Evaluation of a Query-Obfuscation Mechanism for the Privacy Protection of User Profiles

Jose Antonio Estrada-Jiménez, Ana Fernanda Rodríguez, Javier Parra, Jordi Forné

Abstract


Traces related to our identity are left every day while we browse the Internet. Being the user’s information a very valued asset for most of the companies, user activities on Internet are permanently monitored, and the information obtained from this process is used by big advertising companies. Accurate user profiles are built based on web searches, tags, tweets and even clicks issued by users. Collecting and processing this huge amount of personal data represents a serious risk for the user’s privacy but most of people are not aware of such risk.

We describe in this paper a way to measure the effectiveness of a query obfuscation method. Since privacy level of user profiles is only estimated theoretically in some previous work, we firstly create a privacy risk measuring tool in a Firefox add-on which we named PrivMeter. Besides warning the user about his privacy levels, this tool is especially useful to evaluate the obfuscation mechanism offered by another very well-known add-on called TrackMeNot. We find that, for identification attacks, TrackMeNot importantly improved the user’s privacy. However, against more sophisticated attacks, such as classification attacks, the obfuscation mechanism was not successful enough.


Keywords


privacy evaluation; privacy protection; query obfuscation; profiling; Shannon’s entropy; Kullback-Leibler divergence; user profile

Full Text:

PDF


DOI: http://dx.doi.org/10.5296/npa.v6i2.5395

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

To make sure that you can receive messages from us, please add the 'macrothink.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.

Copyright © Macrothink Institute ISSN 1943-3581