Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

QueryCheetah: Fast Automated Discovery of Attribute Inference Attacks Against Query-Based Systems

Bozhidar Stevanoski, Ana-Maria Cretu, Yves-Alexandre de Montjoye

TL;DR

This work proposes QueryCheetah, a fast and effective method for automated discovery of privacy attacks against QBSs and shows it to discover stronger attacks than previous methods while being 18 times faster than the state-of-the-art automated approach.

Abstract

Query-based systems (QBSs) are one of the key approaches for sharing data. QBSs allow analysts to request aggregate information from a private protected dataset. Attacks are a crucial part of ensuring QBSs are truly privacy-preserving. The development and testing of attacks is however very labor-intensive and unable to cope with the increasing complexity of systems. Automated approaches have been shown to be promising but are currently extremely computationally intensive, limiting their applicability in practice. We here propose QueryCheetah, a fast and effective method for automated discovery of privacy attacks against QBSs. We instantiate QueryCheetah on attribute inference attacks and show it to discover stronger attacks than previous methods while being 18 times faster than the state-of-the-art automated approach. We then show how QueryCheetah allows system developers to thoroughly evaluate the privacy risk, including for various attacker strengths and target individuals. We finally show how QueryCheetah can be used out-of-the-box to find attacks in larger syntaxes and workarounds around ad-hoc defenses.

QueryCheetah: Fast Automated Discovery of Attribute Inference Attacks Against Query-Based Systems

TL;DR

This work proposes QueryCheetah, a fast and effective method for automated discovery of privacy attacks against QBSs and shows it to discover stronger attacks than previous methods while being 18 times faster than the state-of-the-art automated approach.

Abstract

Query-based systems (QBSs) are one of the key approaches for sharing data. QBSs allow analysts to request aggregate information from a private protected dataset. Attacks are a crucial part of ensuring QBSs are truly privacy-preserving. The development and testing of attacks is however very labor-intensive and unable to cope with the increasing complexity of systems. Automated approaches have been shown to be promising but are currently extremely computationally intensive, limiting their applicability in practice. We here propose QueryCheetah, a fast and effective method for automated discovery of privacy attacks against QBSs. We instantiate QueryCheetah on attribute inference attacks and show it to discover stronger attacks than previous methods while being 18 times faster than the state-of-the-art automated approach. We then show how QueryCheetah allows system developers to thoroughly evaluate the privacy risk, including for various attacker strengths and target individuals. We finally show how QueryCheetah can be used out-of-the-box to find attacks in larger syntaxes and workarounds around ad-hoc defenses.
Paper Structure (44 sections, 5 equations, 8 figures, 13 tables, 4 algorithms)

This paper contains 44 sections, 5 equations, 8 figures, 13 tables, 4 algorithms.

Table of Contents

  1. Introduction
  2. Background
  3. Query-based system
  4. Diffix
  5. Diffix's main defenses
  6. Query syntax
  7. Diffix's mitigations
  8. Threat model for attribute inference attacks
  9. Semi-automated AIA against Diffix: Differential noise-exploitation attack
  10. Fully-automated AIA against Diffix: QuerySnout
  11. Formalizing AIA against a QBS as a privacy game
  12. Methodology
  13. Experimental setup
  14. Datasets
  15. Evaluation metrics
  16. ...and 29 more sections

Figures (8)

  • Figure 1: Overview of a typical query-based system. An analyst 1) sends a query to the system, which 2) might be modified internally to a form compatible with the database; then 3) the database returns an unperturbed answer, which the 4) system perturbs and returns to the analyst.
  • Figure 2: Overview of the pipeline used by the attacker in QuerySnout cretu2022querysnout to estimate the fitness of a multiset of queries.
  • Figure 3: Illustration of QueryCheetah's local search in one stage.
  • Figure 4: Illustration of QueryCheetah's multi-stage search.
  • Figure 5: Execution time for attacking one target user in one repetition under the limited query syntax $\mathcal{Q}_{lim}$. We show the mean $\pm$ standard deviation of the test accuracy obtained from playing the privacy game on the Adult dataset using 5 repetitions, each repetition with 100 randomly selected users. On the right-hand side, we also show the accuracy change of the average attack from one iteration to the next.
  • ...and 3 more figures