Cybercasing the Joint: On the Privacy Implications of Multimedia Retrieval
Gerald Friedland
Speech Group, ICSI
Tuesday, September 4, 2012
2:00 p.m.
In this talk, I present recent case studies that highlight the potential for multimedia retrieval of online (social network) data to support real-world attacks. Multimedia Retrieval, i.e., the task of matching and comparing multimedia content across databases, has rapidly emerged as a field with highly useful applications in many different domains. Researchers from different areas in signal processing and computer science (including the presenter) have invested significant effort into the development of convenient and efficient retrieval mechanisms. While retrieval speed, flexibility, and accuracy are still research problems, this talk will demonstrate that they are not the only ones. This talk aims to raise awareness of a rapidly emerging privacy threat that we termed "cybercasing": leveraging information available online to mount real-world attacks. Based on the initial example of geo-tagging, I will show that while users typically realize that sharing information, e.g., on social networks, has some implications for their privacy, many users 1) are unaware of the full scope of the threat they face when doing so, and 2) often do not even realize when they publish such information. The threat is elevated by recent developments that make systematic search for information (either posted by humans or by sensors) and inference from multiple sources easier than ever before. However, even with relatively high error rates, multimedia retrieval techniques can be used effectively for different real-world attacks by using "lop-sided" tuning; for example by favoring low false alarm rates over high hit rates when scanning for potential victims to attack. This talk presents a set of scenarios demonstrating how easy it is to correlate data [1,2,3,4] with corresponding publicly available information for compromising a victim's privacy.
References:
[1] G. Friedland, O. Vinyals, T. Darrell: "Multimodal Location Estimation", Proceedings of ACM Multimedia 2010, pp. 1245-1251, Florence, Italy, October 2010.
[2] H. Lei, J. Choi, A. Janin, and G. Friedland: "Persona Linking: Matching Uploaders of Videos Accross Accounts", IEEE International Conference on Acoustic, Speech, and Signal Processing (ICASSP), Prague, May 2011.
[3] G. Friedland, R. Sommer: "Cybercasing the Joint: On the Privacy Implications of Geotagging", Usenix HotSec 2010 at the Usenix Security Conference, Washington DC, August 2010.
[4] Gerald Friedland, Gregor Maier, Robin Sommer, Nicholas Weaver: Sherlock Holmes’s Evil Twin: On The Impact of Global Inference for Online Privacy, New Security Paradigms Workshop, Marin County, CA, 2011.