Journal articles on the topic 'Privacy attacks on genomic data'
To see the other types of publications on this topic, follow the link: Privacy attacks on genomic data.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Privacy attacks on genomic data.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Ayoz, Kerem, Erman Ayday, and A. Ercument Cicek. "Genome Reconstruction Attacks Against Genomic Data-Sharing Beacons." Proceedings on Privacy Enhancing Technologies 2021, no. 3 (April 27, 2021): 28–48. http://dx.doi.org/10.2478/popets-2021-0036.
Full textAbstract:
Abstract Sharing genome data in a privacy-preserving way stands as a major bottleneck in front of the scientific progress promised by the big data era in genomics. A community-driven protocol named genomic data-sharing beacon protocol has been widely adopted for sharing genomic data. The system aims to provide a secure, easy to implement, and standardized interface for data sharing by only allowing yes/no queries on the presence of specific alleles in the dataset. However, beacon protocol was recently shown to be vulnerable against membership inference attacks. In this paper, we show that privacy threats against genomic data sharing beacons are not limited to membership inference. We identify and analyze a novel vulnerability of genomic data-sharing beacons: genome reconstruction. We show that it is possible to successfully reconstruct a substantial part of the genome of a victim when the attacker knows the victim has been added to the beacon in a recent update. In particular, we show how an attacker can use the inherent correlations in the genome and clustering techniques to run such an attack in an efficient and accurate way. We also show that even if multiple individuals are added to the beacon during the same update, it is possible to identify the victim’s genome with high confidence using traits that are easily accessible by the attacker (e.g., eye color or hair type). Moreover, we show how a reconstructed genome using a beacon that is not associated with a sensitive phenotype can be used for membership inference attacks to beacons with sensitive phenotypes (e.g., HIV+). The outcome of this work will guide beacon operators on when and how to update the content of the beacon and help them (along with the beacon participants) make informed decisions.
2
Almadhoun, Nour, Erman Ayday, and Özgür Ulusoy. "Inference attacks against differentially private query results from genomic datasets including dependent tuples." Bioinformatics 36, Supplement_1 (July 1, 2020): i136—i145. http://dx.doi.org/10.1093/bioinformatics/btaa475.
Full textAbstract:
Abstract Motivation The rapid decrease in the sequencing technology costs leads to a revolution in medical research and clinical care. Today, researchers have access to large genomic datasets to study associations between variants and complex traits. However, availability of such genomic datasets also results in new privacy concerns about personal information of the participants in genomic studies. Differential privacy (DP) is one of the rigorous privacy concepts, which received widespread interest for sharing summary statistics from genomic datasets while protecting the privacy of participants against inference attacks. However, DP has a known drawback as it does not consider the correlation between dataset tuples. Therefore, privacy guarantees of DP-based mechanisms may degrade if the dataset includes dependent tuples, which is a common situation for genomic datasets due to the inherent correlations between genomes of family members. Results In this article, using two real-life genomic datasets, we show that exploiting the correlation between the dataset participants results in significant information leak from differentially private results of complex queries. We formulate this as an attribute inference attack and show the privacy loss in minor allele frequency (MAF) and chi-square queries. Our results show that using the results of differentially private MAF queries and utilizing the dependency between tuples, an adversary can reveal up to 50% more sensitive information about the genome of a target (compared to original privacy guarantees of standard DP-based mechanisms), while differentially privacy chi-square queries can reveal up to 40% more sensitive information. Furthermore, we show that the adversary can use the inferred genomic data obtained from the attribute inference attack to infer the membership of a target in another genomic dataset (e.g. associated with a sensitive trait). Using a log-likelihood-ratio test, our results also show that the inference power of the adversary can be significantly high in such an attack even using inferred (and hence partially incorrect) genomes. Availability and implementation https://github.com/nourmadhoun/Inference-Attacks-Differential-Privacy
3
Mohammed Yakubu, Abukari, and Yi-Ping Phoebe Chen. "Ensuring privacy and security of genomic data and functionalities." Briefings in Bioinformatics 21, no. 2 (February 12, 2019): 511–26. http://dx.doi.org/10.1093/bib/bbz013.
Full textAbstract:
Abstract In recent times, the reduced cost of DNA sequencing has resulted in a plethora of genomic data that is being used to advance biomedical research and improve clinical procedures and healthcare delivery. These advances are revolutionizing areas in genome-wide association studies (GWASs), diagnostic testing, personalized medicine and drug discovery. This, however, comes with security and privacy challenges as the human genome is sensitive in nature and uniquely identifies an individual. In this article, we discuss the genome privacy problem and review relevant privacy attacks, classified into identity tracing, attribute disclosure and completion attacks, which have been used to breach the privacy of an individual. We then classify state-of-the-art genomic privacy-preserving solutions based on their application and computational domains (genomic aggregation, GWASs and statistical analysis, sequence comparison and genetic testing) that have been proposed to mitigate these attacks and compare them in terms of their underlining cryptographic primitives, security goals and complexities—computation and transmission overheads. Finally, we identify and discuss the open issues, research challenges and future directions in the field of genomic privacy. We believe this article will provide researchers with the current trends and insights on the importance and challenges of privacy and security issues in the area of genomics.
4
Raisaro, Jean Louis, Florian Tramèr, Zhanglong Ji, Diyue Bu, Yongan Zhao, Knox Carey, David Lloyd, et al. "Addressing Beacon re-identification attacks: quantification and mitigation of privacy risks." Journal of the American Medical Informatics Association 24, no. 4 (February 20, 2017): 799–805. http://dx.doi.org/10.1093/jamia/ocw167.
Full textAbstract:
Abstract The Global Alliance for Genomics and Health (GA4GH) created the Beacon Project as a means of testing the willingness of data holders to share genetic data in the simplest technical context—a query for the presence of a specified nucleotide at a given position within a chromosome. Each participating site (or “beacon”) is responsible for assuring that genomic data are exposed through the Beacon service only with the permission of the individual to whom the data pertains and in accordance with the GA4GH policy and standards. While recognizing the inference risks associated with large-scale data aggregation, and the fact that some beacons contain sensitive phenotypic associations that increase privacy risk, the GA4GH adjudged the risk of re-identification based on the binary yes/no allele-presence query responses as acceptable. However, recent work demonstrated that, given a beacon with specific characteristics (including relatively small sample size and an adversary who possesses an individual’s whole genome sequence), the individual’s membership in a beacon can be inferred through repeated queries for variants present in the individual’s genome. In this paper, we propose three practical strategies for reducing re-identification risks in beacons. The first two strategies manipulate the beacon such that the presence of rare alleles is obscured; the third strategy budgets the number of accesses per user for each individual genome. Using a beacon containing data from the 1000 Genomes Project, we demonstrate that the proposed strategies can effectively reduce re-identification risk in beacon-like datasets.
5
Aziz, Md Momin Al, Shahin Kamali, Noman Mohammed, and Xiaoqian Jiang. "Online Algorithm for Differentially Private Genome-wide Association Studies." ACM Transactions on Computing for Healthcare 2, no. 2 (March 2021): 1–27. http://dx.doi.org/10.1145/3431504.
Full textAbstract:
Digitization of healthcare records contributed to a large volume of functional scientific data that can help researchers to understand the behaviour of many diseases. However, the privacy implications of this data, particularly genomics data, have surfaced recently as the collection, dissemination, and analysis of human genomics data is highly sensitive. There have been multiple privacy attacks relying on the uniqueness of the human genome that reveals a participant or a certain group’s presence in a dataset. Therefore, the current data sharing policies have ruled out any public dissemination and adopted precautionary measures prior to genomics data release, which hinders timely scientific innovation. In this article, we investigate an approach that only releases the statistics from genomic data rather than the whole dataset and propose a generalized Differentially Private mechanism for Genome-wide Association Studies (GWAS). Our method provides a quantifiable privacy guarantee that adds noise to the intermediate outputs but ensures satisfactory accuracy of the private results. Furthermore, the proposed method offers multiple adjustable parameters that the data owners can set based on the optimal privacy requirements. These variables are presented as equalizers that balance between the privacy and utility of the GWAS. The method also incorporates Online Bin Packing technique [1], which further bounds the privacy loss linearly, growing according to the number of open bins and scales with the incoming queries. Finally, we implemented and benchmarked our approach using seven different GWAS studies to test the performance of the proposed methods. The experimental results demonstrate that for 1,000 arbitrary online queries, our algorithms are more than 80% accurate with reasonable privacy loss and exceed the state-of-the-art approaches on multiple studies (i.e., EigenStrat, LMM, TDT).
6
Öksüz, Abdullah Çağlar, Erman Ayday, and Uğur Güdükbay. "Privacy-preserving and robust watermarking on sequential genome data using belief propagation and local differential privacy." Bioinformatics 37, no. 17 (February 25, 2021): 2668–74. http://dx.doi.org/10.1093/bioinformatics/btab128.
Full textAbstract:
Abstract Motivation Genome data is a subject of study for both biology and computer science since the start of the Human Genome Project in 1990. Since then, genome sequencing for medical and social purposes becomes more and more available and affordable. Genome data can be shared on public websites or with service providers (SPs). However, this sharing compromises the privacy of donors even under partial sharing conditions. We mainly focus on the liability aspect ensued by the unauthorized sharing of these genome data. One of the techniques to address the liability issues in data sharing is the watermarking mechanism. Results To detect malicious correspondents and SPs—whose aim is to share genome data without individuals’ consent and undetected—, we propose a novel watermarking method on sequential genome data using belief propagation algorithm. In our method, we have two criteria to satisfy. (i) Embedding robust watermarks so that the malicious adversaries cannot temper the watermark by modification and are identified with high probability. (ii) Achieving ϵ-local differential privacy in all data sharings with SPs. For the preservation of system robustness against single SP and collusion attacks, we consider publicly available genomic information like Minor Allele Frequency, Linkage Disequilibrium, Phenotype Information and Familial Information. Our proposed scheme achieves 100% detection rate against the single SP attacks with only 3% watermark length. For the worst case scenario of collusion attacks (50% of SPs are malicious), 80% detection is achieved with 5% watermark length and 90% detection is achieved with 10% watermark length. For all cases, the impact of ϵ on precision remained negligible and high privacy is ensured. Availability and implementation https://github.com/acoksuz/PPRW\_SGD\_BPLDP Supplementary information Supplementary data are available at Bioinformatics online.
7
Ayoz, Kerem, Miray Aysen, Erman Ayday, and A. Ercument Cicek. "The effect of kinship in re-identification attacks against genomic data sharing beacons." Bioinformatics 36, Supplement_2 (December 2020): i903—i910. http://dx.doi.org/10.1093/bioinformatics/btaa821.
Full textAbstract:
Abstract Motivation Big data era in genomics promises a breakthrough in medicine, but sharing data in a private manner limit the pace of field. Widely accepted ‘genomic data sharing beacon’ protocol provides a standardized and secure interface for querying the genomic datasets. The data are only shared if the desired information (e.g. a certain variant) exists in the dataset. Various studies showed that beacons are vulnerable to re-identification (or membership inference) attacks. As beacons are generally associated with sensitive phenotype information, re-identification creates a significant risk for the participants. Unfortunately, proposed countermeasures against such attacks have failed to be effective, as they do not consider the utility of beacon protocol. Results In this study, for the first time, we analyze the mitigation effect of the kinship relationships among beacon participants against re-identification attacks. We argue that having multiple family members in a beacon can garble the information for attacks since a substantial number of variants are shared among kin-related people. Using family genomes from HapMap and synthetically generated datasets, we show that having one of the parents of a victim in the beacon causes (i) significant decrease in the power of attacks and (ii) substantial increase in the number of queries needed to confirm an individual’s beacon membership. We also show how the protection effect attenuates when more distant relatives, such as grandparents are included alongside the victim. Furthermore, we quantify the utility loss due adding relatives and show that it is smaller compared with flipping based techniques.
8
Humbert, Mathias, Kévin Huguenin, Joachim Hugonot, Erman Ayday, and Jean-Pierre Hubaux. "De-anonymizing Genomic Databases Using Phenotypic Traits." Proceedings on Privacy Enhancing Technologies 2015, no. 2 (June 1, 2015): 99–114. http://dx.doi.org/10.1515/popets-2015-0020.
Full textAbstract:
AbstractPeople increasingly have their genomes sequenced and some of them share their genomic data online. They do so for various purposes, including to find relatives and to help advance genomic research. An individual’s genome carries very sensitive, private information such as its owner’s susceptibility to diseases, which could be used for discrimination. Therefore, genomic databases are often anonymized. However, an individual’s genotype is also linked to visible phenotypic traits, such as eye or hair color, which can be used to re-identify users in anonymized public genomic databases, thus raising severe privacy issues. For instance, an adversary can identify a target’s genome using known her phenotypic traits and subsequently infer her susceptibility to Alzheimer’s disease. In this paper, we quantify, based on various phenotypic traits, the extent of this threat in several scenarios by implementing de-anonymization attacks on a genomic database of OpenSNP users sequenced by 23andMe. Our experimental results show that the proportion of correct matches reaches 23% with a supervised approach in a database of 50 participants. Our approach outperforms the baseline by a factor of four, in terms of the proportion of correct matches, in most scenarios. We also evaluate the adversary’s ability to predict individuals’ predisposition to Alzheimer’s disease, and we observe that the inference error can be halved compared to the baseline. We also analyze the effect of the number of known phenotypic traits on the success rate of the attack. As progress is made in genomic research, especially for genotype-phenotype associations, the threat presented in this paper will become more serious.
9
Asgiani, Piping, Chriswardani Suryawati, and Farid Agushybana. "A literature review: Security Aspects in the Implementation of Electronic Medical Records in Hospitals." MEDIA ILMU KESEHATAN 10, no. 2 (January 29, 2022): 161–66. http://dx.doi.org/10.30989/mik.v10i2.561.
Full textAbstract:
Backgrounds: Electronic Medical Records have complete and integrated patient health data, and are up to date because RME combines clinical and genomic data, this poses a great risk to data disclosure The priority of privacy is data security (security) so that data will not leak to other parties. That way cyber attacks can be suppressed by increasing cybersecurity, namely conducting regular evaluation and testing of security levels.Objectives: To determine the security technique that maintains privacy of electronic medical records.Methods: This type of research uses a literature review methodResults: Data security techniques are determined from each type of health service. Data security techniques that can be applied are cryptographic methods, firewalls, access control, and other security techniques. This method has proven to be a very promising and successful technique for safeguarding the privacy and security of RMEConclusion: Patient medical records or medical records are very private and sensitive because they store all data about complaints, diagnoses, disease histories, actions, and treatments about patients, so the information contained therein must be kept confidential. As well as the hospital as a medical record manager is required to apply for patient privacy data security techniques.
10
Narayan, Ashwin. "Current regulations will not protect patient privacy in the age of machine learning." MIT Science Policy Review 1 (August 20, 2020): 3–9. http://dx.doi.org/10.38105/spr.ax4o7jkyr3.
Full textAbstract:
Machine learning (ML) has shown great promise in advancing health outcomes by parsing ever more effectively through massive clinical and genomic datasets. These advances are tempered by fears that they come at the cost of privacy. Since data relating to health are particularly sensitive because of immutability and comprehensiveness, these privacy concerns must be seriously addressed. We consider examples (the Golden State Killer, the Personal Genome Project, and the rise of wearable fitness trackers) where the tension between technological progress and lost privacy is already apparent. We discuss, in light of ML capabilities, the current state of privacy regulation in healthcare. We note the Constitutional right to privacy does not yet in general protect voluntary disclosures of data; HIPAA, the current law regulating healthcare data in the US, does not apply to the burgeoning field of healthcare-adjacent companies and organizations collecting health data; and access controls remain subject to re-identification attacks. We then discuss the active research in algorithmic paradigms for privacy, highlighting their promise but also their limitations. In order to encourage technological progress, reframing privacy for the age of ML might involve extending the Constitutional right to privacy, extending the applicability of HIPAA, and/or enforcing transparent privacy policies.
11
Ren, Xujie, Tao Shang, Yatong Jiang, and Jianwei Liu. "Gene Sequence Clustering Based on the Profile Hidden Markov Model with Differential Identifiability." Security and Communication Networks 2021 (December 24, 2021): 1–9. http://dx.doi.org/10.1155/2021/8296417.
Full textAbstract:
In the era of big data, next-generation sequencing produces a large amount of genomic data. With these genetic sequence data, research in biology fields will be further advanced. However, the growth of data scale often leads to privacy issues. Even if the data is not open, it is still possible for an attacker to steal private information by a member inference attack. In this paper, we proposed a private profile hidden Markov model (PHMM) with differential identifiability for gene sequence clustering. By adding random noise into the model, the probability of identifying individuals in the database is limited. The gene sequences could be unsupervised clustered without labels according to the output scores of private PHMM. The variation of the divergence distance in the experimental results shows that the addition of noise makes the profile hidden Markov model distort to a certain extent, and the maximum divergence distance can reach 15.47 when the amount of data is small. Also, the cosine similarity comparison of the clustering model before and after adding noise shows that as the privacy parameters changes, the clustering model distorts at a low or high level, which makes it defend the member inference attack.
12
He, Muqing, Deqing Zou, Weizhong Qiang, Shouhuai Xu, Wenbo Wu, and Hai Jin. "Quantifying Privacy Risks for Continuous Trait Data." Applied Sciences 12, no. 20 (October 20, 2022): 10586. http://dx.doi.org/10.3390/app122010586.
Full textAbstract:
In the context of life sciences, the rapid biotechnical development leads to the creation of huge amounts of biological data. The use of such data naturally brings concerns on human genetic privacy breaches, which also discourage biological data sharing. Prior studies have investigated the possibility of the privacy issues associated with individuals’ trait data. However, there are few studies on quantitatively analyzing the probability of the privacy risk. In this paper, we fill this void by proposing a scheme for systematically breaching genomic privacy, which is centered on quantifying the probability of the privacy risk of continuous trait data. With well-designed synthetic datasets, our theoretical analysis and experiments lead to several important findings, such as: (i) The size of genetic signatures and the sensitivity (true positive rate) significantly affect the accuracy of re-identification attack. (ii) Both the size of genetic signatures and the minor allele frequency have a significant impact on distinguishing true positive and false positive matching between traits and genetic profiles. (iii) The size of the matching quantitative trait locus dataset has a large impact on the confidence of the privacy risk assessment. Validation with a real dataset shows that our findings can effectively estimate the privacy risks of the continuous trait dataset.
13
Mott, Richard, Christian Fischer, Pjotr Prins, and Robert William Davies. "Private Genomes and Public SNPs: Homomorphic Encryption of Genotypes and Phenotypes for Shared Quantitative Genetics." Genetics 215, no. 2 (April 23, 2020): 359–72. http://dx.doi.org/10.1534/genetics.120.303153.
Full textAbstract:
Sharing human genotype and phenotype data is essential to discover otherwise inaccessible genetic associations, but is a challenge because of privacy concerns. Here, we present a method of homomorphic encryption that obscures individuals’ genotypes and phenotypes, and is suited to quantitative genetic association analysis. Encrypted ciphertext and unencrypted plaintext are analytically interchangeable. The encryption uses a high-dimensional random linear orthogonal transformation key that leaves the likelihood of quantitative trait data unchanged under a linear model with normally distributed errors. It also preserves linkage disequilibrium between genetic variants and associations between variants and phenotypes. It scrambles relationships between individuals: encrypted genotype dosages closely resemble Gaussian deviates, and can be replaced by quantiles from a Gaussian with negligible effects on accuracy. Likelihood-based inferences are unaffected by orthogonal encryption. These include linear mixed models to control for unequal relatedness between individuals, heritability estimation, and including covariates when testing association. Orthogonal transformations can be applied in a modular fashion for multiparty federated mega-analyses where the parties first agree to share a common set of genotype sites and covariates prior to encryption. Each then privately encrypts and shares their own ciphertext, and analyses all parties’ ciphertexts. In the absence of private variants, or knowledge of the key, we show that it is infeasible to decrypt ciphertext using existing brute-force or noise-reduction attacks. We present the method as a challenge to the community to determine its security.
14
Ayday, Erman, and Mathias Humbert. "Inference Attacks against Kin Genomic Privacy." IEEE Security & Privacy 15, no. 5 (2017): 29–37. http://dx.doi.org/10.1109/msp.2017.3681052.
Full text
15
Schwab, Abraham P., Hung S. Luu, Jason Wang, and Jason Y. Park. "Genomic Privacy." Clinical Chemistry 64, no. 12 (December 1, 2018): 1696–703. http://dx.doi.org/10.1373/clinchem.2018.289512.
Full textAbstract:
Abstract BACKGROUND Genetic information is unique among all laboratory data because it not only informs the current health of the specific person tested but may also be predictive of the future health of the individual and, to varying degrees, all biological relatives. CONTENT As DNA sequencing has become ubiquitous with decreasing cost, large repositories of genomic data have emerged from the domains of research, healthcare, law enforcement, international security, and recreational consumer interest (i.e., genealogy). Broadly shared genomic data are believed to be a key element for future discoveries in human disease. For example, the National Cancer Institute's Genomic Data Commons is designed to promote cancer research discoveries by providing free access to the genome data sets of 12000 cancer patients. However, in parallel with the promise of curing diseases, genomic data also have the potential for harm. Genomic data that are deidentified by standard healthcare practices (e.g., removal of name, date of birth) can be reidentified by methods that combine genomic software with publicly available demographic databases (e.g., phone book). Recent law enforcement cases (i.e., Bear Brook Murders, Golden State Killer) in the US have demonstrated the power of combining DNA profiles with genealogy databases. SUMMARY We examine the current environment of genomic privacy and confidentiality in the US and describe current and future risks to genomic privacy. Reidentification and inference of genetic information of biological relatives will become more important as larger databases of clinical, criminal, and recreational genomic information are developed over the next decade.
16
Pascoal, Túlio, Jérémie Decouchant, Antoine Boutet, and Marcus Völp. "I-GWAS: Privacy-Preserving Interdependent Genome-Wide Association Studies." Proceedings on Privacy Enhancing Technologies 2023, no. 1 (January 2023): 437–54. http://dx.doi.org/10.56553/popets-2023-0026.
Full textAbstract:
Genome-wide Association Studies (GWASes) identify genomic variations that are statistically associated with a trait, such as a disease, in a group of individuals. Unfortunately, careless sharing of GWAS statistics might give rise to privacy attacks. Several works attempted to reconcile secure processing with privacy-preserving releases of GWASes. However, we highlight that these approaches remain vulnerable if GWASes utilize overlapping sets of individuals and genomic variations. In such conditions, we show that even when relying on state-of-the-art techniques for protecting releases, an adversary could reconstruct the genomic variations of up to 28.6% of participants, and that the released statistics of up to 92.3% of the genomic variations would enable membership inference attacks. We introduce I-GWAS, a novel framework that securely computes and releases the results of multiple possibly interdependent GWASes. I-GWAS continuously releases privacy-preserving and noise-free GWAS results as new genomes become available.
17
Madsen, Wayne. "New US bill attacks data privacy." Computer Fraud & Security Bulletin 1991, no. 5 (May 1991): 4. http://dx.doi.org/10.1016/0142-0496(91)90234-v.
Full text
18
Shaukat, Ayesha, Adeel Anjum, Saif U. R. Malik, Munam Ali Shah, and Carsten Maple. "A Novel Privacy Paradigm for Improving Serial Data Privacy." Sensors 22, no. 7 (April 6, 2022): 2811. http://dx.doi.org/10.3390/s22072811.
Full textAbstract:
Protecting the privacy of individuals is of utmost concern in today’s society, as inscribed and governed by the prevailing privacy laws, such as GDPR. In serial data, bits of data are continuously released, but their combined effect may result in a privacy breach in the whole serial publication. Protecting serial data is crucial for preserving them from adversaries. Previous approaches provide privacy for relational data and serial data, but many loopholes exist when dealing with multiple sensitive values. We address these problems by introducing a novel privacy approach that limits the risk of privacy disclosure in republication and gives better privacy with much lower perturbation rates. Existing techniques provide a strong privacy guarantee against attacks on data privacy; however, in serial publication, the chances of attack still exist due to the continuous addition and deletion of data. In serial data, proper countermeasures for tackling attacks such as correlation attacks have not been taken, due to which serial publication is still at risk. Moreover, protecting privacy is a significant task due to the critical absence of sensitive values while dealing with multiple sensitive values. Due to this critical absence, signatures change in every release, which is a reason for attacks. In this paper, we introduce a novel approach in order to counter the composition attack and the transitive composition attack and we prove that the proposed approach is better than the existing state-of-the-art techniques. Our paper establishes the result with a systematic examination of the republication dilemma. Finally, we evaluate our work using benchmark datasets, and the results show the efficacy of the proposed technique.
19
Vijayalakshmi, R., and N. Duraipandian. "Service oriented architecture and privacy preserving mashup of healthcare data." International Journal of Engineering & Technology 3, no. 3 (July 9, 2014): 337. http://dx.doi.org/10.14419/ijet.v3i3.2139.
Full textAbstract:
Mashup of health care data from different medical sources must be privacy preserved since the data recipient and/or the data provider may not always be a trusted party. Raw medical data contains person specific sensitive information like ailment, surgery etc. and hence it is susceptible to certain privacy attacks such as attribute linkage and record linkage. There are different privacy models to thwart the privacy attacks. This paper illustrates how to vertically integrate the data from mental health clinic and National AIDS Control Organization (NACO) and preserve privacy using the LKC privacy model. Keywords: Mashup, Linkage, Anonymize Utility, Diversity, Adversary, Interoperability.
20
Shringarpure, Suyash S., and Carlos D. Bustamante. "Privacy Risks from Genomic Data-Sharing Beacons." American Journal of Human Genetics 97, no. 5 (November 2015): 631–46. http://dx.doi.org/10.1016/j.ajhg.2015.09.010.
Full text
21
Claerhout, B., and G. J. E. DeMoor. "Privacy protection for clinical and genomic data." International Journal of Medical Informatics 74, no. 2-4 (March 2005): 257–65. http://dx.doi.org/10.1016/j.ijmedinf.2004.03.008.
Full text
22
Wong, Raymond Chi-Wing, Ada Wai-Chee Fu, Ke Wang, and Jian Pei. "Anonymization-based attacks in privacy-preserving data publishing." ACM Transactions on Database Systems 34, no. 2 (June 2009): 1–46. http://dx.doi.org/10.1145/1538909.1538910.
Full text
23
Park, Young-Hoon, Yejin Kim, and Junho Shim. "Blockchain-Based Privacy-Preserving System for Genomic Data Management Using Local Differential Privacy." Electronics 10, no. 23 (December 3, 2021): 3019. http://dx.doi.org/10.3390/electronics10233019.
Full textAbstract:
The advances made in genome technology have resulted in significant amounts of genomic data being generated at an increasing speed. As genomic data contain various privacy-sensitive information, security schemes that protect confidentiality and control access are essential. Many security techniques have been proposed to safeguard healthcare data. However, these techniques are inadequate for genomic data management because of their large size. Additionally, privacy problems due to the sharing of gene data are yet to be addressed. In this study, we propose a secure genomic data management system using blockchain and local differential privacy (LDP). The proposed system employs two types of storage: private storage for internal staff and semi-private storage for external users. In private storage, because encrypted gene data are stored, only internal employees can access the data. Meanwhile, in semi-private storage, gene data are irreversibly modified by LDP. Through LDP, different noises are added to each section of the genomic data. Therefore, even though the third party uses or exposes the shared data, the owner’s privacy is guaranteed. Furthermore, the access control for each storage is ensured by the blockchain, and the gene owner can trace the usage and sharing status using a decentralized application in a mobile device.
24
Li, Bing, Hong Zhu, and Meiyi Xie. "Releasing Differentially Private Trajectories with Optimized Data Utility." Applied Sciences 12, no. 5 (February 25, 2022): 2406. http://dx.doi.org/10.3390/app12052406.
Full textAbstract:
The ubiquity of GPS-enabled devices has resulted in an abundance of data about individual trajectories. Releasing trajectories enables a range of data analysis tasks, such as urban planning, but it also poses a risk in compromising individual location privacy. To tackle this issue, a number of location privacy protection algorithms are proposed. However, existing works are primarily concerned with maintaining the trajectory data geographic utility and neglect the semantic utility. Thus, many data analysis tasks relying on utility, e.g., semantic annotation, suffer from poor performance. Furthermore, the released trajectories are vulnerable to location inference attacks and de-anonymization attacks due to insufficient privacy guarantee. In this paper, to design a location privacy protection algorithm for releasing an offline trajectory dataset to potentially untrusted analyzers, we propose a utility-optimized and differentially private trajectory synthesizer (UDPT) with two novel features. First, UDPT simultaneously preserves both geographical utility and semantic utility by solving a data utility optimization problem with a genetic algorithm. Second, UDPT provides a formal and provable guarantee against privacy attacks by synthesizing obfuscated trajectories in a differentially private manner. Extensive experimental evaluations on real-world datasets demonstrate UDPT’s outperformance against state-of-the-art works in terms of data utility and privacy.
25
Villanueva, Angela G., Robert Cook-Deegan, Jill O. Robinson, Amy L. McGuire, and Mary A. Majumder. "Genomic Data-Sharing Practices." Journal of Law, Medicine & Ethics 47, no. 1 (2019): 31–40. http://dx.doi.org/10.1177/1073110519840482.
Full textAbstract:
Making data broadly accessible is essential to creating a medical information commons (MIC). Transparency about data-sharing practices can cultivate trust among prospective and existing MIC participants. We present an analysis of 34 initiatives sharing DNA-derived data based on public information. We describe data-sharing practices captured, including practices related to consent, privacy and security, data access, oversight, and participant engagement. Our results reveal that data-sharing initiatives have some distance to go in achieving transparency.
26
Henrikson, Nora B., Stephanie M. Fullerton, Aaron Scrol, Lorella Palazzo, Marlaine Figueroa Gray, and Paula R. Blasi. "“Not Private at All:” Comparative Perspectives on Privacy of Genomic Data, Family History Data, Health-Related Data, and Other Personal Data." OBM Genetics 06, no. 04 (October 31, 2022): 1–17. http://dx.doi.org/10.21926/obm.genet.2204167.
Full textAbstract:
People choose how and if to generate and disclose not just personal genomic data, but also multiple other types of personal health and non-health related data. To contextualize choices about genetic testing and genetic data disclosure, we explored perspectives of genomic data privacy and disclosure compared to other types of data. We conducted a qualitative focus group study with adult members of an integrated U.S. health system, using administrative data to stratify our sample by age and by race/ethnicity. Discussion topics included qualities, rights, benefits and harms of disclosure of genomic, health, family history and non-health related data. We conducted thematic template analysis using verbatim transcripts. The sample (n = 24) was 67% female, mean age 54.1 years (range 23-88), and 37% people of color; 71% reported college degree. Participants considered genetic data, but not other data types, as a permanent, core part of the individual self and as protected health information under current laws. Participants did not feel that individuals had a right to family medical history disclosure from their relatives. Participants assumed high levels of privacy protections of genetic and other health-related data, but no perceived privacy or protection around other personal data. Participants weighed benefits and risks of generation and disclosure of all data types; harms were more far-reaching for non-health data, possibly related to the perceived lack of protections around these data. People make privacy-related choices about genetic testing in the context of related considerations for multiple types of data and rely on perceived privacy protections under current U.S. health privacy laws. Genetic research and screening programs should consider providing clear guidance on privacy protections afforded to genetic information in U.S. clinical settings. Future research should examine connections between privacy-related views on genetic and multiple other types of personal data.
27
Sowmyarani C. N., Veena Gadad, and Dayananda P. "(p+, α, t)-Anonymity Technique Against Privacy Attacks." International Journal of Information Security and Privacy 15, no. 2 (April 2021): 68–86. http://dx.doi.org/10.4018/ijisp.2021040104.
Full textAbstract:
Privacy preservation is a major concern in current technology where enormous amounts of data are being collected and published for carrying out analysis. These data may contain sensitive information related to individual who owns them. If the data is published in their original form, they may lead to privacy disclosure which threats privacy requirements. Hence, the data should be anonymized before publishing so that it becomes challenging for intruders to obtain sensitive information by means of any privacy attack model. There are popular data anonymization techniques such as k-anonymity, l-diversity, p-sensitive k-anonymity, (l, m, d) anonymity, and t-closeness, which are vulnerable to different privacy attacks discussed in this paper. The proposed technique called (p+, α, t)-anonymity aims to anonymize the data in such a way that even though intruder has sufficient background knowledge on the target individual he will not be able to infer anything and breach private information. The anonymized data also provide sufficient data utility by allowing various data analytics to be performed.
28
Aziz, Md Momin Al, Md Nazmus Sadat, Dima Alhadidi, Shuang Wang, Xiaoqian Jiang, Cheryl L. Brown, and Noman Mohammed. "Privacy-preserving techniques of genomic data—a survey." Briefings in Bioinformatics 20, no. 3 (November 7, 2017): 887–95. http://dx.doi.org/10.1093/bib/bbx139.
Full text
29
Akgün, Mete, A. Osman Bayrak, Bugra Ozer, and M. Şamil Sağıroğlu. "Privacy preserving processing of genomic data: A survey." Journal of Biomedical Informatics 56 (August 2015): 103–11. http://dx.doi.org/10.1016/j.jbi.2015.05.022.
Full text
30
Amin, Zenab, Adeel Anjum, Abid Khan, Awais Ahmad, and Gwanggil Jeon. "Preserving Privacy of High-Dimensional Data by l-Diverse Constrained Slicing." Electronics 11, no. 8 (April 15, 2022): 1257. http://dx.doi.org/10.3390/electronics11081257.
Full textAbstract:
In the modern world of digitalization, data growth, aggregation and sharing have escalated drastically. Users share huge amounts of data due to the widespread adoption of Internet-of-things (IoT) and cloud-based smart devices. Such data could have confidential attributes about various individuals. Therefore, privacy preservation has become an important concern. Many privacy-preserving data publication models have been proposed to ensure data sharing without privacy disclosures. However, publishing high-dimensional data with sufficient privacy is still a challenging task and very little focus has been given to propound optimal privacy solutions for high-dimensional data. In this paper, we propose a novel privacy-preserving model to anonymize high-dimensional data (prone to various privacy attacks including probabilistic, skewness, and gender-specific). Our proposed model is a combination of l-diversity along with constrained slicing and vertical division. The proposed model can protect the above-stated attacks with minimal information loss. The extensive experiments on real-world datasets advocate the outperformance of our proposed model among its counterparts.
31
Li, Hongtao, Jianfeng Ma, and Shuai Fu. "Analyzing mechanism-based attacks in privacy-preserving data publishing." Optik 124, no. 24 (December 2013): 6939–45. http://dx.doi.org/10.1016/j.ijleo.2013.05.157.
Full text
32
Li, Xin. "Privacy Preserving Clustering for Distributed Homogeneous Gene Expression Data Sets." International Journal of Computational Models and Algorithms in Medicine 1, no. 3 (July 2010): 31–54. http://dx.doi.org/10.4018/jcmam.2010070102.
Full textAbstract:
In this paper, the authors present a new approach to perform principal component analysis (PCA)-based gene clustering on genomic data distributed in multiple sites (horizontal partitions) with privacy protection. This approach allows data providers to collaborate together to identify gene profiles from a global viewpoint, and at the same time, protect the sensitive genomic data from possible privacy leaks. The authors developed a framework for privacy preserving PCA-based gene clustering, which includes two types of participants such as data providers and a trusted central site. Within this mechanism, distributed horizontal partitions of genomic data can be globally clustered with privacy preservation. Compared to results from centralized scenarios, the result generated from distributed partitions achieves 100% accuracy by using this approach. An experiment on a real genomic data set is conducted, and result shows that the proposed framework produces exactly the same cluster formation as that from the centralized data set.
33
Huang, Mingfu, Rushit Dave, Nyle Siddiqui, and Naeem Seliya. "Examining Modern Data Security and Privacy Protocols in Autonomous Vehicles." International Journal of Computer Science and Information Technology 13, no. 5 (October 31, 2021): 01–19. http://dx.doi.org/10.5121/ijcsit.2021.13501.
Full textAbstract:
A fully automated, self-driving car can perceive its environment, determine the optimal route, and drive unaided by human intervention for the entire journey. Connected autonomous vehicles (CAVs) have the potential to drastically reduce accidents, travel time, and the environmental impact of road travel. Such technology includes the use of several sensors, various algorithms, interconnected network connections, and multiple auxiliary systems. CAVs have been subjected to attacks by malicious users to gain/deny control of one or more of its various systems. Data security and data privacy is one such area of CAVs that has been targeted via different types of attacks. The scope of this study is to present a good background knowledge of issues pertaining to different attacks in the context of data security and privacy, as well present a detailed review and analysis of eight very recent studies on the broad topic of security and privacy related attacks. Methodologies including Blockchain, Named Data Networking, Intrusion Detection System, Cognitive Engine, Adversarial Objects, and others have been investigated in the literature and problem- and context-specific models have been proposed by their respective authors.
34
Zhu, Ye, Yongjian Fu, and Huirong Fu. "Preserving Privacy in Time Series Data Mining." International Journal of Data Warehousing and Mining 7, no. 4 (October 2011): 64–85. http://dx.doi.org/10.4018/jdwm.2011100104.
Full textAbstract:
Time series data mining poses new challenges to privacy. Through extensive experiments, the authors find that existing privacy-preserving techniques such as aggregation and adding random noise are insufficient due to privacy attacks such as data flow separation attack. This paper also presents a general model for publishing and mining time series data and its privacy issues. Based on the model, a spectrum of privacy preserving methods is proposed. For each method, effects on classification accuracy, aggregation error, and privacy leak are studied. Experiments are conducted to evaluate the performance of the methods. The results show that the methods can effectively preserve privacy without losing much classification accuracy and within a specified limit of aggregation error.
35
Zheng, Zhirun, Zhetao Li, Jie Li, Hongbo Jiang, Tong Li, and Bin Guo. "Utility-aware and Privacy-preserving Trajectory Synthesis Model that Resists Social Relationship Privacy Attacks." ACM Transactions on Intelligent Systems and Technology 13, no. 3 (June 30, 2022): 1–28. http://dx.doi.org/10.1145/3495160.
Full textAbstract:
For academic research and business intelligence, trajectory data has been widely collected and analyzed. Releasing trajectory data to a third party may lead to serious privacy leakage, which has spawned considerable researches on trajectory privacy protection technology. However, existing work suffers from several shortcomings. They either focus on point-based location privacy, ignoring the spatio-temporal correlations among locations within a trajectory, or they protect the privacy of each user separately without considering privacy leakage of the social relationship between trajectories of different users. Besides, they fail to balance privacy protection and data utility. Motivated by these limitations, in this article, we propose S 3 T -Trajectory, which is a utility-aware and privacy-preserving trajectory synthesis model that Resists social relationship privacy attacks. Specifically, we first develop a time-dependent Markov chain based on an adaptive spatio-temporal discrete grid to efficiently and accurately capture human mobility behavior. Then, we propose three mobility feature metrics from spatio-temporal, semantic, and social dimensions. On the basis of the metrics, we construct a bi-level optimization problem to accomplish the utility-aware and privacy-preserving trajectory synthesizing. The upper-level objective guarantees data utility and the lower-level optimization problems (or upper-level constraints) provides two-layer privacy protection for S 3 T -Trajectory, i.e., resisting location inference attacks and social relationship privacy attacks. We conduct extensive experiments on large-scale real-world datasets loc-Gowalla and loc-Brightkite. The experimental results demonstrate the effectiveness and robustness of S 3 T Trajectory. Compared with the baseline models, S 3 T Trajectory achieves between 7.8% and 23.8% performance improvement in resisting social relationship privacy attacks and achieves at least 5.19% improvement regarding data utility.
36
Jamjoom, Mona, Hussein Abulkasim, and Safia Abbas. "Lightweight Authenticated Privacy-Preserving Secure Framework for the Internet of Vehicles." Security and Communication Networks 2022 (September 9, 2022): 1–11. http://dx.doi.org/10.1155/2022/6573060.
Full textAbstract:
The integration of the Internet of things and dynamic vehicles has become unavoidable in advanced transportation systems. The vehicles communicate wirelessly with other vehicles, cloud servers, and roadside units via open communication channels. The openness of the above-mentioned entities and their communication tools introduces new difficulties, such as data privacy, vulnerabilities, data integrity, and scalability. To enhance data privacy and ensure security, a lightweight authenticated privacy-preserving secure framework is presented in the Internet of vehicles deployment. The proposed scheme can achieve confidentiality, privacy, authenticity, integrity, anonymity, and perfect forward secrecy based on blockchain technology, elliptic curve cryptography, and a one-way hash function. The proposed framework is secure against well-known cyberattacks, including replay attacks, man-in-the-middle attacks, traffic analysis attacks, and DDoS attacks. The security analysis shows the robustness of the proposed scheme. Finally, the results demonstrate that the proposed framework is efficient and feasible in practice.
37
Akgün, Mete, Nico Pfeifer, and Oliver Kohlbacher. "Efficient privacy-preserving whole-genome variant queries." Bioinformatics 38, no. 8 (February 12, 2022): 2202–10. http://dx.doi.org/10.1093/bioinformatics/btac070.
Full textAbstract:
Abstract Motivation Diagnosis and treatment decisions on genomic data have become widespread as the cost of genome sequencing decreases gradually. In this context, disease–gene association studies are of great importance. However, genomic data are very sensitive when compared to other data types and contains information about individuals and their relatives. Many studies have shown that this information can be obtained from the query-response pairs on genomic databases. In this work, we propose a method that uses secure multi-party computation to query genomic databases in a privacy-protected manner. The proposed solution privately outsources genomic data from arbitrarily many sources to the two non-colluding proxies and allows genomic databases to be safely stored in semi-honest cloud environments. It provides data privacy, query privacy and output privacy by using XOR-based sharing and unlike previous solutions, it allows queries to run efficiently on hundreds of thousands of genomic data. Results We measure the performance of our solution with parameters similar to real-world applications. It is possible to query a genomic database with 3 000 000 variants with five genomic query predicates under 400 ms. Querying 1 048 576 genomes, each containing 1 000 000 variants, for the presence of five different query variants can be achieved approximately in 6 min with a small amount of dedicated hardware and connectivity. These execution times are in the right range to enable real-world applications in medical research and healthcare. Unlike previous studies, it is possible to query multiple databases with response times fast enough for practical application. To the best of our knowledge, this is the first solution that provides this performance for querying large-scale genomic data. Availability and implementation https://gitlab.com/DIFUTURE/privacy-preserving-variant-queries. Supplementary information Supplementary data are available at Bioinformatics online.
38
Telenti, Amalio, Erman Ayday, and Jean Pierre Hubaux. "On genomics, kin, and privacy." F1000Research 3 (March 31, 2014): 80. http://dx.doi.org/10.12688/f1000research.3817.1.
Full textAbstract:
The storage of greater numbers of exomes or genomes raises the question of loss of privacy for the individual and for families if genomic data are not properly protected. Access to genome data may result from a personal decision to disclose, or from gaps in protection. In either case, revealing genome data has consequences beyond the individual, as it compromises the privacy of family members. Increasing availability of genome data linked or linkable to metadata through online social networks and services adds one additional layer of complexity to the protection of genome privacy. The field of computer science and information technology offers solutions to secure genomic data so that individuals, medical personnel or researchers can access only the subset of genomic information required for healthcare or dedicated studies.
39
Li, Songyuan, Hui Tian, Hong Shen, and Yingpeng Sang. "Privacy-Preserving Trajectory Data Publishing by Dynamic Anonymization with Bounded Distortion." ISPRS International Journal of Geo-Information 10, no. 2 (February 16, 2021): 78. http://dx.doi.org/10.3390/ijgi10020078.
Full textAbstract:
Publication of trajectory data that contain rich information of vehicles in the dimensions of time and space (location) enables online monitoring and supervision of vehicles in motion and offline traffic analysis for various management tasks. However, it also provides security holes for privacy breaches as exposing individual’s privacy information to public may results in attacks threatening individual’s safety. Therefore, increased attention has been made recently on the privacy protection of trajectory data publishing. However, existing methods, such as generalization via anonymization and suppression via randomization, achieve protection by modifying the original trajectory to form a publishable trajectory, which results in significant data distortion and hence a low data utility. In this work, we propose a trajectory privacy-preserving method called dynamic anonymization with bounded distortion. In our method, individual trajectories in the original trajectory set are mixed in a localized manner to form synthetic trajectory data set with a bounded distortion for publishing, which can protect the privacy of location information associated with individuals in the trajectory data set and ensure a guaranteed utility of the published data both individually and collectively. Through experiments conducted on real trajectory data of Guangzhou City Taxi statistics, we evaluate the performance of our proposed method and compare it with the existing mainstream methods in terms of privacy preservation against attacks and trajectory data utilization. The results show that our proposed method achieves better performance on data utilization than the existing methods using globally static anonymization, without trading off the data security against attacks.
40
Li, Dengke, Han Zhou, and Wen Yang. "Privacy-Preserving Consensus over a Distributed Network against Eavesdropping Attacks." Electronics 8, no. 9 (August 30, 2019): 966. http://dx.doi.org/10.3390/electronics8090966.
Full textAbstract:
Motivated by the increasing risk of data leaks in distributed networks, we consider the privacy-preserving problem in a consensus network in the presence of an eavesdropper who is able to intercept the data transmitted on the network. First, we introduce a consensus protocol with privacy-preserving function, and analyze its convergence and its privacy-preserving effect. Second, we propose a criterion to measure the degree of network privacy leaks in the existence of the eavesdropper. Particularly, we consider the networks with ring topology and small-world topology, where we find a suboptimal eavesdropping strategy that maximizes the probability of privacy leaks. Finally, we verify all the derived results by numerical examples.
41
Sramka, Michal. "Data mining as a tool in privacy-preserving data publishing." Tatra Mountains Mathematical Publications 45, no. 1 (December 1, 2010): 151–59. http://dx.doi.org/10.2478/v10127-010-0011-z.
Full textAbstract:
ABSTRACTMany databases contain data about individuals that are valuable for research, marketing, and decision making. Sharing or publishing data about individuals is however prone to privacy attacks, breaches, and disclosures. The concern here is about individuals’ privacy-keeping the sensitive information about individuals private to them. Data mining in this setting has been shown to be a powerful tool to breach privacy and make disclosures. In contrast, data mining can be also used in practice to aid data owners in their decision on how to share and publish their databases. We present and discuss the role and uses of data mining in these scenarios and also briefly discuss other approaches to private data analysis.
42
Shokri, Reza. "Privacy Games: Optimal User-Centric Data Obfuscation." Proceedings on Privacy Enhancing Technologies 2015, no. 2 (June 1, 2015): 299–315. http://dx.doi.org/10.1515/popets-2015-0024.
Full textAbstract:
AbstractConsider users who share their data (e.g., location) with an untrusted service provider to obtain a personalized (e.g., location-based) service. Data obfuscation is a prevalent user-centric approach to protecting users’ privacy in such systems: the untrusted entity only receives a noisy version of user’s data. Perturbing data before sharing it, however, comes at the price of the users’ utility (service quality) experience which is an inseparable design factor of obfuscation mechanisms. The entanglement of the utility loss and the privacy guarantee, in addition to the lack of a comprehensive notion of privacy, have led to the design of obfuscation mechanisms that are either suboptimal in terms of their utility loss, or ignore the user’s information leakage in the past, or are limited to very specific notions of privacy which e.g., do not protect against adaptive inference attacks or the adversary with arbitrary background knowledge.In this paper, we design user-centric obfuscation mechanisms that impose the minimum utility loss for guaranteeing user’s privacy. We optimize utility subject to a joint guarantee of differential privacy (indistinguishability) and distortion privacy (inference error). This double shield of protection limits the information leakage through obfuscation mechanism as well as the posterior inference. We show that the privacy achieved through joint differential-distortion mechanisms against optimal attacks is as large as the maximum privacy that can be achieved by either of these mechanisms separately. Their utility cost is also not larger than what either of the differential or distortion mechanisms imposes. We model the optimization problem as a leader-follower game between the designer of obfuscation mechanism and the potential adversary, and design adaptive mechanisms that anticipate and protect against optimal inference algorithms. Thus, the obfuscation mechanism is optimal against any inference algorithm.
43
Prasad, Vivek Kumar, Debabrata Dansana, Brojo Kishore Mishra, and Madhuri Bhavsar. "Intensify Cloud Security and Privacy Against Phishing Attacks." ECS Transactions 107, no. 1 (April 24, 2022): 1387–98. http://dx.doi.org/10.1149/10701.1387ecst.
Full textAbstract:
The world of computation has shifted from centralized (client-server, not web-based) to distributed systems during the last three decades. We are now reverting to virtual centralization, i.e., Cloud Computing (CC). In the world of computation, the location of data and processes makes all the difference. A person has complete control over the data and operations in their computer. On the other side, CC involves a vendor providing service and data upkeep. At the same time, the client/customer is ignorant of where the processes are operating or where the data is kept. As a result, the client does not influence it and doesn't have the right to do it. When it comes to data security in cloud computing, the vendor must guarantee service level agreements (SLAs) to persuade the client. As a result, the SLA must define several degrees of security and their complexity depending on the benefits for the client to comprehend the security rules in place. Phishing is a social engineering assault that is frequently used to obtain user information, such as login passwords and credit card details. It happens when an attacker poses as a trustworthy entity and tricks the victim into opening an e-mail, instant message, or text message. In this research paper, the methodology that tries to identify the phishing attack in the cloud eco-system has been explored and mentioned. The approach used here classifies the malicious and non-malicious URLs.
44
Mittos, Alexandros, Bradley Malin, and Emiliano De Cristofaro. "Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective." Proceedings on Privacy Enhancing Technologies 2019, no. 1 (January 1, 2019): 87–107. http://dx.doi.org/10.2478/popets-2019-0006.
Full textAbstract:
Abstract Rapid advances in human genomics are enabling researchers to gain a better understanding of the role of the genome in our health and well-being, stimulating hope for more effective and cost efficient healthcare. However, this also prompts a number of security and privacy concerns stemming from the distinctive characteristics of genomic data. To address them, a new research community has emerged and produced a large number of publications and initiatives. In this paper, we rely on a structured methodology to contextualize and provide a critical analysis of the current knowledge on privacy-enhancing technologies used for testing, storing, and sharing genomic data, using a representative sample of the work published in the past decade. We identify and discuss limitations, technical challenges, and issues faced by the community, focusing in particular on those that are inherently tied to the nature of the problem and are harder for the community alone to address. Finally, we report on the importance and difficulty of the identified challenges based on an online survey of genome data privacy experts.
45
Baker, Dixie B., Bartha M. Knoppers, Mark Phillips, David van Enckevort, Petra Kaufmann, Hanns Lochmuller, and Domenica Taruscio. "Privacy-Preserving Linkage of Genomic and Clinical Data Sets." IEEE/ACM Transactions on Computational Biology and Bioinformatics 16, no. 4 (July 1, 2019): 1342–48. http://dx.doi.org/10.1109/tcbb.2018.2855125.
Full text
46
Bonomi, Luca, Yingxiang Huang, and Lucila Ohno-Machado. "Privacy challenges and research opportunities for genomic data sharing." Nature Genetics 52, no. 7 (June 29, 2020): 646–54. http://dx.doi.org/10.1038/s41588-020-0651-0.
Full text
47
Asharov, Gilad, Shai Halevi, Yehuda Lindell, and Tal Rabin. "Privacy-Preserving Search of Similar Patients in Genomic Data." Proceedings on Privacy Enhancing Technologies 2018, no. 4 (October 1, 2018): 104–24. http://dx.doi.org/10.1515/popets-2018-0034.
Full textAbstract:
Abstract The growing availability of genomic data holds great promise for advancing medicine and research, but unlocking its full potential requires adequate methods for protecting the privacy of individuals whose genome data we use. One example of this tension is running Similar Patient Query on remote genomic data: In this setting a doctor that holds the genome of his/her patient may try to find other individuals with “close” genomic data, and use the data of these individuals to help diagnose and find effective treatment for that patient’s conditions. This is clearly a desirable mode of operation. However, the privacy exposure implications are considerable, and so we would like to carry out the above “closeness” computation in a privacy preserving manner. In this work we put forward a new approach for highly efficient secure computation for computing an approximation of the Similar Patient Query problem. We present contributions on two fronts. First, an approximation method that is designed with the goal of achieving efficient private computation. Second, further optimizations of the two-party protocol. Our tests indicate that the approximation method works well, it returns the exact closest records in 98% of the queries and very good approximation otherwise. As for speed, our protocol implementation takes just a few seconds to run on databases with thousands of records, each of length thousands of alleles, and it scales almost linearly with both the database size and the length of the sequences in it. As an example, in the datasets of the recent iDASH competition, after a one-time preprocessing of around 12 seconds, it takes around a second to find the nearest five records to a query, in a size-500 dataset of length- 3500 sequences. This is 2-3 orders of magnitude faster than using state-of-the-art secure protocols with existing edit distance algorithms.
48
Tao, Zhiheng. "The Protection of Data Privacy of College Students." MATEC Web of Conferences 363 (2022): 01031. http://dx.doi.org/10.1051/matecconf/202236301031.
Full textAbstract:
Privacy data belongs to big data, and it is personal information from our lives. The common problem is privacy leaking and cyber attacks. The current solution uses a complex algorithm to encrypt data, but it is expensive and inefficient. In the paper, we combine students' information at university to make four layers based on a reliable framework named FMM. The proposed framework FMM, according to different privacy levels, will choose other encryption methods to protect these data and increase efficiency to keep trade-offs.
49
Zhang, Yinghui, Jiangfan Zhao, Dong Zheng, Kaixin Deng, Fangyuan Ren, Xiaokun Zheng, and Jiangang Shu. "Privacy-Preserving Data Aggregation against False Data Injection Attacks in Fog Computing." Sensors 18, no. 8 (August 13, 2018): 2659. http://dx.doi.org/10.3390/s18082659.
Full textAbstract:
As an extension of cloud computing, fog computing has received more attention in recent years. It can solve problems such as high latency, lack of support for mobility and location awareness in cloud computing. In the Internet of Things (IoT), a series of IoT devices can be connected to the fog nodes that assist a cloud service center to store and process a part of data in advance. Not only can it reduce the pressure of processing data, but also improve the real-time and service quality. However, data processing at fog nodes suffers from many challenging issues, such as false data injection attacks, data modification attacks, and IoT devices’ privacy violation. In this paper, based on the Paillier homomorphic encryption scheme, we use blinding factors to design a privacy-preserving data aggregation scheme in fog computing. No matter whether the fog node and the cloud control center are honest or not, the proposed scheme ensures that the injection data is from legal IoT devices and is not modified and leaked. The proposed scheme also has fault tolerance, which means that the collection of data from other devices will not be affected even if certain fog devices fail to work. In addition, security analysis and performance evaluation indicate the proposed scheme is secure and efficient.
50
Gao, Ji, Sanjam Garg, Mohammad Mahmoody, and Prashant Nalini Vasudevan. "Deletion inference, reconstruction, and compliance in machine (un)learning." Proceedings on Privacy Enhancing Technologies 2022, no. 3 (July 2022): 415–36. http://dx.doi.org/10.56553/popets-2022-0079.
Full textAbstract:
Privacy attacks on machine learning models aim to identify the data that is used to train such models. Such attacks, traditionally, are studied on static models that are trained once and are accessible by the adversary. Motivated to meet new legal requirements, many machine learning methods are recently extended to support machine unlearning, i.e., updating models as if certain examples are removed from their training sets, and meet new legal requirements. However, privacy attacks could potentially become more devastating in this new setting, since an attacker could now access both the original model before deletion and the new model after the deletion. In fact, the very act of deletion might make the deleted record more vulnerable to privacy attacks. Inspired by cryptographic definitions and the differential privacy framework, we formally study privacy implications of machine unlearning. We formalize (various forms of) deletion inference and deletion reconstruction attacks, in which the adversary aims to either identify which record is deleted or to reconstruct (perhaps part of) the deleted records. We then present successful deletion inference and reconstruction attacks for a variety of machine learning models and tasks such as classification, regression, and language models. Finally, we show that our attacks would provably be precluded if the schemes satisfy (variants of) deletion compliance (Garg, Goldwasser, and Vasudevan, Eurocrypt’20).