Recognising Re-identification Attacks on Databases, by Interpreting them as SQL Queries: A Technical Study
Date
Advisors
Journal Title
Journal ISSN
ISSN
DOI
Volume Title
Publisher
Type
Peer reviewed
Abstract
The more data sharing becomes prominent in the information age, the higher the risk of shared data being used in unexpected and undesirable ways. Data holders have employed anonymisation techniques as a means of data protection when they share a database. However, attackers can circumvent the protection or presumed protection offered by anonymisation, through re identi cation attacks. Datasets are where personal information live and SQL queries are the medium through which users interact with these datasets. This paper explores from a technical perspective, how the process (killchain) of executing a re-identi cation attack can be represented and recognised as a series of SQL queries. Using one of the best known re-identi cation attack cases as a scenario, this paper explores a method for recognising re-identi cation attack as SQL queries on a database.