Towards Better Attribute Inference Vulnerability Measures

TL;DR

This paper introduces a new attribute inference vulnerability measure that considers both precision and recall, providing a more comprehensive assessment of privacy risks in anonymized data.

Contribution

It proposes a novel attribute inference measure that incorporates recall alongside precision and improves baseline attack evaluation methods.

Findings

Our approach correctly identified at-risk attacks in over 25% more cases.

The new measure offers a more accurate assessment of attribute inference vulnerabilities.

Experiments demonstrate improved detection of privacy risks in anonymized microdata.

Abstract

The purpose of anonymizing structured data is to protect the privacy of individuals in the data while retaining the statistical properties of the data. An important class of attack on anonymized data is attribute inference, where an attacker infers the value of an unknown attribute of a target individual given knowledge of one or more known attributes. A major limitation of recent attribute inference measures is that they do not take recall into account, only precision. It is often the case that attacks target only a fraction of individuals, for instance data outliers. Incorporating recall, however, substantially complicates the measure, because one must determine how to combine recall and precision in a composite measure for both the attack and baseline. This paper presents the design and implementation of an attribute inference measure that incorporates both precision and recall. Our design also improves on how the baseline attribute inference is computed. In experiments using a generic best row match attack on moderately-anonymized microdata, we show that in over 25\% of the attacks, our approach correctly labeled the attack to be at risk while the prior approach incorrectly labeled the attack to be safe.