Non-tracking web analytics

Akkuş, İstemi Ekin; Chen, Ruichuan; Hardt, Michaela; Francis, Paul; Gehrke, Johannes

doi:10.1145/2382196.2382268

Cited by 42 publications

(57 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…That is, the ad-network might be able to reveal a specific user's response by comparing WKH DJJUHJDWLRQ UHVXOWV RI GLIIHUHQW TXHULHV 7R support statistics gathering with differential privacy guarantees, there is also a line of work proposing viable approaches [9,[14][15][16][17][18][19][20] .…”

Section: Other Secure Componentsmentioning

confidence: 99%

Towards privacy-preserving user targeting

Jiang

Zheng

Shi

et al. 2016

J. Commun. Inf. Netw.

View full text Add to dashboard Cite

Abstract:User targeting via behavioral analysis is becoming increasingly prevalent in online messaging services. By taking into account users' behavior information such as geographic locations, purchase behaviors, and search histories, vendors can deliver messages to users who are more likely to have a strong preference. For example, advertisers can rely on some ad-network for distributing ads to targeted users. However, collecting such personal information for accurate targeting raises severe privacy concerns. In order to incentivize users to participate in such behavioral targeting systems, addressing the privacy concerns becomes of paramount importance. We provide a survey of privacy-preserving user targeting. We present the architectures of user targeting, the security threats faced by user targeting, and existing approaches to privacy-preserving user targeting. Some IXWXUH UHVHDUFK GLUHFWLRQV DUH DOVR LGHQWL¿HG

show abstract

Section: Other Secure Componentsmentioning

confidence: 99%

Towards privacy-preserving user targeting

Jiang

Zheng

Shi

et al. 2016

J. Commun. Inf. Netw.

View full text Add to dashboard Cite

show abstract

“…Another example is that of an online publisher (e.g., a news website) C that wishes to know more about its online readership [2]. In this case, the aggregator A is an online advertiser that collects information about online users U and monetizes it with online publishers.…”

Section: Applicationsmentioning

confidence: 99%

What’s the Gist? Privacy-Preserving Aggregation of User Profiles

Bilogrevic

Freudiger²,

Cristofaro

et al. 2014

Computer Security - ESORICS 2014

View full text Add to dashboard Cite

Over the past few years, online service providers have started gathering increasing amounts of personal information to build user profiles and monetize them with advertisers and data brokers. Users have little control of what information is processed and are often left with an all-or-nothing decision between receiving free services or refusing to be profiled. This paper explores an alternative approach where users only disclose an aggregate model -the "gist" -of their data. We aim to preserve data utility and simultaneously provide user privacy. We show that this approach can be efficiently supported by letting users contribute encrypted and differentially-private data to an aggregator. The aggregator combines encrypted contributions and can only extract an aggregate model of the underlying data. We evaluate our framework on a dataset of 100,000 U.S. users obtained from the U.S. Census Bureau and show that (i) it provides accurate aggregates with as little as 100 users, (ii) it generates revenue for both users and data brokers, and (iii) its overhead is appreciably low.

show abstract

“…Here the attacker is not polynomially bounded, since we work in a symbolic setting and under the perfect cryptography assumption: the Dolev-Yao attacker can only access the cryptographic libraries exported by the [17] program, which model the idealized semantics of cryptographic primitives by constructs of the language and are, thus, suitable for automated verification.…”

Section: Distributed Differential Privacymentioning

confidence: 99%

“…Analyzing the privacy properties of these systems by hand is not only tedious but, due to the complex nature of the systems and their underlying cryptographic protocols, also prone to overlooking attacks. For instance, we discovered a previously unknown attack on a recently proposed protocol for privacy-preserving web analytics by Akkus et al [17].…”

Section: Distributed Differential Privacymentioning

confidence: 99%

See 1 more Smart Citation

Differential Privacy by Typing in Security Protocols

Eigner

Maffei

2013

2013 IEEE 26th Computer Security Foundations Symposium

View full text Add to dashboard Cite

Differential privacy is a confidentiality property for database queries which allows for the release of statistical information about the content of a database without disclosing personal data. The variety of database queries and enforcement mechanisms has recently sparked the development of a number of mechanized proof techniques for differential privacy.Personal data, however, are often spread across multiple databases and queries have to be jointly computed by multiple, possibly malicious, parties. Many cryptographic protocols have been proposed to protect the data in transit on the network and to achieve differential privacy in a distributed, adversarial setting. Proving differential privacy for such protocols is hard and, unfortunately, out of the scope of the aforementioned mechanized proof techniques.In this work, we present the first framework for the mechanized verification of distributed differential privacy. We propose a symbolic definition of differential privacy for distributed databases, which takes into account Dolev-Yao intruders and can be used to reason about compromised parties. Furthermore, we develop a linear, distance-aware type system to statically and automatically enforce distributed differential privacy in cryptographic protocol implementations (expressed in the RCF calculus). We also provide an algorithmic variant of our type system, which we prove sound and complete. Finally, we tested our analysis technique on a recently proposed protocol for privacy-preserving web analytics: we discovered a new attack acknowledged by the authors, proposed a fix, and successfully type-checked the revised variant.

show abstract

Non-tracking web analytics

Cited by 42 publications

References 18 publications

Towards privacy-preserving user targeting

Towards privacy-preserving user targeting

What’s the Gist? Privacy-Preserving Aggregation of User Profiles

Differential Privacy by Typing in Security Protocols

Contact Info

Product

Resources

About