A Model for Quantifying Information Leakage

  • Steven Euijong Whang
  • Hector Garcia-Molina
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7482)


We study data privacy in the context of information leakage. As more of our sensitive data gets exposed to merchants, health care providers, employers, social sites and so on, there is a higher chance that an adversary can “connect the dots” and piece together a lot of our information. The more complete the integrated information, the more our privacy is compromised. We present a model that captures this privacy loss (information leakage) relative to a target person, on a continuous scale from 0 (no information about the target is known by the adversary) to 1 (adversary knows everything about the target). The model takes into account the confidence the adversary has for the gathered information (leakage is less if the adversary is not confident), as well as incorrect information (leakage is less if the gathered information does not match the target’s). We compare our information leakage model with existing privacy models, and we propose several interesting problems that can be formulated with our model. We also propose efficient algorithms for computing information leakage and evaluate their performance and scalability.


Information Leakage Measure Privacy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Mishra, N., Motwani, R., Srivastava, U., Thomas, D., Widom, J., Xu, Y.: Vision paper: Enabling privacy for the paranoids. In: VLDB, pp. 708–719 (2004)Google Scholar
  2. 2.
    Becker, J., Chen, H.: Measuring privacy risk in online social networks. In: Workshop on Web 2.0 Security (2009)Google Scholar
  3. 3.
    Dwork, C.: Differential Privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006, Part II. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Elmagarmid, A.K., Ipeirotis, P.G., Verykios, V.S.: Duplicate record detection: A survey. IEEE Trans. Knowl. Data Eng. 19(1), 1–16 (2007)CrossRefGoogle Scholar
  5. 5.
  6. 6.
    Kent, A., Berry, M.M., Luehrs Jr., F.U., Perry, J.W.: Machine literature searching VIII. Operational criteria for designing information retrieval systems. American Documentation 6(2), 93–101 (1955)CrossRefGoogle Scholar
  7. 7.
    Krishnamurthy, B., Malandrino, D., Wills, C.E.: Measuring privacy loss and the impact of privacy protection in web browsing. In: SOUPS, pp. 52–63 (2007)Google Scholar
  8. 8.
    Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: ICDE, pp. 106–115 (2007)Google Scholar
  9. 9.
    Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: Privacy beyond k-anonymity. In: ICDE, vol. 24 (2006)Google Scholar
  10. 10.
    Manning, C.D., Raghavan, P., Schtze, H.: Introduction to Information Retrieval. Cambridge University Press, New York (2008)zbMATHCrossRefGoogle Scholar
  11. 11.
    Rastogi, V., Hong, S., Suciu, D.: The boundary between privacy and utility in data publishing. In: VLDB, pp. 531–542 (2007)Google Scholar
  12. 12.,
  13. 13.
    Reza, F.M.: An Introduction to Information Theory. Dover Publications (September 1994)Google Scholar
  14. 14.
    Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)MathSciNetzbMATHCrossRefGoogle Scholar
  15. 15.
  16. 16.
    van Rijsbergen, C.J.: Information Retrieval, 2nd edn. Butterworths, London (1979)Google Scholar
  17. 17.
    Whang, S.E., Garcia-Molina, H.: Managing information leakage. In: CIDR, pp. 79–84 (2011)Google Scholar
  18. 18.
    Whang, S.E., Garcia-Molina, H.: A model for quantifying information leakage. Technical report. Stanford University,
  19. 19.
    Yao, D., Frikken, K.B., Atallah, M.J., Tamassia, R.: Private information: To reveal or not to reveal. ACM Trans. Inf. Syst. Secur. 12(1) (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Steven Euijong Whang
    • 1
  • Hector Garcia-Molina
    • 1
  1. 1.Computer Science DepartmentStanford UniversityStanfordUSA

Personalised recommendations