Visible to the public Commoner Privacy And A Study On Network Traces

TitleCommoner Privacy And A Study On Network Traces
Publication TypeConference Paper
Year of Publication2017
AuthorsDeng, Xiyue, Mirkovic, Jelena
Conference NameProceedings of the 33rd Annual Computer Security Applications Conference
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5345-8
KeywordsCollaboration, compositionality, Data Sanitization, data sharing, Human Behavior, human factors, network traces, policy, privacy, pubcrawl, Resiliency
AbstractDifferential privacy has emerged as a promising mechanism for privacy-safe data mining. One popular differential privacy mechanism allows researchers to pose queries over a dataset, and adds random noise to all output points to protect privacy. While differential privacy produces useful data in many scenarios, added noise may jeopardize utility for queries posed over small populations or over long-tailed datasets. Gehrke et al. proposed crowd-blending privacy, with random noise added only to those output points where fewer than k individuals (a configurable parameter) contribute to the point in the same manner. This approach has a lower privacy guarantee, but preserves more research utility than differential privacy. We propose an even more liberal privacy goal--commoner privacy--which fuzzes (omits, aggregates or adds noise to) only those output points where an individual's contribution to this point is an outlier. By hiding outliers, our mechanism hides the presence or absence of an individual in a dataset. We propose one mechanism that achieves commoner privacy--interactive k-anonymity. We also discuss query composition and show how we can guarantee privacy via either a pre-sampling step or via query introspection. We implement interactive k-anonymity and query introspection in a system called Patrol for network trace processing. Our evaluation shows that commoner privacy prevents common attacks while preserving orders of magnitude higher research utility than differential privacy, and at least 9-49 times the utility of crowd-blending privacy.
URLhttp://doi.acm.org/10.1145/3134600.3134602
DOI10.1145/3134600.3134602
Citation Keydeng_commoner_2017