Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy of profile-based ad targeting Alexander Smal and Ilya Mironov.

Published byProsper Barnett Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy of profile-based ad targeting Alexander Smal and Ilya Mironov."— Presentation transcript:

1 Privacy of profile-based ad targeting Alexander Smal and Ilya Mironov

2 User-profile targeting Goal: increase impact of your ads by targeting a group potentially interested in your product. Examples: Social Network Profile = user’s personal information + friends Search Engine Profile = search queries + webpages visited by user 2 Privacy of profile-based targeting

3 Facebook ad targeting 3 Privacy of profile-based targeting

4 Characters Privacy of profile-based targeting 4 My system is private! Advertising companyPrivacy researcher

5 Simple attack [Korolova’10] Targeted ad Public: - 32 y.o. single man - Mountain View, CA - …. - has cat Private: - likes fishing Show - 32 y.o. single man - Mountain View, CA …. - has cat - likes fishing Amazing cat food for $0.99! Nice! Likes fishing # of impressions Likes fishing noise 5 Privacy of profile-based targeting Jon Eve

6 Privacy of profile-based targeting 6 My system is private! Unless your targeting is not private, it is not! How can I target privately? Advertising companyPrivacy researcher

7 How to protect information? Basic idea: add some noise Explicitly Implicit in the data noiseless privacy [BBGLT11] natural privacy [BD11] Two types of explicit noise Output perturbation Dynamically add noise to answers Input perturbation Modify the database 7 Privacy of profile-based targeting

8 8 I like input perturbation better… Advertising companyPrivacy researcher

9 Input perturbation Pro: Pan-private (not storing initial data) Do it once Simpler architecture 9 Privacy of profile-based targeting

10 10 I like input perturbation better… Signal is sparse and non-random Advertising companyPrivacy researcher

11 Adding noise Two main difficulties in adding noise: 11 Privacy of profile-based targeting 1000100010 0000000011 0001000001 0001001000 0110000001 0000100100 0010000110 0000000101 1010000000 0101010000 Sparse profiles 1001110100 0100000011 1000000010 1001111000 0110000011 1000100100 0111110111 0100000100 1011110000 0100000101 Dependent bits 1111100101 differential privacy deniability “Smart noise”

12 Privacy of profile-based targeting 12 I like input perturbation better… Signal is sparse and non-random Let’s shoot for deniability, and add “smart noise”! Advertising companyPrivacy researcher

13 “Smart noise” Consider two extreme cases All bits are independent independent noise All bits are correlated with correlation coefficient 1 correlated noise “Smart noise” hypothesis: “If we know the exact model we can add right noise” 13 Privacy of profile-based targeting Aha!

14 Dependent bits in real data Netflix prize competition data ~480k users, ~18k movies, ~100m ratings Estimate movie-to-movie correlation Fact that a user rated a movie Visualize graph of correlations Edge – correlation with correlation coefficient > 0.5 14 Privacy of profile-based targeting

15 Netflix movie correlations 15 Privacy of profile-based targeting

16 16 Let’s construct models where “smart noise” fails Let’s shoot for deniability, and add “smart noise”! Advertising companyPrivacy researcher

17 How can “smart noise” fail? Privacy of profile-based targeting 17 large

18 Models of user profiles 18 Privacy of profile-based targeting 101…01 1101…0101 Are users well separated?

19 Privacy of profile-based targeting 19 Error-correcting codes Constant relative distance Unique decoding Explicit, efficient

20 Privacy of profile-based targeting 20 But this model is unrealistic! See — unless the noise is >25%, no privacy Let me see what I can do with monotone functions… Advertising companyPrivacy researcher

21 Monotone functions 21 Privacy of profile-based targeting

22 Approximate error-correcting codes 22 Privacy of profile-based targeting blatant non- privacy

23 Noise sensitivity Privacy of profile-based targeting 23 101…01 1101…0101 111…00 1000…1111 101…01 1101…0101 111…00 1111…0001

24 Monotone functions Privacy of profile-based targeting 24

25 Privacy of profile-based targeting 25 Hmmm. Does smart noise ever work? If the model is monotone, blatant non-privacy is still possible Advertising companyPrivacy researcher

26 Linear threshold model 26 Privacy of profile-based targeting

27 Conclusion Two separate issues with input perturbation: Sparseness Dependencies “Smart noise” hypothesis: Even for a publicly known, relatively simple model, constant corruption of profiles may lead to blatant non-privacy. Connection between noise sensitivity of boolean functions and privacy Open questions: Linear threshold privacy-preserving mechanism? Existence of interactive privacy-preserving solutions? 27 Privacy of profile-based targeting Arbitrary Monotone Linear threshold fallacy

28 Thank for your attention! Special thanks for Cynthia Dwork, Moises Goldszmidt, Parikshit Gopalan, Frank McSherry, Moni Naor, Kunal Talwar, and Sergey Yekhanin. 28 Privacy of profile-based targeting

29 29

Download ppt "Privacy of profile-based ad targeting Alexander Smal and Ilya Mironov."

Similar presentations

Creating a Facebook User Profile. Some basics: All you need to create a facebook profile is an email address You can only create one facebook profile.

Creating a Facebook User Profile. Some basics: All you need to create a facebook profile is an address You can only create one facebook profile.
Indexing DNA Sequences Using q-Grams

Indexing DNA Sequences Using q-Grams
Slides from: Doug Gray, David Poole

Slides from: Doug Gray, David Poole
School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) SSA Guo, Yao.

School of EECS, Peking University “Advanced Compiler Techniques” (Fall 2011) SSA Guo, Yao.
Rick Quax Postdoctoral researcher Computational Science University of Amsterdam EU FP7 projects: Nudge control through information processing.

Rick Quax Postdoctoral researcher Computational Science University of Amsterdam EU FP7 projects: Nudge control through information processing.
Differentially Private Recommendation Systems Jeremiah Blocki Fall 2009 18739A: Foundations of Security and Privacy.

Differentially Private Recommendation Systems Jeremiah Blocki Fall A: Foundations of Security and Privacy.
An Ω(n 1/3 ) Lower Bound for Bilinear Group Based Private Information Retrieval Alexander Razborov Sergey Yekhanin.

An Ω(n 1/3 ) Lower Bound for Bilinear Group Based Private Information Retrieval Alexander Razborov Sergey Yekhanin.
Inferring Quantitative Models of Regulatory Networks From Expression Data Iftach Nachman Hebrew University Aviv Regev Harvard Nir Friedman Hebrew University.

Inferring Quantitative Models of Regulatory Networks From Expression Data Iftach Nachman Hebrew University Aviv Regev Harvard Nir Friedman Hebrew University.
Counting Algorithms for Knapsack and Related Problems 1 Raghu Meka (UT Austin, work done at MSR, SVC) Parikshit Gopalan (Microsoft Research, SVC) Adam.

Counting Algorithms for Knapsack and Related Problems 1 Raghu Meka (UT Austin, work done at MSR, SVC) Parikshit Gopalan (Microsoft Research, SVC) Adam.
Private Approximation of Search Problems Amos Beimel Paz Carmi Kobbi Nissim Enav Weinreb Ben Gurion University Research partially Supported by the Frankel.

Private Approximation of Search Problems Amos Beimel Paz Carmi Kobbi Nissim Enav Weinreb Ben Gurion University Research partially Supported by the Frankel.
Designing Facial Animation For Speaking Persian Language Hadi Rahimzadeh 81271003 June 2005.

Designing Facial Animation For Speaking Persian Language Hadi Rahimzadeh June 2005.
Universal Search and Social Networking Exploiting the features of each to enhance the other and the tools that make it possible Peter Wallqvist Ravn Systems.

Universal Search and Social Networking Exploiting the features of each to enhance the other and the tools that make it possible Peter Wallqvist Ravn Systems.
A Fairy Tale of Greedy Algorithms Yuli Ye Joint work with Allan Borodin, University of Toronto.

A Fairy Tale of Greedy Algorithms Yuli Ye Joint work with Allan Borodin, University of Toronto.
Constructing Popular Routes from Uncertain Trajectories Ling-Yin Wei 1, Yu Zheng 2, Wen-Chih Peng 1 1 National Chiao Tung University, Taiwan 2 Microsoft.

Constructing Popular Routes from Uncertain Trajectories Ling-Yin Wei 1, Yu Zheng 2, Wen-Chih Peng 1 1 National Chiao Tung University, Taiwan 2 Microsoft.
TAMPER DETECTION AND NON-MALLEABLE CODES Daniel Wichs (Northeastern U)

TAMPER DETECTION AND NON-MALLEABLE CODES Daniel Wichs (Northeastern U)
Adding Privacy to Netflix Recommendations Frank McSherry, Ilya Mironov (MSR SVC) Attacks on Recommender Systems — No “blending in”, auxiliary information.

Adding Privacy to Netflix Recommendations Frank McSherry, Ilya Mironov (MSR SVC) Attacks on Recommender Systems — No “blending in”, auxiliary information.
Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.

Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.
Kunal Talwar MSR SVC [Dwork, McSherry, Talwar, STOC 2007] TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A AA A.

Kunal Talwar MSR SVC [Dwork, McSherry, Talwar, STOC 2007] TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A AA A.
Using Structure Indices for Efficient Approximation of Network Properties Matthew J. Rattigan, Marc Maier, and David Jensen University of Massachusetts.

Using Structure Indices for Efficient Approximation of Network Properties Matthew J. Rattigan, Marc Maier, and David Jensen University of Massachusetts.
Turning Privacy Leaks into Floods: Surreptitious Discovery of Social Network Friendships Michael T. Goodrich Univ. of California, Irvine joint w/ Arthur.

Turning Privacy Leaks into Floods: Surreptitious Discovery of Social Network Friendships Michael T. Goodrich Univ. of California, Irvine joint w/ Arthur.

Similar presentations

Ads by Google