privacy preserving wi fi analytics
play

Privacy-preserving Wi-Fi Analytics Barcelona, Spain PETS 2018 - PowerPoint PPT Presentation

Aug 08, 2023 •411 likes •691 views

Privacy-preserving Wi-Fi Analytics Barcelona, Spain PETS 2018 Mathieu Cunche Sbastien Gambs Mohammad Alaggan Antidot, France (Work done while at Inria Lyon, France) Univ Lyon, Inria, France Universit du Qubec

  1. Privacy-preserving Wi-Fi Analytics Barcelona, Spain PETS 2018 Mathieu Cunche † Sébastien Gambs ‡ Mohammad Alaggan ⋆ ⋆ Antidot, France (Work done while at Inria Lyon, France) † Univ Lyon, Inria, France ‡ Université du Québec à Montréal, Canada mohammad.nabil.h@gmail.com July 25, 2018 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 1

  2. Context Context Our Approach Background Pan-private BLIP and Cardinality Set Operations Experimental Results Conclusion Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 2

  3. Context Wi-Fi devices as personal beacons ◮ Wi-Fi enabled devices broadcast a unique ID: the MAC address ◮ Connected: in Data, Management and Control Frames ◮ Disconnected: in probe-requests (Management) Frames Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 2

  4. Context Physical Analytics ◮ Objective : Measure and analyse human activity through Wi-Fi ◮ One MAC address = One person ◮ Examples of analystics tasks : ◮ Number of visitors ◮ Duration/frequency of visits ◮ Most popular paths between different locations ◮ . . . source : Libelium Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 3

  5. Context Current industrial practices for protecting privacy are not good enough ◮ Most of the companies rely on hashing to prevent the re-identification of the MAC address ◮ Hashes can be reversed in minutes using brute-force attack [DCL’14] [DCL’14] L. Demir, M. Cunche, and C. Lauradoux. Analysing the privacy policies of Wi-Fi trackers , WPA’14 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 4

  6. Our Approach Context Our Approach Background Pan-private BLIP and Cardinality Set Operations Experimental Results Conclusion Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 5

  7. Our Approach Threat model (Pan-Privacy [DNPRY’10]) ◮ Attacker: internal actor (data collector) or external intruder ◮ Resource to protect: internal state of the system and the final output ◮ Protection must be done on-the-fly, as each MAC address is observed C. Dwork, M. Naor, T. Pitassi, G. N. Rothblum, and S. Yekhanin. Pan-Private Streaming Algorithms . ICS’10 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 5

  8. Our Approach Pan-Privacy Pan Privacy (informal and simplified) [DNPRY’10] An algorithm is ε -differentially pan-private if the distribution of both : ◮ The internal state of the algorithm ◮ The final output does not differ too much (depending on ε ) if one MAC address was added ◮ Intention: from the internal state of the system and the output, the adversary cannot distinguish whether or not the MAC address of the user is present in the encoded set [DNPRY’10] C. Dwork, M. Naor, T. Pitassi, G. N. Rothblum, and S. Yekhanin. Pan-Private Streaming Algorithms. ICS’10 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 6

  9. Our Approach Approach Observation Many mobility analytics can be based upon a primitive: Cardinality Set Operations (Also known as Count-Distinct Queries ) between different locations at different times Example (Mobility Analytics) Temporal Spatial Set Operation Number of visitors Cardinality Number of visitors Union � Amout of time they spend � Intersection Frequency of their visits Intersection � Their movement trajectories Intersection � � Most frequently taken path � � Intersection Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 7

  10. Our Approach Our Approach ◮ Key idea : design a privacy-preserving data structure for computing the Cardinality Set Operations while protecting the privacy of individual users ◮ Agnostic to data source ( not limited to Wi-Fi ) ◮ Cellular-based mobility analytics (Call-Detail-Records) 1 ◮ Web analytics ◮ Any system with unique identifiers. . . ◮ Designed data structure : based on Bloom filters that are perturbed to ensure differential privacy and built on the fly to ensure pan-privacy . ◮ Non-interactive : create the data structures first, specify the mobility analytics to compute later ◮ Decentralized : No need to coordinate between sensors 1 [AGMT’15] Alaggan M., Gambs S., Matwin S., Tuhin M., Sanitization of Call Detail Records via Differentially-Private Bloom Filters . DBSec 2015 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 8

  11. Background Context Our Approach Background Pan-private BLIP and Cardinality Set Operations Experimental Results Conclusion Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 9

  12. Background Bloom Filters [Bloom 1970] ◮ Sets can be represented as Bloom filters ◮ Two operations: insert and contains ◮ Highly efficient in space and time ◮ Small probability of false positives, no false negatives ◮ Can add but cannot remove elements ◮ Not private: can be exhaustively queried Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 9

  13. Background BLIP [AGK 12] ◮ Bloom Filter with Differential Privacy guarantees ◮ BLIP = BLoom-then-flIP ◮ Step 1 : Represent a set of identifiers as a Bloom filter ◮ Step 2 : flip each bit indepdendently and identically at random with probability p < 0 . 5. ◮ Estimator for distinct number of stored identifiers [BFG’14] [BFG’14] Balu R., Furon T., Gambs S., Challenging differential privacy: the case of non-interactive mechanisms . In ESORICS 2014 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 10

  14. Pan-private BLIP and Cardinality Set Operations Context Our Approach Background Pan-private BLIP and Cardinality Set Operations Experimental Results Conclusion Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 11

  15. Pan-private BLIP and Cardinality Set Operations Pan-Private BLIPs ◮ Choose two Bernoulli distributions, D 0 � = D 1 , according to ε Pan-Private BLIP: Initialize ◮ Initialize all bits randomly from D 0 Pan-Private BLIP: Add element x ◮ Set bits h 1 ( x ) , h 2 ( x ) , . . . , h k ( x ) randomly from D 1 Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 11

  16. Pan-private BLIP and Cardinality Set Operations Distinct-Count Queries for n BLIPs Example (1/2) : Plain (unflipped) Bloom filters ◮ Given two unflipped Bloom filters of size m ◮ Add them component-wise (over the integers) ◮ Tally the components ◮ Intersection ≈ 4 (number of components of count 2) ◮ Union ≈ 9 (number of components of count ≥ 1) Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 12

  17. Pan-private BLIP and Cardinality Set Operations Distinct-Count Queries for n BLIPs Example (2/2) : Pan-Private BLILPs ◮ Given two flipped Bloom filters of size m ◮ Add them component-wise (over the integers) ◮ Tally the components ◮ Estimate the unflipped tally [ACM 17] Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 13

  18. Pan-private BLIP and Cardinality Set Operations Distinct-Count Queries for n BLIPs The general case: Symmetric Counts (t-out-n counts) Number of elements belonging to exactly t sets out of n ◮ Can estimate any count from several symmetric counts Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 14

  19. Experimental Results Context Our Approach Background Pan-private BLIP and Cardinality Set Operations Experimental Results Conclusion Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 15

  20. Experimental Results Temporal Patterns ◮ Wi-Fi Dataset provided by CISCO of a large European city ◮ 1.4 million devices, 91 days ◮ Evaluation using BLIPs, 1 BLIP per day Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 15

  21. Experimental Results Spatial Patterns ◮ Top-10 origin-destination pair ◮ F1 score is 1 when two sets are identical and 0 if they share no elements at all Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 16

  22. Experimental Results Temporal patterns (World cup dataset) ◮ HTTP request dataset for the FIFA World Cup 1998 website. ◮ 2.8 million unique IPs, 88 days. ◮ Evaluation using BLIPs, 1 BLIP per day ( ǫ = 3; m = 2 18 ) ◮ Estimating the intersection of a rolling window of 30 days Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 17

  23. Experimental Results Managing the privacy budget ◮ Fundamental issue of a privacy budget : the more a user appears in several BLIPs, the more his privacy budget is impacted ⇒ increase of risk of re-identification for a user. ◮ In practice, more than 90% of users do not appear in more than 6 BLIPs in the CISCO dataset ◮ How to mitigate the impact : ◮ Could change spatial or temporal granularity (make it more coarse) ◮ Regular change of hash functions (prevent inferences between BLIPs based on different hash functions) – not a silver bullet Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 18

  24. Conclusion Context Our Approach Background Pan-private BLIP and Cardinality Set Operations Experimental Results Conclusion Alaggan, Cunche, Gambs Privacy-preserving Wi-Fi Analytics July 25, 2018 19

Recommend

PrivApprox Privacy-Preserving Stream Analytics https://privapprox.github.io Do Le

PrivApprox Privacy-Preserving Stream Analytics https://privapprox.github.io Do Le

PrivApprox Privacy-Preserving Stream Analytics https://privapprox.github.io Do Le Quoc, Martin Beck, Pramod Bhatotia, Ruichuan Chen, Christof Fetzer, Thorsten Strufe July 2017 Motivation Clients Analysts

1.56k views • 112 slides
LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships Changchang Liu, Prateek

LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships Changchang Liu, Prateek

Outline Introduction LinkMirage Conclusion LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships Changchang Liu, Prateek Mittal Email: cl12@princeton.edu, pmittal@princeton.edu Princeton University February 23, 2016 1 /

917 views • 42 slides
Sharemind - practical privacy- preserving analytics Sander Siim Cybernetica AS

Sharemind - practical privacy- preserving analytics Sander Siim Cybernetica AS

Sharemind - practical privacy- preserving analytics Sander Siim Cybernetica AS sander.siim@cyber.ee About Sharemind Sharemind uses MPC to analyse data that was not accessible before. Sharemind resolves trust issues by removing

938 views • 49 slides
Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU Leuven - COSIC 20 November 2012 Privacy Preserving Protocols Introduction Cryptography in Daily Life RFID Privacy

1.04k views • 60 slides
Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro University College London (UCL) https://emilianodc.com Privacy-preserving what ? Parties with limited mutual trust willing or required to share

1.1k views • 66 slides
New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of California, San Diego Sensitive Data Medical Records Genetic Data Search Logs AOL Violates Privacy AOL Violates Privacy Netflix Violates Privacy [NS08]

957 views • 92 slides
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore PETS 2017 Privacy-Preserving Computation with Trusted

477 views • 34 slides
Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No privacy breaches! Public Data Anonymization Data representation? Privacy breach? Value of data? Data publisher Privacy Analyst Work by: Elena

80 views • 3 slides
Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes Ben-Gurion University, Israel This talk presents joint work with Boris Rozenberg Talk Outline Motivation for Privacy-Preserving Distributed Data

1.48k views • 68 slides
Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong CS573 Data Privacy and Anonymity Partial slides credit: W. Du, Syracuse University, Y. Gao, Peking University Privacy Preserving Data Mining

659 views • 39 slides
Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My experience with biometrics and privacy Academic background on privacy Gradiants goal: transfer of knowledge to industry We bring state of

193 views • 6 slides
Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption With good encryption, data values not readable So whats the problem? Lecture 17 Page 1 CS 236 Online Traffic Analysis

532 views • 21 slides
On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph

On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph

On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph Geumlek,* Max Welling, + Kamalika Chaudhuri* + University of Amsterdam *University of California, San Diego Overview Bayesian Privacy-preserving

878 views • 75 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining &amp; Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining &amp; Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining &amp; Information Privacy: New Problems and the Search for Solutions March 15 th , 2004 Tal Zarsky The Information Society Project, Yale Law School Introduction: Various

273 views • 25 slides
Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath, Karl-Peter Fuchs, Dominik Herrmann , Christopher Piosecny University of Hamburg (Germany) 1 Agenda Missing Privacy in DNS Characteristics of DNS Traffic

559 views • 24 slides
Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex

Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex

Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex Biryukov, Dmitry Khovratovich, Sergei Tikhomirov Conclusion and future work

828 views • 20 slides
P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

P 4 PCN: Privacy-Preserving Path Probing for Ruozhou Yu , Yinxin Wan, Vishnu Teja Kilari, Guoliang Xue, Jian Tang, Dejun Yang Payment Channel Networks P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

197 views • 5 slides
Privacy-Preserving Publish/Subscribe: Efficient Protocols in a

Privacy-Preserving Publish/Subscribe: Efficient Protocols in a

Privacy-Preserving Publish/Subscribe: Efficient Protocols in a Distributed Model Giovanni Di Crescenzo 1 Brian Coan 1 John Schultz 3 Simon Tsang 1 Rebecca N.

338 views • 14 slides
DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM International Workshop on Data Privacy Management 2013 Georg Neugebauer 1 , Lucas Brutschy 1 , Ulrike Meyer 1 and Susanne Wetzel 2 UMIC LuFG IT-Security,

212 views • 17 slides
Privacy-Preserving Statistical Data Analysis on Federated Databases Dan Bogdanov Liina Kamm

Privacy-Preserving Statistical Data Analysis on Federated Databases Dan Bogdanov Liina Kamm

Privacy-Preserving Statistical Data Analysis on Federated Databases Dan Bogdanov Liina Kamm Sven Laur Pille Pruulmann-Vengerfeldt Riivo Talviste Jan Willemson Annual Privacy Forum Athens, Greece May 20, 2014 UaESMC Problem Statement

429 views • 17 slides
Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li

Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li

CS573 Data Privacy and Security Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li Xiong Slides credit: Chris Clifton, Purdue University; Murat Kantarcioglu, UT Dallas Outline Overview Data

901 views • 42 slides
Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving

Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving

Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving Mechanisms Simon Oya, Carmela Troncoso, Fernando Prez-Gonzlez 1 Motivation. Obfuscation-Based Location Privacy. Location information is sensitive.

521 views • 20 slides
Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der Meulen seminar Leuven, December 2011 1 Outline Security with noisy data - biometrics &amp; privacy - Physical Unclonable Functions (PUFs)

828 views • 39 slides

More recommend