533 Privacy > Midterm Study > Flashcards

Midterm Study Flashcards

Study for the midterm (102 cards)

Study These Flashcards
1
Q

Privacy

A

Ability to control or shield personal information from misuse.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Confidentiality

A

Ensuring information is not disclosed to unauthorized parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Anonymity

A

Individual’s identity cannot be linked to an action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Unlinkability

A

Adversary cannot link multiple actions to same user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Unobservability

A

Adversary cannot detect that an action occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PII

A

Data that can identify a specific individual (e.g., name, SSN, address).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Threat Model

A

Assumed adversary capabilities and goals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Context-dependence

A

Privacy varies by social, cultural, or situational setting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Data Anonymization

A

Removing or altering personal identifiers to protect privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Quasi-identifier

A

Combination of innocuous attributes that can re-identify individuals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Naive Anonymization

A

Removing names but leaving quasi-identifiers that allow re-identification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy Model

A

Framework of definitions/assumptions for privacy guarantees.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Utility Trade-off

A

Balance between data privacy and usefulness.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

k-anonymity

A

Each record in dataset is indistinguishable from at least k-1 others.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Generalization

A

Replacing specific values with broader categories to protect privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Suppression

A

Removing values from dataset to prevent re-identification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Homogeneity Attack

A

Sensitive values in a group are identical, allowing inference.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Background Knowledge Attack

A

External knowledge enables adversary to defeat anonymity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

l-diversity

A

Each group must have at least l distinct sensitive values.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Differential Privacy (DP)

A

Guarantee that presence/absence of one record has little effect on output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Neighboring datasets

A

Datasets differing by only one record.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

ε (epsilon)

A

Privacy parameter; smaller values = stronger privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Laplace Mechanism

A

Adds Laplace-distributed noise proportional to sensitivity/ε.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Global Sensitivity

A

Maximum change in query output when one record is changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
t-closeness
Distribution of sensitive attribute in each group must be within distance t of global distribution.
26
Laplace Distribution
Probability distribution used to add noise in DP.
27
Scale Parameter (λ)
Sensitivity divided by ε; determines noise magnitude.
28
Differentially Private Histogram
Histogram with Laplace noise added to bin counts.
29
Private Information Retrieval (PIR)
Protocol allowing user to query DB without revealing which item.
30
Information-theoretic PIR
PIR secure without computational assumptions, requires multiple servers.
31
O(√n) Complexity
PIR scheme where communication cost grows with square root of DB size.
32
Secret Sharing
Splitting queries into multiple shares so no single share reveals target.
33
Cookie
Small piece of data stored on client by a website.
34
First-party Cookie
Cookie set by the domain directly visited.
35
Third-party Cookie
Cookie set by a different domain (e.g., ad network).
36
Cookie Syncing
Technique where trackers share IDs to map users across sites.
37
Ad Network
Entity connecting advertisers with publishers and tracking users.
38
Stateless Tracking
Identifying users without client-stored identifiers.
39
Fingerprinting
Tracking users by collecting device/browser characteristics.
40
Entropy
Measure of uniqueness/uncertainty in fingerprints (bits).
41
Extension Fingerprinting
Tracking users by detecting installed browser extensions.
42
Hardware Fingerprinting
Tracking users using GPU, sensors, or other hardware.
43
FP-Stalker
Study showing fingerprints evolve but remain linkable.
44
Private Browsing
Mode that deletes local history/cookies after session.
45
Do Not Track (DNT)
Voluntary HTTP header requesting no tracking, unenforced.
46
Ad Blocker
Tool that prevents ads from loading.
47
Tracker Blocker
Tool that prevents tracking scripts from running.
48
Randomization Defense
Adds noise to fingerprinting attributes.
49
Normalization Defense
Spoofs or standardizes attributes to reduce uniqueness.
50
GDPR
EU regulation protecting personal data and privacy rights.
51
AdChoice
US self-regulation program for online behavioral advertising.
52
Anonymous Communication
System that conceals who is communicating with whom.
53
Crowds Protocol
Protocol where users probabilistically forward messages for anonymity.
54
Mix Network (Mixnet)
Nodes shuffle and re-encrypt messages to unlink sender and receiver.
55
Plausible Deniability
Any member of a group could plausibly be the sender.
56
Latency–Anonymity Trade-off
Stronger anonymity requires more delay/overhead.
57
Tor (The Onion Router)
Anonymity network using layered encryption and relays.
58
Circuit
Path through Tor consisting of guard, middle, and exit relays.
59
Guard Relay
First node in Tor circuit, knows user’s IP.
60
Middle Relay
Intermediate node, forwards traffic only.
61
Exit Relay
Final node, connects to destination, may see plaintext.
62
Hidden Service (.onion)
Service hosted within Tor, accessible only via Tor.
63
Bridge
Unlisted Tor entry node to bypass censorship.
64
Website Fingerprinting Attack
Attack inferring sites visited by analyzing traffic patterns.
65
Global Adversary
Adversary monitoring all traffic; defeats Tor anonymity.
66
What is privacy?
Ability to control or shield personal information from misuse ## Footnote Privacy is context-dependent and varies by individual, culture, and situation.
67
What is confidentiality?
Ensuring information is not disclosed to unauthorized parties
68
Define anonymity in the context of privacy.
Individual’s identity cannot be linked to an action
69
What does unlinkability mean?
Adversary cannot link multiple actions to the same user
70
What is unobservability?
Adversary cannot detect that an action occurred
71
What does PII stand for?
Personally Identifiable Information
72
What is a threat model?
Assumed adversary capabilities and goals
73
What is k-anonymity?
Dataset property: every quasi-identifier combo appears ³ k times
74
What is the purpose of data anonymization?
Removing personal identifiers
75
What is a quasi-identifier?
Combination of innocuous attributes that can re-identify (ZIP, DOB, gender)
76
What is naive anonymization?
Removing names but leaving quasi-identifiers
77
What is the concept of generalization in privacy?
Replace precise values with broader categories
78
What is suppression in the context of privacy?
Remove values to reduce identifiability
79
What is the homogeneity attack?
Sensitive values identical in a group
80
What is the background knowledge attack?
External knowledge defeats anonymity
81
What is differential privacy (DP)?
Guarantee that presence/absence of one record has little effect on output
82
Define neighboring datasets.
Datasets differing by one record
83
What does the parameter e (epsilon) measure?
Privacy loss
84
What is the Laplace mechanism?
Adds Laplace noise based on sensitivity/e
85
What is global sensitivity?
Max change in query result from altering one record
86
What does the O(√n) complexity refer to?
Communication grows with √n
87
What are first-party cookies?
Created by visited site
88
What are third-party cookies?
From external domains
89
What is cookie syncing?
Ad networks map IDs across sites
90
What is stateless tracking?
User tracked without stored IDs
91
What is fingerprinting?
Tracking by device/browser features
92
What does entropy measure?
Uniqueness in bits
93
What is private browsing?
Mode clearing local data post-session
94
What is the Do Not Track (DNT) feature?
Voluntary HTTP header, unenforced
95
What is the Crowds protocol?
Users forward/deliver probabilistically
96
What are Mix networks (Mixnets)?
Nodes shuffle/encrypt to unlink sender & receiver
97
What is the latency–anonymity trade-off?
Stronger anonymity costs delay
98
What are the roles of guard, middle, and exit relays in Tor?
* Guard relay: first hop, knows source * Middle relay: forwards traffic * Exit relay: final hop, sees destination
99
What is a hidden service in Tor?
Service inside Tor (.onion)
100
What is a bridge in the context of Tor?
Non-public entry node, bypass censorship
101
What is a website fingerprinting attack?
Infers visited sites
102
True or False: Tor resists attacks from global adversaries.
False
533 Privacy
flashcards
Decks in class (2)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions