Inference attack

An Inference Attack is a data mining technique performed by analyzing data in order to illegitimately gain knowledge about a subject or database.[1] A subject's sensitive information can be considered as leaked if an adversary can infer its real value with a high confidence.[2] This is an example of breached information security. An Inference attack occurs when a user is able to infer from trivial information more robust information about a database without directly accessing it.[3] The object of Inference attacks is to piece together information at one security level to determine a fact that should be protected at a higher security level.[4]

References

"Inference Attacks on Location Tracks" by John Krumm
http://www.ics.uci.edu/~chenli/pub/2007-dasfaa.pdf "Protecting Individual Information Against Inference Attacks in Data Publishing" by Chen Li, Houtan Shirani-Mehr, and Xiaochun Yang
"Detecting Inference Attacks Using Association Rules" by Sangeetha Raman, 2001
"Database Security Issues: Inference" by Mike Chapple

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[1] "Inference Attacks on Location Tracks" by John Krumm

[2] ttp://www.ics.uci.edu/~chenli/pub/2007-dasfaa.pdf "Protecting Individual Information Against Inference Attacks in Data Publishing" by Chen Li, Houtan Shirani-Mehr, and Xiaochun Yang

[3] "Detecting Inference Attacks Using Association Rules" by Sangeetha Raman, 2001

[4] "Database Security Issues: Inference" by Mike Chapple