DisPA: An Intelligent Agent for Private Web Search

Search queries can be used to infer preferences and interests of users. While search engines use this information for, among others, targeted advertising and personalization, these tasks can violate user’s privacy. In 2006, after AOL disclosed the search queries of 650,000 users and some of them were re-identified, many Privacy Enhancement Technologies (PETs) have sought to solve this problem. The Dissociating Privacy Agent (DisPA), is a browser extension that acts as a proxy between the user and the search engine and semantically dissociates queries on real time. We show that DisPA increases the privacy of the user and hinders re-identification. We also propose an algorithm to measure and evaluate the privacy properties offered by DisPA.

[1]  Kaoru Kurosawa,et al.  Oblivious keyword search , 2004, J. Complex..

[2]  Helen Nissenbaum,et al.  An Analysis of Google Logs Retention Policies , 2011, J. Priv. Confidentiality.

[3]  Ravi Kumar,et al.  "I know what you did last summer": query logs and user privacy , 2007, CIKM '07.

[4]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[5]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[6]  Jordi Forné,et al.  Optimized Query Forgery for Private Information Retrieval , 2010, IEEE Transactions on Information Theory.

[7]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[8]  George Danezis,et al.  Towards an Information Theoretic Metric for Anonymity , 2002, Privacy Enhancing Technologies.

[9]  Vicenç Torra,et al.  A self-adaptive classification for the dissociating privacy agent , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[10]  Carmela Troncoso,et al.  OB-PWS: Obfuscation-Based Private Web Search , 2012, 2012 IEEE Symposium on Security and Privacy.

[11]  Wouter Joosen,et al.  PriVaricator: Deceiving Fingerprinters with Little White Lies , 2015, WWW.

[12]  Montserrat Batet,et al.  Utility preserving query log anonymization via semantic microaggregation , 2013, Inf. Sci..

[13]  Wanlei Zhou,et al.  Efficient Web Browsing with Perfect Anonymity Using Page Prefetching , 2010, ICA3PP.

[14]  Helen Nissenbaum,et al.  Trackmenot: Resisting Surveillance in Web Search , 2015 .

[15]  Josep Domingo-Ferrer,et al.  User-private information retrieval based on a peer-to-peer community , 2009, Data Knowl. Eng..

[16]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[17]  Frank Piessens,et al.  FPDetective: dusting the web for fingerprinters , 2013, CCS.

[18]  Fabio Gasparetti,et al.  Personalized Search on the World Wide Web , 2007, The Adaptive Web.

[19]  Xiaokui Xiao,et al.  Obfuscating the Topical Intention in Enterprise Text Search , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[20]  Tsvi Kuflik,et al.  PRAW - A PRivAcy model for the Web , 2005, J. Assoc. Inf. Sci. Technol..

[21]  Avi Arampatzis,et al.  A query scrambler for search privacy on the internet , 2012, Information Retrieval.

[22]  Sadaaki Miyamoto,et al.  Different sequential clustering algorithms and sequential regression models , 2009, 2009 IEEE International Conference on Fuzzy Systems.

[23]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[24]  Vicenç Torra,et al.  Toward a Privacy Agent for Information Retrieval , 2013, Int. J. Intell. Syst..

[25]  Paul Ohm Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization , 2009 .

[26]  David Sánchez,et al.  Providing useful and private Web search by means of social network profiling , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[27]  Balachander Krishnamurthy,et al.  Measuring personalization of web search , 2013, WWW.

[28]  Chris Clifton,et al.  Plausibly Deniable Search , 2008 .

[29]  Hao Chen,et al.  Noise Injection for Search Privacy Protection , 2009, 2009 International Conference on Computational Science and Engineering.

[30]  Nitesh Saxena,et al.  On the Privacy of Web Search Based on Query Obfuscation: A Case Study of TrackMeNot , 2010, Privacy Enhancing Technologies.

[31]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[32]  Josep Domingo-Ferrer,et al.  H(k)-private Information Retrieval from Privacy-uncooperative Queryable Databases.">h(k)-private Information Retrieval from Privacy-uncooperative Queryable Databases , 2009, Online Inf. Rev..

[33]  Massimo Barbaro,et al.  A Face Is Exposed for AOL Searcher No , 2006 .

[34]  Qiang Yang,et al.  PQC: personalized query classification , 2009, CIKM.

[35]  David Sánchez,et al.  Knowledge-based scheme to create privacy-preserving but semantically-related queries for web search engines , 2013, Inf. Sci..

[36]  Jordi Castellà-Roca,et al.  Using Search Results to Microaggregate Query Logs Semantically , 2013, DPM/SETOP.

[37]  José Antonio Estrada,et al.  Medición de la privacidad de perfiles de usuario mediante un add-on de navegador , 2013 .

[38]  Susan Gauch,et al.  Personalizing Search Based on User Search Histories , 2004 .

[39]  Susan T. Dumais,et al.  Personalizing Search via Automated Analysis of Interests and Activities , 2005, SIGIR.