Английская Википедия:Inference attack
Шаблон:Short description An Inference Attack is a data mining technique performed by analyzing data in order to illegitimately gain knowledge about a subject or database.[1] A subject's sensitive information can be considered as leaked if an adversary can infer its real value with a high confidence.[2] This is an example of breached information security. An Inference attack occurs when a user is able to infer from trivial information more robust information about a database without directly accessing it.[3] The object of Inference attacks is to piece together information at one security level to determine a fact that should be protected at a higher security level.[4]
While inference attacks were originally discovered as a threat in statistical databases,[5] today they also pose a major privacy threat in the domain of mobile and IoT sensor data. Data from accelerometers, which can be accessed by third-party apps without user permission in many mobile devices,[6] has been used to infer rich information about users based on the recorded motion patterns (e.g., driving behavior, level of intoxication, age, gender, touchscreen inputs, geographic location).[7] Highly sensitive inferences can also be derived, for example, from eye tracking data,[8][9] smart meter data[10][11] and voice recordings (e.g., smart speaker voice commands).[12]
References
- ↑ "Inference Attacks on Location Tracks" by John Krumm
- ↑ http://www.ics.uci.edu/~chenli/pub/2007-dasfaa.pdf "Protecting Individual Information Against Inference Attacks in Data Publishing" by Chen Li, Houtan Shirani-Mehr, and Xiaochun Yang
- ↑ "Detecting Inference Attacks Using Association Rules" by Sangeetha Raman, 2001
- ↑ "Database Security Issues: Inference" by Mike Chapple
- ↑ Шаблон:Cite book
- ↑ Шаблон:Cite journal
- ↑ Шаблон:Cite conference
- ↑ Шаблон:Cite book
- ↑ Шаблон:Cite book
- ↑ Шаблон:Cite book
- ↑ Шаблон:Cite journal
- ↑ Шаблон:Cite book
