Related papers: Measuring Re-identification Risk

Measuring Re-identification Risk

URL: http://arxiv.org/abs/2304.07210v2
Date: Mon, 31 Jul 2023 17:35:57 GMT
Title: Measuring Re-identification Risk
Authors: CJ Carey, Travis Dick, Alessandro Epasto, Adel Javanmard, Josh Karlin, Shankar Kumar, Andres Munoz Medina, Vahab Mirrokni, Gabriel Henrique Nunes, Sergei Vassilvitskii, Peilin Zhong
Abstract summary: We present a new theoretical framework to measure re-identification risk in compact user representations. Our framework formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. We show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising.
Score: 72.6715574626418
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.

Related papers

A Human-Centered Risk Evaluation of Biometric Systems Using Conjoint Analysis [0.6199770411242359]
This paper presents a novel human-centered risk evaluation framework using conjoint analysis to quantify the impact of risk factors, such as surveillance cameras, on attacker's motivation. Our framework calculates risk values incorporating the False Acceptance Rate (FAR) and attack probability, allowing comprehensive comparisons across use cases.
arXiv Detail & Related papers (2024-09-17T14:18:21Z)
"Glue pizza and eat rocks" -- Exploiting Vulnerabilities in Retrieval-Augmented Generative Models [74.05368440735468]
Retrieval-Augmented Generative (RAG) models enhance Large Language Models (LLMs) In this paper, we demonstrate a security threat where adversaries can exploit the openness of these knowledge bases.
arXiv Detail & Related papers (2024-06-26T05:36:23Z)
PRAT: PRofiling Adversarial aTtacks [52.693011665938734]
We introduce a novel problem of PRofiling Adversarial aTtacks (PRAT) Given an adversarial example, the objective of PRAT is to identify the attack used to generate it. We use AID to devise a novel framework for the PRAT objective.
arXiv Detail & Related papers (2023-09-20T07:42:51Z)
On the Robustness of Topics API to a Re-Identification Attack [6.157783777246449]
Google proposed the Topics API framework as a privacy-friendly alternative for behavioural advertising. This paper evaluates the robustness of the Topics API to a re-identification attack. We find that the Topics API mitigates but cannot prevent re-identification to take place, as there is a sizeable chance that a user's profile is unique within a website's audience.
arXiv Detail & Related papers (2023-06-08T10:53:48Z)
Explainable Abuse Detection as Intent Classification and Slot Filling [66.80201541759409]
We introduce the concept of policy-aware abuse detection, abandoning the unrealistic expectation that systems can reliably learn which phenomena constitute abuse from inspecting the data alone. We show how architectures for intent classification and slot filling can be used for abuse detection, while providing a rationale for model decisions.
arXiv Detail & Related papers (2022-10-06T03:33:30Z)
A Unified Evaluation of Textual Backdoor Learning: Frameworks and Benchmarks [72.7373468905418]
We develop an open-source toolkit OpenBackdoor to foster the implementations and evaluations of textual backdoor learning. We also propose CUBE, a simple yet strong clustering-based defense baseline.
arXiv Detail & Related papers (2022-06-17T02:29:23Z)
Assessing the risk of re-identification arising from an attack on anonymised data [0.24466725954625884]
We calculate the risk of re-identification arising from a malicious attack to an anonymised dataset. We present an analytical means of estimating the probability of re-identification of a single patient in a k-anonymised dataset. We generalize this solution to obtain the probability of multiple patients being re-identified.
arXiv Detail & Related papers (2022-03-31T09:47:05Z)
A Principled Design of Image Representation: Towards Forensic Tasks [75.40968680537544]
We investigate the forensic-oriented image representation as a distinct problem, from the perspectives of theory, implementation, and application. At the theoretical level, we propose a new representation framework for forensics, called Dense Invariant Representation (DIR), which is characterized by stable description with mathematical guarantees. We demonstrate the above arguments on the dense-domain pattern detection and matching experiments, providing comparison results with state-of-the-art descriptors.
arXiv Detail & Related papers (2022-03-02T07:46:52Z)
Towards Practical Implementations of Person Re-Identification from Full Video Frames [1.3439502310822151]
We argue that the current way of studying person re-identification, i.e. by trying to re-identify a person within already detected and pre-cropped images, is not sufficient to implement practical security applications. To support this claim, we introduce the Full Frame Person Re-ID setting (FF-PRID) and define specific metrics to evaluate FF-PRID implementations.
arXiv Detail & Related papers (2020-09-02T22:53:46Z)

This list is automatically generated from the titles and abstracts of the papers in this site.