Michelle Cheatham (Committee Chair), Robert Fyffe (Other), John Gallagher (Committee Member), Mateen Rizki (Other), Thomas Wischgoll (Committee Member)
Master of Science in Cyber Security (M.S.C.S.)
Data generalization (anonymization) is a widely misunderstood technique for preserving individual privacy in non-interactive data publishing. Easily avoidable anonymization failures are still occurring 14 years after the discovery of basic techniques to protect against them. Identities of individuals in anonymized datasets are at risk of being disclosed by cyber attackers who exploit these failures. To demonstrate the importance of proper data anonymization we present three perspectives on data anonymization. First, we examine several de-anonymization attacks to formalize the anatomy used to conduct attacks on anonymous data. Second, we examine the vulnerabilities of an anonymous nursing workforce survey to convey how this attack anatomy can still be applied to recently published anonymous datasets. We then analyze the impact proper generalization techniques have on the nursing workforce data utility. Finally, we propose the impact emerging technologies will have on de-anonymization attack sophistication and feasibility in the future.
Department or Program
Department of Computer Science and Engineering
Year Degree Awarded
Copyright 2016, some rights reserved. My ETD may be copied and distributed only for non-commercial purposes and may be modified only if the modified version is distributed with these same permissions. All use must give me credit as the original author.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License.