skip to main content
research-article

Privacy Analysis of Query-Set-Size Control

Authors Info & Claims
Published:09 July 2022Publication History
Skip Abstract Section

Abstract

The publication of user data for statistical analysis and research can be extremely beneficial for both academic and commercial uses, such as statistical research and recommendation systems. To maintain user privacy when such a publication occurs many databases employ anonymization techniques, either on the query results or the data itself. In this article, we examine and analyze the privacy offered when using the query-set-size control method for aggregate queries over a data structures representing various topologies. We focus on the mathematical queries of minimum, maximum, median, and average and show some query types that may be used to extract hidden information. We prove some combinations of these queries will maintain a measurable level of privacy even when using multiple queries. We offer a privacy probability measure, indicating the probability of an attacker to obtain information defined as sensitive by utilizing legitimate queries over such a system. Our results are mathematically proven and backed by simulations using vehicular network data based on the TAPASCologne project.

REFERENCES

  1. [1] Adam N. R. and Worthmann J. C.. 1989. Security-control methods for statistical databases: A comparative study. ACM Comput. Surv. 21, 4 (1989), 42.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. [2] Bolot J., Fawaz N., Muthukrishnan S., Nikolov A., and Taft N.. 2013. Private decayed predicate sums on streams. In Proceedings of the International Conference on Database Theory (ICDT’13). 12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. [3] Chan H. T.-H., Shi E., and Song D.. 2011. Private and continual release of statistics. ACM Trans. Inf. Syst. Secur. 14, 3, Article 26 (2011), 24 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. [4] Chin Francis. 1986. Security problems on inference control for SUM, MAX, and MIN queries. J. ACM 33, 3 (May 1986), 451464. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. [5] Jonge Wiebren de. 1983. Compromising statistical databases responding to queries about means. ACM Trans. Database Syst. 8, 1 (March 1983), 6080. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. [6] Denning Dorothy E., Denning Peter J., and Schwartz Mayer D.. 1979. The tracker: A threat to statistical database security. ACM Trans. Database Syst. 4, 1 (March 1979), 7696. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. [7] Ding Z., Wang Y., Wang G., Zhang D., and Kifer D.. 2018. Detecting violations of differential privacy. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’18). 15. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. [8] Dwork C.. 2008. Differential privacy: A survey of results. In Theory and Applications of Models of Computation.Google ScholarGoogle ScholarCross RefCross Ref
  9. [9] Dwork C., McSherry F., Nissim K., and Smith A.. 2006. Calibrating noise to sensitivity in private data analysis. In Theory of Cryptography.Google ScholarGoogle Scholar
  10. [10] Dwork C., Naor M., Pitassi T., and Rothblum G. N.. 2010. Differential privacy under continual observation. In Proceedings of the ACM Symposium on Theory of Computing (STOC’10). 10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. [11] Ganta S. R., Kasiviswanathan S. P., and Smith A.. 2008. Composition attacks and auxiliary information in data privacy. in Proceedings of the ACM Conference on Knowledge Discovery and Data Mining (KDD’08). 9.Google ScholarGoogle Scholar
  12. [12] Hozo S. P., Djulbegovic B., and Hozo I.. 2005. Estimating the mean and variance from the median, range, and the size of a sample. BMC Med. Res. Methodol. 5, 1 (2005).Google ScholarGoogle ScholarCross RefCross Ref
  13. [13] Lee J. and Clifton C.. 2011. How much is enough? choosing \( \epsilon \) for differential privacy. In Information Security.Google ScholarGoogle Scholar
  14. [14] Li N., Li T., and Venkatasubramanian S.. 2007. t-Closeness: Privacy beyond k-anonymity and l-diversity. In Proceedings of the IEEE International Conference on Data Engineering (ICDE’07).Google ScholarGoogle ScholarCross RefCross Ref
  15. [15] Machanavajjhala A., Kifer D., Gehrke J., and Venkitasubramaniam M.. 2007. L-diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data 1, 1, Article 3 (2007).Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. [16] Michalewicz Zbigniew and Chen Keh-Wei. 1989. Ranges and Trackers in Statistical Databases. Springer, Berlin, 193206. Google ScholarGoogle ScholarCross RefCross Ref
  17. [17] Samarati P.. 2001. Protecting respondents identities in microdata release. IEEE Trans. Knowl. Data Eng. 13, 6 (2001), 10101027. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. [18] Sarwate A. D. and Chaudhuri K.. 2013. Signal processing and machine learning with differential privacy: Algorithms and challenges for continuous data. IEEE Sign. Process. Mag. 30, 5 (2013). Google ScholarGoogle ScholarCross RefCross Ref
  19. [19] Schwartz M. D., Denning D. E., and Denning P. J.. 1979. Linear queries in statistical databases. ACM Trans. Database Syst. 4, 2 (June 1979), 156167. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. [20] Sweeney L.. 2002. K-anonymity: A model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 10, 5 (2002), 14.Google ScholarGoogle Scholar
  21. [21] Uppoor S., Naboulsi D., and Fiore M.. 2011. Vehicular Mobility Trace of the City of Cologne, Germany. Retrieved from http://kolntrace.project.citi-lab.fr/.Google ScholarGoogle Scholar
  22. [22] Uppoor S., Trullols-Cruces O., Fiore M., and Barcelo-Ordinas J. M.. 2014. Generation and analysis of a large-scale urban vehicular mobility dataset. IEEE Trans. Mobile Comput. 13, 5 (2014), 10611075.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. [23] Venkatadri G., Andreou A., Liu Y., Mislove A., Gummadi K. P., Loiseau P., and Goga O.. 2018. Privacy risks with facebook’s PII-based targeting: Auditing a data brokers advertising interface. In Proceedings of the IEEE Symposium on Security and Privacy.Google ScholarGoogle ScholarCross RefCross Ref
  24. [24] Zhu T., Li G., Zhou W., and Yu P. S.. 2017. Differential Privacy and Applications. Springer.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Privacy Analysis of Query-Set-Size Control

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM Transactions on Privacy and Security
            ACM Transactions on Privacy and Security  Volume 25, Issue 4
            November 2022
            330 pages
            ISSN:2471-2566
            EISSN:2471-2574
            DOI:10.1145/3544004
            Issue’s Table of Contents

            Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 9 July 2022
            • Online AM: 2 May 2022
            • Accepted: 1 April 2022
            • Revised: 1 February 2022
            • Received: 1 April 2021
            Published in tops Volume 25, Issue 4

            Permissions

            Request permissions about this article.

            Request Permissions

            Check for updates

            Qualifiers

            • research-article
            • Refereed
          • Article Metrics

            • Downloads (Last 12 months)224
            • Downloads (Last 6 weeks)6

            Other Metrics

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader

          Full Text

          View this article in Full Text.

          View Full Text

          HTML Format

          View this article in HTML Format .

          View HTML Format
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!