Nonadaptive Mastermind Algorithms for String and Vector Databases, with Case Studies

TL;DR

This paper introduces sparsity-exploiting nonadaptive Mastermind algorithms that efficiently attack the privacy of string and vector databases by leveraging minimal privacy leakage, with theoretical bounds and experimental validation on real-world data.

Contribution

It presents novel nonadaptive Mastermind algorithms based on group testing principles that exploit data sparsity to efficiently breach database privacy.

Findings

Sublinear query bounds for database cloning

Effective attack on genomic and social network data

Few queries suffice to recover most database information

Abstract

In this paper, we study sparsity-exploiting Mastermind algorithms for attacking the privacy of an entire database of character strings or vectors, such as DNA strings, movie ratings, or social network friendship data. Based on reductions to nonadaptive group testing, our methods are able to take advantage of minimal amounts of privacy leakage, such as contained in a single bit that indicates if two people in a medical database have any common genetic mutations, or if two people have any common friends in an online social network. We analyze our Mastermind attack algorithms using theoretical characterizations that provide sublinear bounds on the number of queries needed to clone the database, as well as experimental tests on genomic information, collaborative filtering data, and online social networks. By taking advantage of the generally sparse nature of these real-world databases and modulating a parameter that controls query sparsity, we demonstrate that relatively few nonadaptive queries are needed to recover a large majority of each database.