MLSEC 8

Question 1

Privacy

Answer 1

Control and protection of personal information

Question 2

Privacy Protection

Answer 2

Data minimization

Data protection

Question 3

Anonymity

Answer 3

Anonymity ensures that a user may use a resource or service without disclosing the user’s identity

Question 4

Pseudonymity

Answer 4

Pseudonymity ensures that a user may use a resource or service without disclosing its user identity, but can still be accountable for that use

Question 5

Privacy-Enhancing Technologies (PETs)

Answer 5

Anonymity services

Digital currencies

Data reduction

Question 5

Attacking Privacy with Machine Learning

Answer 5

De-pseudonymization
= Linking of pseudonyms with identities or pseudonyms

De-anonymization
= Identification of parties in anonymous communication

Question 6

Onion Routing

Answer 6

Routing of message through chain of relays

Question 7

Tor Network

Answer 7

Onion routing with random routes through network

Question 8

Weak point Tor Network

Answer 8

entry and exit of network

Question 9

Website Fingerprinting

Answer 9

Identification of visited websites at entry nodes

timing, direction, and size of packets

Question 10

One-vs-all Multi-class classification

Answer 10

discrimination of one class from all other

n classes → n classifiers

Question 11

all-vs-all Multi-class classification

Answer 11

discrimination of each pair of classes

n classes → n2 classifiers

Question 12

Defense strategies for anonymization

Answer 12

Padding of packet payloads to fixed sizes

Randomized retrieval of web objects by browser

Injection of incoming and outgoing packets

Question 13

Threats to Pseudonymization

Answer 13

Linking by behavioral patterns (two-class SVM)

Linking by anomalies
(center of mass)

Question 14

Code Stylometry

Answer 14

Study of stylistic patterns in program code

Question 15

Different representations of source code

Answer 15

Lexical features: source code as stream of tokens

Syntactic features: source code as abstract syntax tree