web privacy
play

Web Privacy Professor Adam Bates Fall 2018 Security & Privacy - PowerPoint PPT Presentation

Dec 01, 2023 •368 likes •814 views

CS 563 - Advanced Computer Security: Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI) Administrative Learning Objectives : Consider the difference between security and privacy Discuss work

  1. CS 563 - Advanced Computer Security: Web Privacy Professor Adam Bates Fall 2018 Security & Privacy Research at Illinois (SPRAI)

  2. Administrative Learning Objectives : • Consider the difference between security and privacy • Discuss work on browser privacy, location privacy • Survey broad topics in the “web privacy” area Announcements : • Reaction paper was due today (and all classes) • Feedback for reaction papers soon • Next Wednesday, will discuss first “homework” Reminder : Please put away (backlit) devices at the start of class CS423: Operating Systems Design 2 2

  3. A Brief Note Security versus Privacy? Security & Privacy Research at Illinois (SPRAI) 3

  4. A False Dichotomy privacy security • Personal Opinion: Privacy is often used as a diminutive term to downplay the importance of individual security. • “ Privacy” refers to a class of important security problems, often related to individual liberties. • The Security Triad captures all privacy problems, and privacy problems can be found in all sections of the triad. Security & Privacy Research at Illinois (SPRAI) 4

  5. A False Dichotomy privacy security • Confidentiality: Who can access my personal data? Can the data I explicitly disclose be used to make sensitive inferences about me? • Integrity: Who manages the data that I consume? Can unauthorized parties affect that data? • Availability: Is my personal data accessible to me and other authorized partied when I need it? Security & Privacy Research at Illinois (SPRAI) 5

  6. Tracking Web Browsers • Browser Tracking: The ability to associate a browser’s activities at different times and on different websites. • Cookies: Data from a website that is stored in the browser. • Enables a stateful Internet • Same-Origin Policies limit cookie’s use in browser tracking. • Supercookies: Any alternative to HTTP cookies that can be used to track browsers across multiple website. • Ex: ETags used in web caching (Microsoft circa 2011) Security & Privacy Research at Illinois (SPRAI) 6

  7. Aside: Who Cares? • Why should we really care if a website (e.g., usatoday.com) can identify us on subsequent visits? Websites: Expectation… Security & Privacy Research at Illinois (SPRAI) 7

  8. Aside: Who Cares? • Why should we really care if a website (e.g., usatoday.com) can identify us on subsequent visits? Websites: Reality! Security & Privacy Research at Illinois (SPRAI) 8

  9. Anti-Tracking Movement • In 2010, more users were realizing the extent of the browser tracking problem… If we eradicated cookies from the Internet, would that solve the browser tracking problem? Security & Privacy Research at Illinois (SPRAI) 9

  10. Browser Fingerprinting • An invisible, data-free form of browser tracking. • Already appearing in advertising products back in 2010 • One instance of broader class of attacks against hardware and devices. You can basically fingerprint anything, and use anything to fingerprint: • Targets: Phones, Computers, Cameras, etc. • Signals: Accelerometer readings, packet arrivals, etc. Security & Privacy Research at Illinois (SPRAI) 10

  11. Browser Fingerprinting • Many possible applications for browser fingerprinting, albeit with varying levels of difficulty, including: • Fingerprints to differentiate NATed devices • Fingerprints to defeat Cookie Regenerators • Fingerprints at Global Identifiers • What makes a given fingerprinting challenge easier or harder? Security & Privacy Research at Illinois (SPRAI) 11

  12. Enter Panoptoclick • The EFF wanted to know how practical Internet-scale browser fingerprinting was. • Since algorithms were proprietary, they made their own from various server-accessible browser attributes • Invited people to visit panoptoclick.eff.org • Analyzed entropy of resulting fingerprints to determine severity of the problem. Security & Privacy Research at Illinois (SPRAI) 12

  13. Panoptoclick Fingerprint Note: Plenty of unharvested info, such as ActiveX, Silverlight, etc. Security & Privacy Research at Illinois (SPRAI) 13

  14. Panoptoclick Analysis • Each feature is associated with a distribution related to Self-Information / Surprisal / Entropy (related ideas) • I.E., how much do we learn about an object when one of its random variable(s) is sampled? • Each bit of information cuts space of objects in half • Combine multiple features together, adjusting for the fact that the variables won’t all be independent. • Your browser is uniquely identifiable if the number of bits of information gained from its features is greater than the (logarithm of) the number of browsers in “the world” Security & Privacy Research at Illinois (SPRAI) 14

  15. Panoptoclick Results Of ~470,000 fingerprint instances collected… Security & Privacy Research at Illinois (SPRAI) 15

  16. Panoptoclick Results Of ~470,000 fingerprint instances collected… 8.1% of fingerprints 8 3 . 6 % o f had some semblance fingerprints of an anonymity set… are entirely unique! Security & Privacy Research at Illinois (SPRAI) 16

  17. Panoptoclick Results Where did Panoptoclick struggle? Security & Privacy Research at Illinois (SPRAI) 17

  18. Panoptoclick Results Where did Panoptoclick struggle? Trolls using lynx Androids iPhones Security & Privacy Research at Illinois (SPRAI) 18

  19. Panoptoclick Results Are browser fingerprints consistent? • No! 37.4% churn • But, probably over-reported given the EFF’s clientele… • Worse, even a crude algorithm can guess the link between two fingerprints 65% of the time (w/ 0.9% FP). Security & Privacy Research at Illinois (SPRAI) 19

  20. Additional Observations • The presence of Privacy Enhancing Technologies (e.g., anonymity plug-ins) often decreased anonymity set!! • Why? • APIs frequently offer the ability to enumerate system information. Testable APIs would increase difficulty of fingerprinting. • Tension between ease of debugging and difficulty of fingerprinting (e.g., fine-grained version numbers) • Tension between expressivity of browser config and difficulty of fingerprinting (e.g., font orders) Security & Privacy Research at Illinois (SPRAI) 20

  21. Location Privacy • Today, the world is lousy with location-based services (LBS), e.g., … • Coarse-grained LBS: weather, advertising, events in area • Fine-grained LBS: navigation, ride share, fitness tracking • Untrustworthy LBS could make sensitive inferences about our identity, of even harm us in the real world! • How can we use LBS without revealing our location? Security & Privacy Research at Illinois (SPRAI) 21

  22. Geo-Indistinguishability (GI) • On device, add controlled noise to user’s location before sharing with LBS. • Achieves quasi- indistinguishability within a given area • Generalization of differential privacy for an “User is equally likely to be anywhere arbitrary distance function. within radius r of the Eiffel Tower” Security & Privacy Research at Illinois (SPRAI) 22

  23. Geo-Indistinguishability (GI) How does GI work? • User is at location x • User specifies radius r, level of similarity λ • User reports some point z based on x, r, λ Security & Privacy Research at Illinois (SPRAI) 23

  24. Geo-Indistinguishability (GI) Properties of GI • What is point z? • Each point within one unit of distance within the region specified by ε is equally likely to be returned • Privacy level ε is the radio of λ to r • If r is small, λ must be large to have high ε • If r is large, λ can be smaller to have high ε • If we fix λ and increase r, ε is greater but results are inaccurate. Security & Privacy Research at Illinois (SPRAI) 24

  25. compare to Differential Privacy (DP)? • Similar to DP , GI is independent from side information of the attacker (no assumptions made about priors) • GI uses euclidean distance instead of hamming distance • Euclidean Distance: spatial or linear distance between two points • Hamming Distance: distance between two datasets Security & Privacy Research at Illinois (SPRAI) 25

  26. GI Algorithm • Perturbate input by noise generated from Laplace distribution, yielding a probability density function from which we choose a random point. • Map random point from the continuous domain to the nearest point in discrete domain (i.e., Lat, Long) • Eliminate unrealistic points based based on map data Continuous Discretize Truncate Security & Privacy Research at Illinois (SPRAI) 26

  27. Enhancing LBS • Coarse-grained LBS: apply stock geo-indistinguishability User’s approximate location z Location info for z • Fine-grained LBS: Geo-Indistinguishability may be inadequate, instead specify larger area of retrieval based on z: User’s approximate location z Area of Retrieval A POI Info within A Security & Privacy Research at Illinois (SPRAI) 27

  28. Fine-Grained LBS w/ GI Security & Privacy Research at Illinois (SPRAI) 28

  29. Fine-Grained LBS w/ GI Security & Privacy Research at Illinois (SPRAI) 29

  30. Fine-Grained LBS w/ GI Security & Privacy Research at Illinois (SPRAI) 30

  31. Fine-Grained LBS w/ GI Security & Privacy Research at Illinois (SPRAI) 31

  32. Fine-Grained LBS w/ GI Security & Privacy Research at Illinois (SPRAI) 32

Recommend

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

ECE598NB Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics Course Structure Privacy Define privacy Privacy History Privacy has always existed Cities / large populations have made

173 views • 14 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy Alexandra Wood Berkman Klein Center for Internet & Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

CS 134 Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire (Image from geekologie.com) Relevant to corporations & government agencies Recently increased awareness However, general public

171 views • 16 slides
PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Todays Menu PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches COMPUTING Definitions Challenges 1. History and legal aspects 1.

264 views • 13 slides
Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Mobile Networks - Module H2 Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; privacy preserving routing in ad hoc networks; Slides adapted from Security and

909 views • 55 slides
Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Simone Fischer-Hbner Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues (LBS, RFID,...) IV. European Privacy Legislation/ Directives I. Definition Warren & Brandeis 1890 The right to

694 views • 30 slides
matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

Government data matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy Assessments 17 May 2018 Brief overview of the OAIC, Privacy Act and Australian Privacy Principles (APPs) OAICs involvement

454 views • 16 slides
Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy, and Data April 18, 2019 The Pessimistic View (or, Privacy is Dead) Internet Privacy A More Realistic View Privacy Monetization Convenience

355 views • 9 slides
Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When?

Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When?

CS4001: Computing, Society and Professionalism Sauvik Das | Assistant Professor Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When? How?* Privacy * Dont need to share specifics, just u

427 views • 29 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Beneficial ownership transparency, Title Page privacy and data protection 23 October Presented by Tom Walker tom@theengineroom.org @thomwithoutanh Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

702 views • 13 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole Polytechnique 1 Plan of the talk General introduction to privacy issues A naive approach to privacy protection: anonymization Why it

740 views • 44 slides

More recommend