with differential privacy over large-scale data. IEEE Access 6, 28877–28889 (2018)

    Article  Google Scholar 

  34. Ni, L., Li, C., Wang, X., Jiang, H., Yu, J.: DP-MCDBSCAN: differential privacy preserving multi-core DBSCAN clustering for network user data. IEEE Access 6, 21053–21063 (2018)

    Article  Google Scholar 

  35. Li, C., Zhou, P., Xiong, L., Wang, Q., Wang, T.: Differentially private distributed online learning. IEEE Trans. Knowl. Data Eng. 30, 1440–1453 (2018)

    Article  Google Scholar 

  36. Du, M., Wang, K., Xia, Z., Zhang, Y.: Differential privacy preserving of training model in wireless big data with edge computing. IEEE Trans. Big Data 1–1 (2018)

  37. Soria-Comas, J., Domingo-Ferrer, J.: Big data privacy: challenges to privacy principles and models. Data Sci. Eng. 1, 21–28 (2016)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Rice University, B146-B Abercrombie, Houston, TX, 77251, USA

    Marmar Orooji

  2. Department of Mechanical and Industrial Engineering, Louisiana State University, 3277-21 Patrick F. Taylor Hall, Baton Rouge, LA, 70803, USA

    Seyedeh Shaghayegh Rabbanian

  3. Department of Mechanical and Industrial Engineering, Louisiana State University, 3250-B Patrick F. Taylor Hall, Baton Rouge, 70803, LA, USA

    Gerald M. Knapp

Authors
  1. Marmar Orooji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seyedeh Shaghayegh Rabbanian
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gerald M. Knapp
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marmar Orooji.

Ethics declarations

Conflict of interest

Marmar Orooji declares that she has no conflict of interest. Seyedeh Shaghayegh Rabbanian declares that she has no conflict of interest. Gerald M. Knapp declares that he has no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Orooji, M., Rabbanian, S.S. & Knapp, G.M. Flexible adversary disclosure risk measure for identity and attribute disclosure attacks. Int. J. Inf. Secur. 22, 631–645 (2023). https://doi.org/10.1007/s10207-022-00654-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-022-00654-y

Keywords

Search

Navigation