Statistical privacy and security

Abstract

The tremendous increase of personal data being shared online, along with the rapid development of data mining techniques is a serious threats to privacy and security, as evidenced by the numerous privacy and security scandals of the past several years. At their core, the new privacy and security challenges that the big data revolution poses are due to the unclear boundary between data shared willingly, which is deemed not-sensitive, and the sensitive data that one wants to keep private. Traditional tools in security and privacy provide protection by encrypting personal data, but this method is not sustainable when it is unclear whether, or how much, the data is sensitive to begin with. The premise of this thesis is that information theoretic tools and insights are useful to identify how releasing personal data can impact privacy and security, and can serve as a design driver for building privacy preserving, and security enhancing systems.

In particular, we will be focused on two types of attacks. In the first, we consider how a user may release some personal data (e.g. movie ratings) in exchange for a service (e.g. movie recommendations), while simultaneously not leaking information about a sensitive attribute correlated with the personal data (e.g. political orientation). To this end, we design a privacy framework which captures the inference threat of releasing data, and use the latter to find optimal privacy-preserving mechanisms, which allows the user to trade utility for privacy. In the second part, we look at brute-force attacks where an adversary attempts to breach into a password secured system by querying potential passwords. Users of such systems are likely to generate poor passwords, re-use passwords across systems, and especially susceptible to targeted attacks if their password is correlated with personal data that is available online.

We consider various setups under which Brute-force attacks occur, and analyze the security guarantees one obtain via Guesswork - an information theoretic quantity that is a surrogate for the computational effort than the attacker has to perform. The analysis of both attacks reveals that data is a precious commodity which should be handled with care, and how the entire data acquisition and communication pipeline can come under attack. Additionally, Information Theory and Statistics offers a dimension of tools which is complementary to the existing ones, while still capturing the fundamentals of the security and privacy threats in the digital age.