TY - GEN
T1 - A game-theoretical approach to data-privacy protection from context-based inference attacks
T2 - 5th VLDB Workshop on Secure Data Management, SDM 2008
AU - Gianini, Gabriele
AU - Damiani, Ernesto
PY - 2008
Y1 - 2008
N2 - One of the approaches to the problem of data-privacy protection is given by the application of obfuscation techniques; in many situations, however, context information can help an attacker to perform inference over obfuscated data and to refine the estimate of the sensitive data up to a violation of the original privacy requirements. We consider the problem in a location privacy protection set-up where the sensitive attribute to be protected is the position of a Location Based Service user, and where the location anonymization technique is cloaking, whereas the context, supporting inference attacks, consists in some landscape-related information, namely positional constraints. In this work we adopt the assumption that the anonymizer and the attacker are two rational agents and frame the problem in a game theoretical approach by modeling the contest as a two-player, zero-sum, signaling game, then we point to the corresponding equilibrium solution and show that, when the anonymizer plays the equilibrium strategies, the advantage provided to the attacker by a non-neutral landscape gets canceled. We suggest that the game theoretical solution could be used as a reference solution for inter-technique comparisons.
AB - One of the approaches to the problem of data-privacy protection is given by the application of obfuscation techniques; in many situations, however, context information can help an attacker to perform inference over obfuscated data and to refine the estimate of the sensitive data up to a violation of the original privacy requirements. We consider the problem in a location privacy protection set-up where the sensitive attribute to be protected is the position of a Location Based Service user, and where the location anonymization technique is cloaking, whereas the context, supporting inference attacks, consists in some landscape-related information, namely positional constraints. In this work we adopt the assumption that the anonymizer and the attacker are two rational agents and frame the problem in a game theoretical approach by modeling the contest as a two-player, zero-sum, signaling game, then we point to the corresponding equilibrium solution and show that, when the anonymizer plays the equilibrium strategies, the advantage provided to the attacker by a non-neutral landscape gets canceled. We suggest that the game theoretical solution could be used as a reference solution for inter-technique comparisons.
UR - http://www.scopus.com/inward/record.url?scp=54249127401&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-85259-9_9
DO - 10.1007/978-3-540-85259-9_9
M3 - Conference contribution
AN - SCOPUS:54249127401
SN - 3540852581
SN - 9783540852582
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 133
EP - 150
BT - Secure Data Management - 5th VLDB Workshop, SDM 2008, Proceedings
Y2 - 24 August 2008 through 24 August 2008
ER -