Addressing differencing attacks on tabular data products
Data tables seem in and of themselves safe. However, by comparing many tables in a systematic manner, confidential microdata can potentially be recreated through a hacking approach called “table differencing.” If successful, the personal identification information (PII) behind the data could be compromised.
The Bureau of Labor Statistics asked Westat to investigate various risk mitigating solutions in order to safeguard the data in a potential query tool based on the Bureau’s Occupational Requirements Survey.
Westat considered a number of approaches that spanned limited and more traditional methods to cutting-edge tactics.
Through close collaboration with the Bureau, we proposed a formal privacy (differential privacy) approach to add “noise” to table estimates to better mask the data, safeguarding identities and preserving confidentiality. The noise triggers a jittering effect on the table estimates so that the table differencing results are not precise enough to reconstruct the microdata.
We developed tests and metrics to check the impact of our proposed solution on the table estimates and variances.
The new approaches resulted in significant improvements to the differential privacy methodology, enhancing data security and confidentiality.
Westat wrote specifications for the Bureau of Labor Statistics’ consideration for developing a query tool using formal privacy.