Saved in:
Bibliographic Details
Main Authors: Francis, Paul, Wagner, David
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2507.01710
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866913922896887808
author Francis, Paul
Wagner, David
author_facet Francis, Paul
Wagner, David
contents The purpose of anonymizing structured data is to protect the privacy of individuals in the data while retaining the statistical properties of the data. An important class of attack on anonymized data is attribute inference, where an attacker infers the value of an unknown attribute of a target individual given knowledge of one or more known attributes. A major limitation of recent attribute inference measures is that they do not take recall into account, only precision. It is often the case that attacks target only a fraction of individuals, for instance data outliers. Incorporating recall, however, substantially complicates the measure, because one must determine how to combine recall and precision in a composite measure for both the attack and baseline. This paper presents the design and implementation of an attribute inference measure that incorporates both precision and recall. Our design also improves on how the baseline attribute inference is computed. In experiments using a generic best row match attack on moderately-anonymized microdata, we show that in over 25\% of the attacks, our approach correctly labeled the attack to be at risk while the prior approach incorrectly labeled the attack to be safe.
format Preprint
id arxiv_https___arxiv_org_abs_2507_01710
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Towards Better Attribute Inference Vulnerability Measures
Francis, Paul
Wagner, David
Cryptography and Security
The purpose of anonymizing structured data is to protect the privacy of individuals in the data while retaining the statistical properties of the data. An important class of attack on anonymized data is attribute inference, where an attacker infers the value of an unknown attribute of a target individual given knowledge of one or more known attributes. A major limitation of recent attribute inference measures is that they do not take recall into account, only precision. It is often the case that attacks target only a fraction of individuals, for instance data outliers. Incorporating recall, however, substantially complicates the measure, because one must determine how to combine recall and precision in a composite measure for both the attack and baseline. This paper presents the design and implementation of an attribute inference measure that incorporates both precision and recall. Our design also improves on how the baseline attribute inference is computed. In experiments using a generic best row match attack on moderately-anonymized microdata, we show that in over 25\% of the attacks, our approach correctly labeled the attack to be at risk while the prior approach incorrectly labeled the attack to be safe.
title Towards Better Attribute Inference Vulnerability Measures
topic Cryptography and Security
url https://arxiv.org/abs/2507.01710