Flexible adversary disclosure risk measure for identity and attribute disclosure attacks

Document Type

Article

Publication Date

6-1-2023

Abstract

Individuals generate tremendous amount of personal data each day, with a wide variety of uses. This datum often contains sensitive information about individuals, which can be disclosed by “adversaries”. Even when direct identifiers such as social security numbers are masked, an adversary may be able to recognize an individual’s identity for a data record by looking at the values of quasi-identifiers (QIDs), known as identity disclosure, or can uncover sensitive attributes (SAs) about an individual through attribute disclosure. In data privacy field, multiple disclosure risk measures have been proposed. These share two drawbacks: they do not consider identity and attribute disclosure concurrently, and they consider a restrictive attack model by assuming certain attributes, namely QIDs and SAs. In this paper, we present a flexible adversary disclosure risk measure that addresses these limitations, by presenting a single combined metric of identity and attribute disclosure, and generalizing attack models by considering all scenarios for an adversary’s knowledge and disclosure targets while providing the flexibility to model a specific disclosure preference. We have developed an efficient algorithm for computing our proposed risk measure and evaluated the performance of our approach on a benchmark dataset from 1994 Census database.

Publication Source (Journal or Book title)

International Journal of Information Security

First Page

631

Last Page

645

This document is currently not available here.

Share

COinS