kb anonymity a model for anonymized
play

kb -Anonymity: A Model for Anonymized kb Behavior-Preserving Test - PowerPoint PPT Presentation

Jul 12, 2023 •146 likes •450 views

kb -Anonymity: A Model for Anonymized kb Behavior-Preserving Test and Debugging Data Where is the Privacy best place to Preservation Aditya Budi, David Lo, Lingxiao Jiang, Lucia stay? Behavior Preservation Software Testing & Debugging

  1. kb -Anonymity: A Model for Anonymized kb Behavior-Preserving Test and Debugging Data Where is the Privacy best place to Preservation Aditya Budi, David Lo, Lingxiao Jiang, Lucia stay? Behavior Preservation

  2. Software Testing & Debugging  Programs may fail  In-house during development process  Post-deployment in user fields Testing & Debugging PLDI, San Jose Convention Center, June 7th, 2011 2 kb -Anonymity

  3. Where Come I nputs for Testing & Debugging?  In-house generation PLDI, San Jose Convention Center, June 7th, 2011 3 kb -Anonymity

  4. Where Come I nputs for Testing & Debugging?  From clients PLDI, San Jose Convention Center, June 7th, 2011 4 kb -Anonymity

  5. However, Privacy!  From clients Privacy Concerns! PLDI, San Jose Convention Center, June 7th, 2011 5 kb -Anonymity

  6. Sample Privacy Leak  Linking attack Patient Records (private) Voter Registration List (public) Gender Zipcode DOB Disease Name DOB Gender Zipcode Male 95110 6/7/72 Heart Disease Bob 6/7/72 Male 95110 Female 95110 1/31/80 Hepatitis Beth 1/31/80 Female 95110 … … … … … … … … Bob has heart disease PLDI, San Jose Convention Center, June 7th, 2011 6 kb -Anonymity

  7. Sample Privacy Leak  Linking attack Quasi-identifier fields Patient Records (private) Voter Registration List (public) Gender Zipcode DOB Disease Name DOB Gender Zipcode Male 95110 6/7/72 Heart Disease Bob 6/7/72 Male 95110 Female 95110 1/31/80 Hepatitis Beth 1/31/80 Female 95110 … … … … … … … … Bob has heart disease Gender Zipcode DOB Disease Male * * Heart Disease Female * * Hepatitis … … … … PLDI, San Jose Convention Center, June 7th, 2011 7 kb -Anonymity

  8. Data Anonymization  From clients Privacy Concerns! Anonymization Function PLDI, San Jose Convention Center, June 7th, 2011 8 kb -Anonymity

  9. Data Anonymization Questions  What to anonymize? Patient Records (private) Sex Sex Zipcode DOB Disease Zipcode Male 95110 6/7/72 Heart Disease DOB Female 95110 1/31/80 Hepatitis Disease … … … … PLDI, San Jose Convention Center, June 7th, 2011 9 kb -Anonymity

  10. Data Anonymization Questions  What to anonymize?  How to anonymize? Patient Records (private) Sex “Unknown” Sex Zipcode DOB Disease Zipcode Male 95110 6/7/72 Heart Disease Masking 95* * * , 1972 DOB Female 95110 1/31/80 Hepatitis CA, USA USA Generic San Jose Disease … … … … Random PLDI, San Jose Convention Center, June 7th, 2011 10 kb -Anonymity

  11. Data Anonymization Questions  What to anonymize?  How to anonymize?  How useful is the anonymized data for testing and debugging? Patient Records (private) Sex “Unknown” Sex Zipcode DOB Disease Zipcode Male 95110 6/7/72 Heart Disease Masking 95* * * , 1972 DOB Female 95110 1/31/80 Hepatitis CA, USA USA Generic San Jose Disease … … … … Random PLDI, San Jose Convention Center, June 7th, 2011 11 kb -Anonymity

  12. Our Solution  kb -Anonymity: A model that provides guidance on the anonymization questions  How to anonymize  Follow guidance provided by the k -anonymity privacy model  Each tuple has at least k-1 indistinguishable peers  Generate concrete values always  Remove indistinguishable tuples  How useful is the anonymized data  Preserve utility for testing and debugging  Each anonymized tuple exhibits certain kinds of behavior exhibited by original tuples PLDI, San Jose Convention Center, June 7th, 2011 12 kb -Anonymity

  13. kb -Anonymity kb  Behavior preservation PLDI, San Jose Convention Center, June 7th, 2011 13 kb -Anonymity

  14. kb -Anonymity kb  Privacy preservation Random PLDI, San Jose Convention Center, June 7th, 2011 14 kb -Anonymity

  15. kb -Anonymity kb  Behavior and Privacy preservation Privacy Preservation PLDI, San Jose Convention Center, June 7th, 2011 15 kb -Anonymity

  16. kb -Anonymity - Another View kb  Anonymization function (i.e., value replacement function) F : R  R Released Dataset Raw Dataset F t 1 =<f 1 ,…,f i ,…f n > t 2 =<f 1 ,…,f i ,…f n > r =<f 1 ,…,f i r ,…f n > t 1 …… t k =<f 1 ,…,f i ,…f n > • Each original tuple is mapped by F to at most one released tuple • At least k original tuples are mapped to the same released tuple PLDI, San Jose Convention Center, June 7th, 2011 16 kb -Anonymity

  17. kb -Anonymity I mplementation kb  Dynamic symbolic (a.k.a. concolic) execution with controlled constraint generation and solving PLDI, San Jose Convention Center, June 7th, 2011 17 kb -Anonymity

  18. kb -Anonymity I mplementation kb  Dynamic symbolic (a.k.a. concolic) execution with controlled constraint generation and solving PLDI, San Jose Convention Center, June 7th, 2011 18 kb -Anonymity

  19. kb -Anonymity I mplementation kb  Dynamic symbolic (a.k.a. concolic) execution with controlled constraint generation and solving PLDI, San Jose Convention Center, June 7th, 2011 19 kb -Anonymity

  20. kb -Anonymity I mplementation kb  Dynamic symbolic (a.k.a. concolic) execution with controlled constraint generation and solving PLDI, San Jose Convention Center, June 7th, 2011 20 kb -Anonymity

  21. Empirical Evaluation  On slices of open source programs  OpenHospital , iTrust , PDManager  From sourceforge  Modified to deal with integers only  Randomly generated test data for anonymization PLDI, San Jose Convention Center, June 7th, 2011 21 kb -Anonymity

  22. Empirical Evaluation - Utility 16 fields: first name, last name, age, gender, address, city, number of  siblings, telephone number, birth date, blood type, mother’s name, mother’s deceased status, father’s name, father’s deceased status, insurance status, and whether parents live together. PLDI, San Jose Convention Center, June 7th, 2011 22 kb -Anonymity

  23. Empirical Evaluation - Scalability  Running time is proportional to the size of the original data set, and almost constant per tuple. x-axis: different configurations; y-axis: running time in seconds; Different colors represent the sizes of different original data sets PLDI, San Jose Convention Center, June 7th, 2011 23 kb -Anonymity

  24. Limitations  Selection of quasi-identifiers  Reply on data owners to choose appropriate QIs  Assume each tuple is used independently from other tuples by a program  Data distortion  Do not maintain data statistics, and thus not suitable for data mining or epidemiological studies  Integer constraints only  May handle string constraints based on JPF+ jFuzz PLDI, San Jose Convention Center, June 7th, 2011 24 kb -Anonymity

  25. Future Work  Model Refinement Various definitions of behavior preservation  Various privacy models  Where is the best place to l-diversity stay? m-invariant t-closeness Input & output Statement coverage PLDI, San Jose Convention Center, June 7th, 2011 25 kb -Anonymity

  26. Related Work  On concolic execution S. Anand, C. Pasareanu, andW. Visser. JPF-SE: A symbolic execution  extenion to Java PathFinder . In TACAS, 2007. C. Cadar, D. Dunbar, and D. R. Engler. KLEE: Unassisted and automatic  generation of high-coverage tests for complex systems programs . In OSDI, pages 209–224, 2008. P. Godefroid, N. Klarlund, and K. Sen. DART: Directed automated  random testing . In PLDI, pages 213–223. ACM, 2005. K. Jayaraman, D. Harvison, V. Ganesh, and A. Kiezun. jFuzz: A concolic  tester for NASA Java . In NASA Formal Methods Workshop, 2009. K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine  for C . In FSE, pages 263–272, 2005. PLDI, San Jose Convention Center, June 7th, 2011 26 kb -Anonymity

  27. Related Work  On privacy-preserving testing & debugging Pete Broadwell, Matt Harren, and Naveen Sastry. Scrash: A system for  generating secure crash information . In USENIX Security 2003. Miguel Castro, Manuel Costa, and Jean-Philippe Martin. Better Bug  Reporting With Better Privacy . In ASPLOS 2008 James Clause and Alessandro Orso. Camouflage: Automated  Anonymization of Field Data . In ICSE 2011. Mark Grechanik, Christoph Csallner, Chen Fu, and Qing Xie. I s Data  Privacy Always Good For Software Testing? In ISSRE 2010. Rui Wang, Xiaofeng Wang, and Zhuowei Li. Panalyst: Privacy-aware  remote error analysis on commodity software . In USENIX Security 2008. PLDI, San Jose Convention Center, June 7th, 2011 27 kb -Anonymity

  28. Related Work  On privacy-preserving testing & debugging [ISSRE 2010] consider same statement coverage; focus on choosing better QIs, then use standard k -anonymity algorithm [USENIX Security 2008, ASPLOS 2008, ICSE 2011] consider path conditions; focus on anonymizing a single tuple These studies complement ours in cases when only a limited number of failed test inputs are considered. [USENIX Security 2003] focus on anonymizing a single tuple only PLDI, San Jose Convention Center, June 7th, 2011 28 kb -Anonymity

  29. Conclusion  kb -Anonymity: A model that guides data anonymization for software testing and debugging purposes. Where is the Privacy best place to Preservation stay? Behavior Preservation PLDI, San Jose Convention Center, June 7th, 2011 29 kb -Anonymity

  30. Thank you! Questions? { adityabudi, davidlo, lxjiang, lucia.2009} @smu.edu.sg

Recommend

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing

Cryptocurrency Technologies Bitcoin and Anonymity Bitcoin and Anonymity Anonymity Basics How to de-anonymize Bitcoin Mixing Decentralized Mixing Zerocoin and Zerocash Tor and the Silk Road Bitcoin and Anonymity

524 views • 39 slides
Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity,

Measures of Anonymity/Privacy: k-Anonymity, L-Diversity, t-Closeness CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 4 : 590.03 Fall 12 1

647 views • 61 slides
but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian

Not all is lost for anonymity but quite a lot is. Coordination among users can help with anonymity. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 ETH Zurich 1 Sender Anonymity

551 views • 44 slides
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity

Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how often, and how much data is

764 views • 54 slides
protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data

protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data

k-ANONYMITY: A model for protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data privacy Related background work k-anonymity model Possible attacks against k-Anonymity Weaknesses of

575 views • 28 slides
Social Processes, Information Flow, and Anonymized Network Data Jon Kleinberg Cornell University

Social Processes, Information Flow, and Anonymized Network Data Jon Kleinberg Cornell University

Social Processes, Information Flow, and Anonymized Network Data Jon Kleinberg Cornell University Including joint work with Lars Backstrom, Cynthia Dwork, and David Liben-Nowell Jon Kleinberg Social Processes and Anonymized Network Data

900 views • 65 slides
Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not

Anonymity Jiayi Fu What is Anonymity - Describe the situation in which someone's name is not given or known - Anonymity != Privacy != Security - Anonymity: they can see what you do, but not who you are - Privacy: they can see

379 views • 33 slides
Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487

Lecture 24 Anonymity and Privacy Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides based on Miller and Baileys ECE 422 Anonymity Anonymity: Concealing your identity In the context of the Internet, we

860 views • 61 slides
11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity

11-830 Computational Ethics for NLP Lecture 11: Privacy and Anonymity Privacy and Anonymity Being on-line without giving up everything about you Ensuring collected data doesnt reveal its users data Privacy in Structured Data:

766 views • 49 slides
Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008

Anonymity in Cryptocurrencies Foteini Baldimtsi Bitcoin Anonymity? Satoshi Nakamoto, 2008 Bitcoin is only pseudonymous Public Key Address 133GT5661q8RuSKrrv8q2Pb4RwS 146KL5461d8KuSPxvv8q2Nd6K2q Posted on the ... Blockchain Alice

821 views • 40 slides
Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti

Slicing the licing the Onion: Onion: Anonymity Without PKI Anonymity Without PKI Sachin Katti Dina Katabi &amp; Katya Puchala State of the art: Onio Onion Rout n Routing over P2P ing over P2P n Routing over P2P ing over P2P Bob Onion

705 views • 43 slides
Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh |

Applications for Measurement: Improving Anonymity Online Rishab Nithyanand | Rachee Singh | Shinyoung Cho | Phillipa Gill Stony Brook University 1 Anonymity on the Internet Tor Network 2 Anonymity on the Internet Does not know the source

261 views • 15 slides
Centrality Preservation in Anonymized Social Networks Traian Marius Truta 1 , Alina Campan 1 ,

Centrality Preservation in Anonymized Social Networks Traian Marius Truta 1 , Alina Campan 1 ,

Centrality Preservation in Anonymized Social Networks Traian Marius Truta 1 , Alina Campan 1 , Ashley Gasmi 2 , Nicholas Cooper 1 , Andrew Elstun 1 1 Northern Kentucky University, USA 2 ENSICAEN, France Content of the Talk Introduction

772 views • 53 slides
Mixtasy: Remailing on Existing Infrastructure Anonymized Email Communication Easily Deployable

Mixtasy: Remailing on Existing Infrastructure Anonymized Email Communication Easily Deployable

Mixtasy: Remailing on Existing Infrastructure Anonymized Email Communication Easily Deployable Using SMTP &amp; OpenPGP Masters thesis presentation @Young Researchers Day 2016 St Johann im Pongau (11.10.2016) by Johannes Burk 1st

220 views • 19 slides
Identity and Identity and anonymity anonymity Engineering &amp; Public Policy Lorrie Faith

Identity and Identity and anonymity anonymity Engineering &amp; Public Policy Lorrie Faith

CyLab Identity and Identity and anonymity anonymity Engineering &amp; Public Policy Lorrie Faith Cranor October 29, 2013 y &amp; c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 / 19-608 / 95-818:

467 views • 46 slides
Distributed Verification of Mixing - Local Anonymity Forking Proofs Model mixing applications

Distributed Verification of Mixing - Local Anonymity Forking Proofs Model mixing applications

Local Forking Proofs Cicho n, Klonowski, Kutyowski Distributed Verification of Mixing - Local Anonymity Forking Proofs Model mixing applications Building blocks de- &amp; re-encryption proofs of knowledge Jacek Cicho n, Marek

832 views • 46 slides
for anonymity, but quite a lot is. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket

for anonymity, but quite a lot is. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket

Anonymity Trilemma not all is lost for anonymity, but quite a lot is. Debajyoti Das 1 Sebastian Meiser 2 Esfandiar Mohammadi 3 Aniket Kate 1 1 Purdue University 2 Visa Research 3 Universitaet zu Luebeck Anonymous Communication (AC) Networks

449 views • 21 slides
Free Software, Free Internet, Anonymity &amp; Tor Andrew Lewman andrew@torproject.org 24 Feb

Free Software, Free Internet, Anonymity &amp; Tor Andrew Lewman andrew@torproject.org 24 Feb

Free Software, Free Internet, Anonymity &amp; Tor Andrew Lewman andrew@torproject.org 24 Feb 2011 What is anonymity? Anonymity isnt cryptography Cryptography protects the contents in transit You still know who is talking to whom, how

926 views • 51 slides
Wherefore Art Thou R3579X? Anonymized Social Networks, Hidden Patterns, and Structural Stenography

Wherefore Art Thou R3579X? Anonymized Social Networks, Hidden Patterns, and Structural Stenography

Wherefore Art Thou R3579X? Anonymized Social Networks, Hidden Patterns, and Structural Stenography A social network occurs anywhere there is social interaction between people. Examples include Email, instant messaging, Facebook, blogging

635 views • 25 slides
Visual analysis of anonymized location and movement data Supervisor: Prof. Dr.-Ing. Georg Carle

Visual analysis of anonymized location and movement data Supervisor: Prof. Dr.-Ing. Georg Carle

Network Architectures and Services, Georg Carle Faculty of Informatics Technische Universitt Mnchen, Germany Bachelor Thesis Visual analysis of anonymized location and movement data Supervisor: Prof. Dr.-Ing. Georg Carle Advisor:

453 views • 28 slides
Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys Rolf Haenni and Oliver

Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys Rolf Haenni and Oliver

Secure Internet Voting on Limited Devices with Anonymized DSA Public Keys Rolf Haenni and Oliver Spycher Bern University of Applied Sciences, Switzerland http://e-voting.bfh.ch EVT/WOTE11, San Francisco August 9th, 2011 1 Outline

550 views • 23 slides
Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March

Anonymity with Identity Escrow Aybek Mukhamedov and Mark Ryan The University of Birmingham March 30, 2006 Outline Anonymity 1 Anonymity with identity escrow 2 Marshall and Molina-Jiminez protocol 3 Our protocol 4 Verification in

567 views • 20 slides
Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter &amp; Aviel D. Rubin of

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter &amp; Aviel D. Rubin of

Crowds: Anonymity for Web Transactions Paper by: Michael K. Reiter &amp; Aviel D. Rubin of AT&amp;T Labs (August, 1997) Presenter: Craig Bergstrom Overview The Problem At Hand How Crowds Works Levels and Types of Anonymity &amp;

326 views • 19 slides

More recommend