PRIVEE: A Visual Analytic Workflow for Proactive Privacy Risk Inspection of Open Data

Kaustav Bhattacharjee, Akm Islam, Jaideep Vaidya, Aritra Dasgupta

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Scopus citations

Abstract

Open data sets that contain personal information are susceptible to adversarial attacks even when anonymized. By performing low-cost joins on multiple datasets with shared attributes, malicious users of open data portals might get access to information that violates individuals' privacy. However, open data sets are primarily published using a release-and-forget model, whereby data owners and custodians have little to no cognizance of these privacy risks. We address this critical gap by developing a visual analytic solution that enables data defenders to gain awareness about the disclosure risks in local, joinable data neighborhoods. The solution is derived through a design study with data privacy researchers, where we initially play the role of a red team and engage in an ethical data hacking exercise based on privacy attack scenarios. We use this problem and domain characterization to develop a set of visual analytic interventions as a defense mechanism and realize them in PRIVEE, a visual risk inspection workflow that acts as a proactive monitor for data defenders. PRIVEE uses a combination of risk scores and associated interactive visualizations to let data defenders explore vulnerable joins and interpret risks at multiple levels of data granularity. We demonstrate how PRIVEE can help emulate the attack strategies and diagnose disclosure risks through two case studies with data privacy experts.

Original languageEnglish (US)
Title of host publication2022 IEEE Symposium on Visualization for Cyber Security, VizSec 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665461481
DOIs
StatePublished - 2022
Externally publishedYes
Event2022 IEEE Symposium on Visualization for Cyber Security, VizSec 2022 - Oklahoma City, United States
Duration: Oct 19 2022 → …

Publication series

Name2022 IEEE Symposium on Visualization for Cyber Security, VizSec 2022

Conference

Conference2022 IEEE Symposium on Visualization for Cyber Security, VizSec 2022
Country/TerritoryUnited States
CityOklahoma City
Period10/19/22 → …

All Science Journal Classification (ASJC) codes

  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Keywords

  • Human-centered computing
  • Visual analytics
  • Visualization
  • Visualization application domains

Fingerprint

Dive into the research topics of 'PRIVEE: A Visual Analytic Workflow for Proactive Privacy Risk Inspection of Open Data'. Together they form a unique fingerprint.

Cite this