Addressing differencing attacks on tabular data products

Challenge

Data tables seem in and of themselves safe. However, by comparing many tables in a systematic manner, confidential microdata can potentially be recreated through a hacking approach called “table differencing.” If successful, the personal identification information (PII) behind the data could be compromised.

The Bureau of Labor Statistics asked Westat to investigate various risk mitigating solutions in order to safeguard the data in a potential query tool based on the Bureau’s Occupational Requirements Survey.

Solution

Westat considered a number of approaches that spanned limited and more traditional methods to cutting-edge tactics.

Through close collaboration with the Bureau, we proposed a formal privacy (differential privacy) approach to add “noise” to table estimates to better mask the data, safeguarding identities and preserving confidentiality. The noise triggers a jittering effect on the table estimates so that the table differencing results are not precise enough to reconstruct the microdata.

We developed tests and metrics to check the impact of our proposed solution on the table estimates and variances.