Chun-Fu Chen,Bill Moriarty,Shaohan Hu,Sean Moran,Marco Pistoia,Vincenzo Piuri,Pierangela Samarati

DOI: https://doi.org/10.1007/s10207-024-00862-8

2024-05-25

International Journal of Information Security

Abstract:The recent rapid advancements in both sensing and machine learning technologies have given rise to the universal collection and utilization of people's biometrics, such as fingerprints, voices, retina/facial scans, or gait/motion/gestures data, enabling a wide range of applications including authentication, health monitoring, or much more sophisticated analytics. While providing better user experiences and deeper business insights, the use of biometrics has raised serious privacy concerns due to their intrinsic sensitive nature and the accompanying high risk of leaking sensitive information such as identity or medical conditions. In this paper, we propose a novel modality-agnostic data transformation framework that is capable of anonymizing biometric data by suppressing its sensitive attributes while retaining features relevant to downstream machine learning-based analyses that are of research and business values. We carried out a thorough experimental evaluation using publicly available facial, voice, motion, and EEG datasets. Results show that our proposed framework can achieve a high suppression level for sensitive information, while at the same time retain underlying data utility such that subsequent analyses on the anonymized biometric data could still be carried out to yield satisfactory accuracy.

computer science, information systems, theory & methods, software engineering

Abhilasha Bhargav-Spantzel,Anna Squicciarini,Elisa Bertino,Xiangwei Kong,Weike Zhang

DOI: https://doi.org/10.1145/1750389.1750401

2010-01-01

Abstract:We present algorithms to reliably generate biometric identifiers from a user's biometric image which in turn is used for identity verification possibly in conjunction with cryptographic keys. The biometric identifier generation algorithms employ image hashing functions using singular value decomposition and support vector classification techniques. Our algorithms capture generic biometric features that ensure unique and repeatable biometric identifiers. We provide an empirical evaluation of our techniques using 2569 images of 488 different individuals for three types of biometric images; namely fingerprint, iris and face. Based on the biometric type and the classification models, as a result of the empirical evaluation we can generate biometric identifiers ranging from 64 bits up to 214 bits. We provide an example use of the biometric identifiers in privacy preserving multi-factor identity verification based on zero knowledge proofs. Therefore several identity verification factors, including various traditional identity attributes, can be used in conjunction with one or more biometrics of the individual to provide strong identity verification. We also ensure security and privacy of the biometric data. More specifically, we analyze several attack scenarios. We assure privacy of the biometric using the one-way hashing property, in that no information about the original biometric image is revealed from the biometric identifier.

Simon Hanisch,Julian Todt,Jose Patino,Nicholas Evans,Thorsten Strufe

DOI: https://doi.org/10.56553/popets-2024-0008

2024-07-09

Abstract:Biometric data contains distinctive human traits such as facial features or gait patterns. The use of biometric data permits an individuation so exact that the data is utilized effectively in identification and authentication systems. But for this same reason, privacy protections become indispensably necessary. Privacy protection is extensively afforded by the technique of anonymization. Anonymization techniques protect sensitive personal data from biometrics by obfuscating or removing information that allows linking records to the generating individuals, to achieve high levels of anonymity. However, our understanding and possibility to develop effective anonymization relies, in equal parts, on the effectiveness of the methods employed to evaluate anonymization performance. In this paper, we assess the state-of-the-art methods used to evaluate the performance of anonymization techniques for facial images and for gait patterns. We demonstrate that the state-of-the-art evaluation methods have serious and frequent shortcomings. In particular, we find that the underlying assumptions of the state-of-the-art are quite unwarranted. State-of-the-art methods generally assume a difficult recognition scenario and thus a weak adversary. However, that assumption causes state-of-the-art evaluations to grossly overestimate the performance of the anonymization. Therefore, we propose a strong adversary which is aware of the anonymization in place. We improve the selection process for the evaluation dataset, and we reduce the numbers of identities contained in the dataset while ensuring that these identities remain easily distinguishable from one another. Our novel evaluation methodology surpasses the state-of-the-art because we measure worst-case performance and so deliver a highly reliable evaluation of biometric anonymization techniques.

Cryptography and Security

Simon Hanisch,Patricia Arias-Cabarcos,Javier Parra-Arnau,Thorsten Strufe

DOI: https://doi.org/10.48550/arXiv.2109.04120

2023-01-05

Abstract:Our behavior (the way we talk, walk, act or think) is unique and can be used as a biometric trait. It also correlates with sensitive attributes like emotions and health conditions. Hence, techniques to protect individuals privacy against unwanted inferences are required, if such data is planned to be processed. To consolidate knowledge in this area, we systematically review applicable anonymization techniques. We taxonomize and compare existing solutions regarding privacy goals, conceptual operation, advantages, and limitations. We review anonymization techniques for the behavioral biometric traits of voice, gait, hand motions, eye-gaze, heartbeat (ECG), and brain activity (EEG). Our analysis shows that some behavioral traits (e.g., voice) have received much attention, while others (e.g., eye-gaze, brain activity) are mostly neglected. We also find that the evaluation methodology of behavioral anonymization techniques can be further improved.

Cryptography and Security

Abigail Goldsteen,Gilad Ezov,Ron Shmelkin,Micha Moffie,Ariel Farkash

DOI: https://doi.org/10.1007/978-3-030-93944-1_8

2021-08-02

Abstract:There is a known tension between the need to analyze personal data to drive business and privacy concerns. Many data protection regulations, including the EU General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA), set out strict restrictions and obligations on the collection and processing of personal data. Moreover, machine learning models themselves can be used to derive personal information, as demonstrated by recent membership and attribute inference attacks. Anonymized data, however, is exempt from the obligations set out in these regulations. It is therefore desirable to be able to create models that are anonymized, thus also exempting them from those obligations, in addition to providing better protection against attacks. Learning on anonymized data typically results in significant degradation in accuracy. In this work, we propose a method that is able to achieve better model accuracy by using the knowledge encoded within the trained model, and guiding our anonymization process to minimize the impact on the model's accuracy, a process we call accuracy-guided anonymization. We demonstrate that by focusing on the model's accuracy rather than generic information loss measures, our method outperforms state of the art k-anonymity methods in terms of the achieved utility, in particular with high values of k and large numbers of quasi-identifiers. We also demonstrate that our approach has a similar, and sometimes even better ability to prevent membership inference attacks as approaches based on differential privacy, while averting some of their drawbacks such as complexity, performance overhead and model-specific implementations. This makes model-guided anonymization a legitimate substitute for such methods and a practical approach to creating privacy-preserving models.

Cryptography and Security,Machine Learning

Shuiming Ye,Ying Luo,Jian Zhao,Sen-ChingS Cheung

DOI: https://doi.org/10.1155/2009/865259

2009-01-01

Abstract:Access control systems using the latest biometric technologies can offer a higher level of security than conventional password-based systems. Their widespread deployments, however, can severely undermine individuals' rights of privacy. Biometric signals are immutable and can be exploited to associate individuals' identities to sensitive personal records across disparate databases. In this paper, we propose the Anonymous Biometric Access Control (ABAC) system to protect user anonymity. The ABAC system uses novel Homomorphic Encryption (HE) based protocols to verify membership of a user without knowing his/her true identity. To make HE-based protocols scalable to large biometric databases, we propose the Open image in new window -Anonymous Quantization (kAQ) framework that provides an effective and secure tradeoff of privacy and complexity. kAQ limits server's knowledge of the user to Open image in new window maximally dissimilar candidates in the database, where k controls the amount of complexity-privacy tradeoff. kAQ is realized by a constant-time table lookup to identity the Open image in new window candidates followed by a HE-based matching protocol applied only on these candidates. The maximal dissimilarity protects privacy by destroying any similarity patterns among the returned candidates. Experimental results on iris biometrics demonstrate the validity of our framework and illustrate a practical implementation of an anonymous biometric system.

Shuang Wang,Xiaoqian Jiang,Lucila Ohno-Machado,Lijuan Cui,Samuel Cheng,Hongkai Xiong

DOI: https://doi.org/10.1109/hisb.2012.53

2012-01-01

Abstract:Privacy is an important concern when biometrics are used in authentication systems for accessing Electronic Health Records (EHR) or other biomedical research data repositories involving human subjects. Biometrics of individuals deserve careful protection because they contain sensitive information closely related to personal privacy (e.g., personal health, ethnic group, etc.) and the leakage of such information can be used to re-identify individuals. More importantly, biometrics are unique and they are not easily revocable. Existing secure biometric systems prevent attackers from collecting unprotected biometrics in databases, however, they cannot guarantee confidentiality in probing and transmitting biometrics.

Julian Todt,Simon Hanisch,Thorsten Strufe

2024-07-09

Abstract:Biometric data is pervasively captured and analyzed. Using modern machine learning approaches, identity and attribute inferences attacks have proven high accuracy. Anonymizations aim to mitigate such disclosures by modifying data in a way that prevents identification. However, the effectiveness of some anonymizations is unclear. Therefore, improvements of the corresponding evaluation methodology have been proposed recently. In this paper, we introduce SEBA, a framework for strong evaluation of biometric anonymizations. It combines and implements the state-of-the-art methodology in an easy-to-use and easy-to-expand software framework. This allows anonymization designers to easily test their techniques using a strong evaluation methodology. As part of this discourse, we introduce and discuss new metrics that allow for a more straightforward evaluation of the privacy-utility trade-off that is inherent to anonymization attempts. Finally, we report on a prototypical experiment to demonstrate SEBA's applicability.

Cryptography and Security,Computer Vision and Pattern Recognition

Juan Carlos Bernal-Romero,Juan Manuel Ramírez-Cortés,José de Jesús Rangel-Magdaleno

DOI: https://doi.org/10.1109/mim.2024.10472986

2024-03-19

IEEE Instrumentation and Measurement Magazine

Abstract:Nowadays, technological advancements have pushed the growth of cyber-physical ecosystems through wearable and smart devices in the interoperability of the Internet of Things (IoT), cloud computing, and information technology. All these IoT devices are designed to launch multiple services or applications that require identity management systems, i.e., user access control systems for services, applications, resources, or data. Furthermore, access control systems are based on pattern recognition systems, where patterns cannot be forgotten, swapped, counterfeited, lost, or stolen. Consequently, biometric systems present an excellent opportunity area for security, social acceptance, performance, and experience quality for users, because biometric traits are unique to each individual and persist throughout their lifetime, preventing swapping, loss, or forgetting. Nonetheless, some biometric traits are not secrets, i.e., some traits can be acquired without an individual's knowledge and consent, e.g., a person's face or voice in social media videos. At the same time, the development of artificial intelligence has facilitated identity swap, attribute manipulation, and realistic expression exchange through image, audio, or video synthesis techniques known as DeepFakes.

engineering, electrical & electronic,instruments & instrumentation

Zhiyong Zhou,Yuanning Liu,Xiaodong Zhu,Shaoqiang Zhang,Zhen Liu

DOI: https://doi.org/10.1016/j.ipm.2024.103869

2025-01-01

Abstract:Biometrics have copious merits over traditional authentication schemes and promote information management. The demand for large-scale biometric identification and certification booms. In spite of enhanced efficiency and scalability in cloud-based biometrics, they suffer from compromised privacy during the transmission and storage of irrevocable biometric information. Existing biometric protection strategies fatally degrade the recognition performance, due to two folds: inherent drawbacks of uni-biometrics and inevitable information loss caused by over-protection. Hence, how to make a trade-off between performance and protection is an alluring challenge. To settle these issues, we are the first to present a cancelable multi-biometric system combining iris and periocular traits with recognition performance improved and privacy protection emphasized. Our proposed binary mask-based cross-folding integrates multi-instance and multi-modal fusion tactics. Further, the steganography based on a low-bit strategy conceals sensitive biometric fusion into QR code with transmission imperceptible. Subsequently, a fine-grained hybrid attention dual-path network through stage-wise training models inter-class separability and intra-class compactness to extract more discriminative templates for biometric fusion. Afterward, the random graph neural network transforms the template into the protection domain to generate the cancelable template versus the malicious. Experimental results on two benchmark datasets, namely IITDv1 and MMUv1, show the proposed algorithm attains promising performance against state-of-the-art approaches in terms of equal error rate. What is more, extensive privacy analysis demonstrates prospective irreversibility, unlinkability, and revocability, respectively.

Huixian Li,Longfei Ju,Liaojun Pang,Xuan Wang

2013-01-01

Journal of Computational Information Systems

Abstract:This paper introduces a new security property, the transaction anonymity, to extend the existing security properties of privacy protection for biometrics, i.e., biometric irreversibility and indistinguishability. Based on these three security properties, a new biometric-based remote authentication scheme with privacy protection is proposed. The proposed scheme employs the Biohashing algorithm to deal with the original biometric data to protect the security and privacy of the biometric template, and at the same time, employs ElGamal algorithm to encrypt the biometric data and user identity information, respectively, to protect the privacy of the users. Compared with the existing schemes, the proposed scheme can meet the three security properties of privacy protection and has the advantages of provable security and practicability. Copyright © 2013 Binary Information Press.

Saidaiah Yechuri

DOI: https://doi.org/10.60087/jaigs.v1i1.229

2024-01-22

Abstract:As the transition to electronic data formats continues, ensuring privacy while maintaining the utility of sensitive data, such as medical records, remains a critical challenge. This paper introduces an enhanced utility-driven data anonymization method that leverages AI and machine learning techniques to optimize data utility during the anonymization process. Specifically, we propose integrating AI-driven feature selection to dynamically assign importance scores to attributes, improving upon traditional generalization and suppression techniques. Additionally, machine learning models are utilized to predict the impact of anonymization on data utility, enabling a more precise balance between privacy protection and research value. Our approach not only ensures compliance with k-anonymity but also integrates differential privacy mechanisms using AI to minimize information loss. Experimental results demonstrate that our method scales efficiently with large datasets, while ML-based evaluation consistently outperforms traditional methods in preserving critical data patterns essential for research and analytics. This fusion of AI and ML into the anonymization process promises a new frontier in privacy-preserving data sharing, particularly in domains like healthcare and public policy, where data utility is paramount.

Jian Xu,Wei Wang,Jian Pei,Xiaoyuan Wang,Baile Shi,Ada Wai-Chee Fu

DOI: https://doi.org/10.1145/1233321.1233324

2006-01-01

ACM SIGKDD Explorations Newsletter

Abstract:Privacy becomes a more and more serious concern in applications involving microdata. Recently, efficient anonymization has attracted much research work. Most of the previous methods use global recoding, which maps the domains of the quasi-identifier attributes to generalized or changed values. However, global recoding may not always achieve effective anonymization in terms of discernability and query answering accuracy using the anonymized data. Moreover, anonymized data is often used for analysis. As well accepted in many analytical applications, different attributes in a data set may have different utility in the analysis. The utility of attributes has not been considered in the previous methods. In this paper, we study the problem of utility-based anonymization. First, we propose a simple framework to specify utility of attributes. The framework covers both numeric and categorical data. Second, we develop two simple yet efficient heuristic local recoding methods for utility-based anonymization. Our extensive performance study using both real data sets and synthetic data sets shows that our methods outperform the state-of-the-art multidimensional global recoding methods in both discernability and query answering accuracy. Furthermore, our utility-based method can boost the quality of analysis using the anonymized data.

Kangyi Ding,Teng Hu,Xiaolei Liu,Weina Niu,Yanping Wang,Xiaosong Zhang

DOI: https://doi.org/10.1109/icme52920.2022.9859898

2022-01-01

Abstract:As an important biometric feature of every person, face data has faced serious risks of leakage in recent years. Lawbreakers can use face recognition systems (FRS) to analyze the leaked face data and then correlate other private information, causing serious privacy leaks. For security reasons, we hope our face images can only be recognized by the organizations' authorized models. To achieve this goal, this work proposes a targeted face image anonymization method that only enables anonymization for unauthorized facial recognition models, whilst authorized models, human eyes can still accurately recognize faces. Our method mainly uses transfer-based adversarial attacks to achieve anonymization. On this basis, we propose constraints for generating targeted anonymization samples and boundary walking strategy, focusing on improving the anonymization for unauthorized models while guaranteeing the accurate recognition of authorized models. Local experiments prove that our method can reduce the recognition probability of unauthorized models while guaranteeing the correctness of authorized models. Finally, we apply our approach to an online face recognition API and experimentally demonstrate that our approach can significantly reduce the recognition accuracy of the commercial face recognition model.

Ying Luo

2014-01-01

Abstract:OF DISSERTATION EFFICIENT ANONYMOUS BIOMETRIC MATCHING IN PRIVACY-AWARE ENVIRONMENTS Video surveillance is an important tool used in security and environmental monitoring, however, the widespread deployment of surveillance cameras has raised serious privacy concerns. Many privacy-enhancing schemes have been recently proposed to automatically redact images of selected individuals in the surveillance video for protection. To identify these individuals for protection, the most reliable approach is to use biometric signals as they are immutable and highly discriminative. If misused, these characteristics of biometrics can seriously defeat the goal of privacy protection. In this dissertation, an Anonymous Biometric Access Control (ABAC) procedure is proposed based on biometric signals for privacy-aware video surveillance. The ABAC procedure uses Secure Multi-party Computational (SMC) based protocols to verify membership of an incoming individual without knowing his/her true identity. To make SMC-based protocols scalable to large biometric databases, I introduce the k-Anonymous Quantization (kAQ) framework to provide an effective and secure tradeoff of privacy and complexity. kAQ limits systems knowledge of the incoming individual to k maximally dissimilar candidates in the database, where k is a design parameter that controls the amount of complexity-privacy tradeoff. The relationship between biometric similarity and privacy is experimentally validated using a twin iris database. The effectiveness of the entire system is demonstrated based on a public iris biometric database. To provide the protected subjects with full access to their privacy information in video surveillance system, I develop a novel privacy information management system that allows subjects to access their information via the same biometric signals used for ABAC. The system is composed of two encrypted-domain protocols: the privacy information encryption protocol encrypts the original video records using the iris pattern acquired during ABAC procedure; the privacy information retrieval protocol allows the video records to be anonymously retrieved through a GC-based iris pattern matching process. Experimental results on a public iris biometric database demonstrate the validity of my framework.

Mohammad Malekzadeh,Richard G. Clegg,Andrea Cavallaro,Hamed Haddadi

DOI: https://doi.org/10.1145/3302505.3310068

2019-02-19

Abstract:Motion sensors such as accelerometers and gyroscopes measure the instant acceleration and rotation of a device, in three dimensions. Raw data streams from motion sensors embedded in portable and wearable devices may reveal private information about users without their awareness. For example, motion data might disclose the weight or gender of a user, or enable their re-identification. To address this problem, we propose an on-device transformation of sensor data to be shared for specific applications, such as monitoring selected daily activities, without revealing information that enables user identification. We formulate the anonymization problem using an information-theoretic approach and propose a new multi-objective loss function for training deep autoencoders. This loss function helps minimizing user-identity information as well as data distortion to preserve the application-specific utility. The training process regulates the encoder to disregard user-identifiable patterns and tunes the decoder to shape the output independently of users in the training set. The trained autoencoder can be deployed on a mobile or wearable device to anonymize sensor data even for users who are not included in the training dataset. Data from 24 users transformed by the proposed anonymizing autoencoder lead to a promising trade-off between utility and privacy, with an accuracy for activity recognition above 92% and an accuracy for user identification below 7%.

Machine Learning

Jingzhi Li,Lutong Han,Ruoyu Chen,Hua Zhang,Bing Han,Lili Wang,Xiaochun Cao

DOI: https://doi.org/10.1145/3474085.3475367

2021-01-01

Abstract:With the popularity of using computer vision technology in monitoring system, there is an increasing societal concern on intruding people's privacy as the captured images/videos may contain identity-related information e.g. people's face. Existing methods on protecting such privacy focus on removing the identity-related information from faces. However, this would weaken the utility of current monitoring system. In this paper, we develop a face anonymization framework that could obfuscate visual appearance while preserving the identity discriminability. The framework is composed of two parts: an identity-aware region discovery module and an identity-aware face confusion module. The former adaptively locates the identity-independent attributes on human faces, and the latter generates the privacy-preserving faces using original faces and discovered facial attributes. To optimize the face generator, we employ a multi-task based loss function, which consists of discriminator loss, identify preserving loss, and reconstruction loss functions. Our model can achieve a balance between recognition utility and appearance anonymizing by modifying different numbers of facial attributes according to pratical demands, and provide a variety of results. Extensive experiments conducted on two public benchmarks Celeb-A and VGG-Face2 demonstrate the effectiveness of our model under distinct face recognition scenarios.

Yusi Wei,Hande Y. Benson,Joseph K. Agor,Muge Capan

2025-01-02

Abstract:Data is essential for secondary use, but ensuring its privacy while allowing such use is a critical challenge. Various techniques have been proposed to address privacy concerns in data sharing and publishing. However, these methods often degrade data utility, impacting the performance of machine learning (ML) models. Our research identifies key limitations in existing optimization models for privacy preservation, particularly in handling categorical variables, assessing data utility, and evaluating effectiveness across diverse datasets. We propose a novel multi-objective optimization model that simultaneously minimizes information loss and maximizes protection against attacks. This model is empirically validated using diverse datasets and compared with two existing algorithms. We assess information loss, the number of individuals subject to linkage or homogeneity attacks, and ML performance after anonymization. The results indicate that our model achieves lower information loss and more effectively mitigates the risk of attacks, reducing the number of individuals susceptible to these attacks compared to alternative algorithms in some cases. Additionally, our model maintains comparative ML performance relative to the original data or data anonymized by other methods. Our findings highlight significant improvements in privacy protection and ML model performance, offering a comprehensive framework for balancing privacy and utility in data sharing.

Machine Learning,Optimization and Control

Feiyang Tang

DOI: https://doi.org/10.1109/SmartWorld-UIC-ATC-ScalCom-DigitalTwin-PriComp-Metaverse56740.2022.00327

2022-12-21

Abstract:Biometric data privacy is becoming a major concern for many organizations in the age of big data, particularly in the ICT sector, because it may be easily exploited in apps. Most apps utilize biometrics by accessing common application programming interfaces (APIs); hence, we aim to categorize their usage. The categorization based on behavior may be closely correlated with the sensitive processing of a user's biometric data, hence highlighting crucial biometric data privacy assessment concerns. We propose PABAU, Privacy Analysis of Biometric API Usage. PABAU learns semantic features of methods in biometric APIs and uses them to detect and categorize the usage of biometric API implementation in the software according to their privacy-related behaviors. This technique bridges the communication and background knowledge gap between technical and non-technical individuals in organizations by providing an automated method for both parties to acquire a rapid understanding of the essential behaviors of biometric API in apps, as well as future support to data protection officers (DPO) with legal documentation, such as conducting a Data Protection Impact Assessment (DPIA).

Cryptography and Security,Machine Learning,Software Engineering

Kai Packhäuser,Sebastian Gündel,Florian Thamm,Felix Denzinger,Andreas Maier

2023-07-24

Abstract:Robust and reliable anonymization of chest radiographs constitutes an essential step before publishing large datasets of such for research purposes. The conventional anonymization process is carried out by obscuring personal information in the images with black boxes and removing or replacing meta-information. However, such simple measures retain biometric information in the chest radiographs, allowing patients to be re-identified by a linkage attack. Therefore, there is an urgent need to obfuscate the biometric information appearing in the images. We propose the first deep learning-based approach (PriCheXy-Net) to targetedly anonymize chest radiographs while maintaining data utility for diagnostic and machine learning purposes. Our model architecture is a composition of three independent neural networks that, when collectively used, allow for learning a deformation field that is able to impede patient re-identification. Quantitative results on the ChestX-ray14 dataset show a reduction of patient re-identification from 81.8% to 57.7% (AUC) after re-training with little impact on the abnormality classification performance. This indicates the ability to preserve underlying abnormality patterns while increasing patient privacy. Lastly, we compare our proposed anonymization approach with two other obfuscation-based methods (Privacy-Net, DP-Pix) and demonstrate the superiority of our method towards resolving the privacy-utility trade-off for chest radiographs.

Image and Video Processing,Cryptography and Security,Computer Vision and Pattern Recognition,Machine Learning