Search Results

1 - 10 of 24 items :

  • "temporality" x
  • IT-Security and Cryptology x
Clear All
Tempest: Temporal Dynamics in Anonymity Systems

Abstract

Many recent proposals for anonymous communication omit from their security analyses a consideration of the effects of time on important system components. In practice, many components of anonymity systems, such as the client location and network structure, exhibit changes and patterns over time. In this paper, we focus on the effect of such temporal dynamics on the security of anonymity networks. We present Tempest, a suite of novel attacks based on (1) client mobility, (2) usage patterns, and (3) changes in the underlying network routing. Using experimental analysis on real-world datasets, we demonstrate that these temporal attacks degrade user privacy across a wide range of anonymity networks, including deployed systems such as Tor; pathselection protocols for Tor such as DeNASA, TAPS, and Counter-RAPTOR; and network-layer anonymity protocols for Internet routing such as Dovetail and HORNET. The degradation is in some cases surprisingly severe. For example, a single host failure or network route change could quickly and with high certainty identify the client’s ISP to a malicious host or ISP. The adversary behind each attack is relatively weak – generally passive and in control of one network location or a small number of hosts. Our findings suggest that designers of anonymity systems should rigorously consider the impact of temporal dynamics when analyzing anonymity.

Open access
No Place to Hide: Inadvertent Location Privacy Leaks on Twitter

, 2013. [29] C. Li and A. Sun. Fine-grained location extraction from tweets with temporal awareness. In Proceedings of the 37th International ACM SIGIR Conference on Research & Development in Information Retrieval , SIGIR ’14, pages 43–52, New York, NY, USA, 2014. ACM. [30] J. Lingad, S. Karimi, and J. Yin. Location extraction from disaster-related microblogs. In 22nd international conference on World Wide Web companion International World Wide Web Conferences Steering Committee , 2013. [31] Z. Liu and Y. Huang. Where are you tweeting?: A context

Open access
Expectation-Maximization Tensor Factorization for Practical Location Privacy Attacks

user activity preference by leveraging user spatial temporal characteristics in lbsns. IEEE Transactions on Systems, Man, and Cybernetics: Systems 45(1):129–142 [46] Zhang S, Wang W, Ford J, Makedon F (2006) Learning from incomplete ratings usig non-negative matrix factorization. In: Proceedings of the 6th SIAM International Conference on Data Mining (SDM’06), pp 548–552 [47] Zheng Y, Zhang L, Xie X, Ma WY (2009) Mining interesting locations and travel sequences from GPS trajectories. In: Proceedings of the 18th International Conference on World Wide Web

Open access
Two Is Not Enough: Privacy Assessment of Aggregation Schemes in Smart Metering

Abstract

The widespread deployment of smart meters that frequently report energy consumption information, is a known threat to consumers’ privacy. Many promising privacy protection mechanisms based on secure aggregation schemes have been proposed. Even though these schemes are cryptographically secure, the energy provider has access to the plaintext aggregated power consumption. A privacy trade-off exists between the size of the aggregation scheme and the personal data that might be leaked, where smaller aggregation sizes leak more personal data. Recently, a UK industrial body has studied this privacy trade-off and identified that two smart meters forming an aggregate, are sufficient to achieve privacy. In this work, we challenge this study and investigate which aggregation sizes are sufficient to achieve privacy in the smart grid. Therefore, we propose a flexible, yet formal privacy metric using a cryptographic game based definition. Studying publicly-available, real world energy consumption datasets with various temporal resolutions, ranging from minutes to hourly intervals, we show that a typical household can be identified with very high probability. For example, we observe a 50% advantage over random guessing in identifying households for an aggregation size of 20 households with a 15-minutes reporting interval. Furthermore, our results indicate that single appliances can be identified with significant probability in aggregation sizes up to 10 households.

Open access
What Does The Crowd Say About You? Evaluating Aggregation-based Location Privacy

References [1] Waze. https://www.waze.com , 2016. [2] G. Acs and C. Castelluccia. A case study: privacy preserving release of spatio-temporal density in paris. In KDD , 2014. [3] M. E. Andrés, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi. Geo-indistinguishability: Differential privacy for location-based systems. In CCS , 2013. [4] S. Bocconi, A. Bozzon, A. Psyllidis, C. Titos Bolivar, and G.-J. Houben. Social glass: A platform for urban analytics and decision-making through heterogeneous social data. In WWW , 2015. [5

Open access
Efficient Utility Improvement for Location Privacy

assignment for crowd sensing with cloaked participant locations,” in Proceedings of the 23rd SIGSPATIAL Int. Conf. on Advances in Geographic Information Systems , GIS ’15, pp. 90:1–90:4, ACM, 2015. [16] Y. Xiao and L. Xiong, “Protecting locations with differential privacy under temporal correlations,” in Proc. of CCS , pp. 1298–1309, ACM, 2015. [17] A. Ghosh, T. Roughgarden, and M. Sundararajan, “Universally utility-maximizing privacy mechanisms,” in Proc. of STOC , pp. 351–360, ACM, 2009. [18] K. Chatzikokolakis, C. Palamidessi, and M. Stronati

Open access
Location Privacy for Rank-based Geo-Query Systems

://developers.google.com/places/web-service/search#PlaceSearchRequests , 2017. [Online; accessed 1-March-2017]. [12] M. Gruteser and D. Grunwald. Anonymous Usage of Location-Based Services Through Spatial and Temporal Cloaking. In Proceedings of the 1st International Conference on Mobile Systems, Applications, and Services , pages 31–42, 2003. [13] P. Kalnis, G. Ghinita, K. Mouratidis, and D. Papadias. Preventing Location-Based Identity Inference in Anonymous Spatial Queries. IEEE Transactions on Knowledge and Data Engineering , 19(12):1719–1733, 2007. [14] A. Khoshgozaran, C. Shahabi, and H. Shirani-Mehr. Location

Open access
Encrypted Databases for Differential Privacy

References [1] Javallier. https://github.com/snipsco/paillier-librariesbenchmarks/tree/master/java-javallier . [2] J. Abowd. The challenge of scientific reproducibility and privacy protection for statistical agencies., 15 September 2016. https://www2.census.gov/cac/sac/meetings/2016-09/2016-abowd.pdf . [3] G. Acs and C. Castelluccia. A case study: privacy preserving release of spatio-temporal density in paris. In Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining , pages 1679–1688. ACM, 2014

Open access
Investigating Statistical Privacy Frameworks from the Perspective of Hypothesis Testing

& communications security , pages 901–914. ACM, 2013. [4] Borja Balle and Yu-Xiang Wang. Improving the gaussian mechanism for differential privacy: Analytical calibration and optimal denoising. In International Conference on Machine Learning (ICML) , 2018. [5] Vincent Bindschaedler, Reza Shokri, and Carl A Gunter. Plausible deniability for privacy-preserving data synthesis. Proceedings of the VLDB Endowment , 10(5):481–492, 2017. [6] Yang Cao, Masatoshi Yoshikawa, Yonghui Xiao, and Li Xiong. Quantifying differential privacy under temporal correlations. In

Open access
DPSelect: A Differential Privacy Based Guard Relay Selection Algorithm for Tor

://gitweb.torproject.org/torspec.git/tree/guard-spec.txt . [35] Tor Protocol Specification. https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt . [36] Ryan Wails, Yixin Sun, Aaron Johnson, Mung Chiang, and Prateek Mittal. Tempest: Temporal Dynamics in Anonymity Systems. Proceedings on Privacy Enhancing Technologies ; 2018 (3):22–42 , 2018.

Open access