2018 Proceeding- General Chairs:
- David Lie,
- Mohammad Mannan,
- Program Chair:
- Aaron Johnson
- Sponsor:
- sigsac
These proceedings contain the papers selected for inclusion in the program for the seventeenth ACM Workshop on Privacy in the Electronic Society (WPES 2018), held in conjunction with the 25th ACM Conference on Computer and Communications Security (CCS 2018) on October 15, 2018 in Toronto, Ontario, Canada.
In response to the workshop's call for papers, 52 submissions were made. Of these, 25 were submitted as full papers only, 13 as full or short, and 14 as short only. These papers were evaluated by a Program Committee comprised of 51 researchers whose backgrounds include a diverse array of topics related to privacy. Each paper was reviewed by at least three members of the Program Committee, with an average of 3.7 reviews per paper. Papers were evaluated for their importance, novelty, technical quality, and potential to stimulate discussion at the workshop. After a period of online discussion, the Program Committee selected 11 full papers and 8 short papers for presentation at WPES, leading to full acceptance rate of 29% and an overall acceptance rate of 37%.
Proceeding Downloads
Tracking and Tricking a Profiler: Automated Measuring and Influencing of Bluekai's Interest Profiling
Online advertising services infer interest profiles based on users browsing behavior, but little is known about the extent of these profiles and how they can be influenced. In this paper we describe and evaluate a system to analyze online profiling as a ...
To Extend or not to Extend: On the Uniqueness of Browser Extensions and Web Logins
Recent works showed that websites can detect browser extensions that users install and websites they are logged into. This poses significant privacy risks, since extensions and Web logins that reflect user's behavior, can be used to uniquely identify ...
Invisible Pixels Are Dead, Long Live Invisible Pixels!
Privacy has deteriorated in the world wide web ever since the 1990s. The tracking of browsing habits by different third-parties has been at the center of this deterioration. Web cookies and so-called web beacons have been the classical ways to implement ...
The Accuracy of the Demographic Inferences Shown on Google's Ad Settings
Google's Ad Settings shows the gender and age that Google has inferred about a web user. We compare the inferred values to the self-reported values of 501 survey participants. We find that Google often does not show an inference, but when it does, it is ...
Faster PCA and Linear Regression through Hypercubes in HElib
The significant advancements in the field of homomorphic encryption have led to a grown interest in securely outsourcing data and computation for privacy critical applications. In this paper, we focus on the problem of performing secure predictive ...
Can You Find The One for Me?
Private set-intersection (PSI) allows a client to only learn the intersection between his/her set C and the set S of another party, while this latter party learns nothing. We aim to enhance PSI in different dimensions, motivated by the use cases of ...
Examining Leakage of Access Counts in ORAM Constructions
Oblivious RAM is a cryptographic primitive that embodies one of the cornerstones of privacy-preserving technologies for database protection. While any Oblivious RAM (ORAM) construction offers access pattern hiding, there does not seem to be a ...
Towards Efficient Privacy-Preserving Similar Sequence Queries on Outsourced Genomic Databases
Nowadays, genomic sequencing has become affordable for many people. Since more people let analyze their genome, more genome data gets collected. The good side of this is that analyses on this data become possible. However, this raises privacy concerns ...
TightRope: Towards Optimal Load-balancing of Paths in Anonymous Networks
We study the problem of load-balancing in path selection in anonymous networks such as Tor. We first find that the current Tor path selection strategy can create significant imbalances. We then develop a (locally) optimal algorithm for selecting paths ...
ClaimChain: Improving the Security and Privacy of In-band Key Distribution for Messaging
The social demand for email end-to-end encryption is barely supported by mainstream service providers. Autocrypt is a new community-driven open specification for e-mail encryption that attempts to respond to this demand. In Autocrypt the encryption keys ...
What's a Little Leakage Between Friends?
This paper introduces a new attack on recent messaging systems that protect communication metadata. The main observation is that if an adversary manages to compromise a user's friend, it can use this compromised friend to learn information about the ...
DynaFlow: An Efficient Website Fingerprinting Defense Based on Dynamically-Adjusting Flows
Website fingerprinting attacks enable a local adversary to determine which website a Tor user visits. In recent years, several researchers have proposed defenses to counter these attacks. However, these defenses have shortcomings: many do not provide ...
Enhancing and Evaluating Identity Privacy and Authentication Strength by Utilizing the Identity Ecosystem
This paper presents a novel research model of identity and the use of this model to answer some interesting research questions. Information travels in the cyber world, not only bringing us convenience and prosperity but also jeopardy. Protecting this ...
NRF: A Naive Re-identification Framework
The promise of big data relies on the release and aggregation of data sets. When these data sets contain sensitive information about individuals, it has been scalable and convenient to protect the privacy of these individuals by de-identification. ...
Issues Encountered Deploying Differential Privacy
When differential privacy was created more than a decade ago, the motivating example was statistics published by an official statistics agency. In attempting to transition differential privacy from the academy to practice, the U.S. Census Bureau has ...
Style Counsel: Seeing the (Random) Forest for the Trees in Adversarial Code Stylometry
The results of recent experiments have suggested that code stylometry can successfully identify the author of short programs from among hundreds of candidates with up to 98% precision. This potential ability to discern the programmer of a code sample ...
Privacy Architectural Strategies: An Approach for Achieving Various Levels of Privacy Protection
A wide array of Privacy-Enhancing Technologies (PETs) have been proposed as technical measures to provide various levels of privacy protection. Each technical measure is a building block that addresses specific privacy issues and is applicable to ...
SGX Enforcement of Use-Based Privacy
Use-based privacy restricts how information may be used, making it well-suited for data collection and data analysis applications in networked information systems. This work investigates the feasibility of enforcing use-based privacy in distributed ...
Comparing Hypothetical and Realistic Privacy Valuations
To protect users' privacy, it is important to understand how they value personal information. Prior work identified how framing effects alter users' valuations and highlighted the difficulty in eliciting real valuations through user studies under ...
Index Terms
- Proceedings of the 2018 Workshop on Privacy in the Electronic Society