Privacy Against Brute-Force Inference Attacks

Privacy-preserving data release is about disclosing information about useful data while retaining the privacy of sensitive data. Assuming that the sensitive data is threatened by a brute-force adversary, we define Guessing Leakage as a measure of privacy, based on the concept of guessing. After investigating the properties of this measure, we derive the optimal utility-privacy trade-off via a linear program with any f-information adopted as the utility measure, and show that the optimal utility is a concave and piece-wise linear function of the privacy-leakage budget.

[1]  Flávio du Pin Calmon,et al.  Privacy against statistical inference , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[2]  Lujo Bauer,et al.  Guess Again (and Again and Again): Measuring Password Strength by Simulating Password-Cracking Algorithms , 2012, 2012 IEEE Symposium on Security and Privacy.

[3]  A. Robert Calderbank,et al.  Quantifying computational security subject to source constraints, guesswork and inscrutability , 2015, 2015 IEEE International Symposium on Information Theory (ISIT).

[4]  Rajesh Sundaresan,et al.  Guessing Revisited: A Large Deviations Approach , 2010, IEEE Transactions on Information Theory.

[5]  Abbas El Gamal,et al.  Network Information Theory , 2021, 2021 IEEE 3rd International Conference on Advanced Trends in Information Theory (ATIT).

[6]  Blase Ur,et al.  Measuring Real-World Accuracies and Biases in Modeling Password Guessability , 2015, USENIX Security Symposium.

[7]  B. Jansen,et al.  Sensitivity analysis in linear programming: just be careful! , 1997 .

[8]  J. Massey Guessing and entropy , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[9]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[10]  Joseph K. Liu,et al.  Security Concerns in Popular Cloud Storage Services , 2013, IEEE Pervasive Computing.

[11]  E. Arıkan An inequality on guessing and its application to sequential decoding , 1995, Proceedings of 1995 IEEE International Symposium on Information Theory.

[12]  Rayid Ghani,et al.  Maximizing Privacy under Data Distortion Constraints in Noise Perturbation Methods , 2008, PinKDD.

[13]  Deniz Gündüz,et al.  Optimal Utility-Privacy Trade-off with the Total Variation Distance as the Privacy Measure , 2018, ArXiv.

[14]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[15]  Ken R. Duffy,et al.  Multi-User Guesswork and Brute Force Security , 2015, IEEE Transactions on Information Theory.

[16]  Muriel Médard,et al.  From the Information Bottleneck to the Privacy Funnel , 2014, 2014 IEEE Information Theory Workshop (ITW 2014).

[17]  Ye Wang,et al.  Privacy-Utility Tradeoffs under Constrained Data Release Mechanisms , 2017, ArXiv.

[18]  Muriel Médard,et al.  Guessing with limited memory , 2017, 2017 IEEE International Symposium on Information Theory (ISIT).

[19]  Oliver Kosut,et al.  A Tunable Measure for Information Leakage , 2018, 2018 IEEE International Symposium on Information Theory (ISIT).

[20]  Neri Merhav,et al.  The Shannon cipher system with a guessing wiretapper , 1999, IEEE Trans. Inf. Theory.

[21]  Fady Alajaji,et al.  Estimation Efficiency Under Privacy Constraints , 2017, IEEE Transactions on Information Theory.