A privacy attack that removes the majority of the noise from perturbed data

Data perturbation is a sanitization method that helps restrict the disclosure of sensitive information from published data. We present an attack on the privacy of the published data that has been sanitized using data perturbation. The attack employs data mining to remove some noise from the perturbed sensitive values. Our attack is practical, can be launched by non-expert adversaries, and it does not require any background knowledge. Extensive experiments were performed on four databases derived from UCI´s Adult and IPUMS census-based data sets sanitized with noise addition that satisfies ε-differential privacy. The experimental results confirm that our attack presents a significant privacy risk to published perturbed data. The results show that up to 93% of the noise added during perturbation can be effectively removed using general-purpose data miners from the Weka software package. Interestingly, the higher the aimed privacy, the higher the percentage of noise can be removed. This suggests that adding more noise does not always increase the real privacy.