Embed Size (px)
Citation preview
Enriching Privacy in Enriching Privacy in Personalized SearchPersonalized Search
By Matthew RustonBy Matthew RustonOctober 16, 2006October 16, 2006
Overview
1. What is Personalized Search? Why do we need it?
2. Privacy Concerns
3. Problem Overview
4. Methods to Enrich Personalized Search Privacy
5. Experiment: Testing the Basic Privacy ofa Personalized Search Provider
What is Personalized Search?
Tailored and customized search results for a specific user.Personalized results.Personalized advertisements.
Based on personal/unique information sent to or generated by a personalized search provider.
Why Personalized Search?
Search engines can have a difficult time with ambiguous search queries.
Query: “Rockets”
OR
Current Personalized Search Providers
Google Web History http://www.google.com/psearch
Yahoo! Search Builder http://builder.search.yahoo.com
Privacy Concerns
Users need to trust their search providers.Potentially sensitive and private information
contained.○ Previous search histories.○ Age, Name, Location○ Interests, Activities, Career
Top priority of a personalized search provider: To enrich the privacy and security surrounding their users’ data.
Problem Overview
I. How can search providers optimize the privacy of their users’ data?
What are some methodologies a search provider could follow in order to promote data privacy?
II. How secure is a well known personalized search provider?
No Personalization
Personalized Search Methods
Personalized Search
Server-Side Personalization
Strategy
Client-Side Personalization
Strategy
Server-Side Personalization Strategy
Client-Side Personalization Strategy
Securing Personalized Search Methods
Two vulnerable areas.Transmissions of personal user dataStorage of personal user data
User data should be encrypted during transmissions and while in storage.Use a public-key encryption system.
Public-Key Encryption Method
For Securing the transportation and storage of user profile data.User encrypts their data using a public-key
provided by the Personalized Search Provider.User then transports encrypted user profile to the
search provider.Search provider stores personal information in
encrypted format.When user profile information is required,
Personalized Search provider unwraps the information using their private key.
Public-Key Encryption Method
Testing the Privacy of a Personalized Search Provider
Target: Google Web HistoryRecords and tracks a user’s search query’s and
the pages that were selected from the search results.
Experiment: How strong is Google Web History’s user privacy?Method: Packet Capture analysis of a user
browsing their Google Web History account.
Testing the Privacy of a Personalized Search Provider
Google Web History Current SecurityHTTPS authenticationAES-256 bit encryption
No HTTPS or visible security once through the authentication.Exploitable weakness?Can user privacy be effected?
Testing the Privacy of a Personalized Search Provider
Packet Capture ToolWireshark freely available network analysis tool
○ Settings:Interface: Broadcom 802.11b/g WLAN (wireless packet
capture)Promiscuous Mode: trueCapture Filter: tcp port http
EnvironmentWireshark capturing packets on client machineClient then directed to go browse their Google
Web History
Testing the Privacy of a Personalized Search Provider
ResultsWireshark was able to capture 25 packets and
reassemble the TCP packets.From the reassembled packets, a single plaintext
HTML page containing the web history for the client was able to be extracted.
<html><head><meta http-equiv="content-type" content="text/html; charset=UTF-8"><title>Google - Web History</title><link rel="alternate" type="application/rss+xml"
title="Google Search History for Sep 23" href="http://www.google.com/history/lookup?month=9&day=23&yr=2007&max=1190606400000000&hl=en&zx=c5i6Sm_qpew&output=rss" /><link rel="stylesheet" type="text/css" href="/history/history.css"><script src="history.js"></script><script type="text/javascript"><!--
function hError(msg, url, ln) {return true;}window.onerror = hError;function onld() { _ac_install();var sTZ = 240;var cTZ = (new Date()).getTimezoneOffset();if (sTZ != cTZ) {document.location.href =String("/history/lookup?
month\x3d9\x26day\x3d23\x26yr\x3d2007\x26max\x3d1190606400000000\x26hl\x3den\x26zx\x3dc5i6Sm_qpew\x26ctz\x3d").concat(cTZ);}document.forms.smhf.q.focus();}var labelList = ['Calendars'];var labelStoreBase = _setup_ac(labelList);var labelStore = labelStoreBase;var msgConfirmStar = "This bookmark has labels or notes.\n" +"Are you sure you want to delete it?";var msgConfirmEdit = "Changes to a bookmark have not been saved. Discard changes?";var msgConfirmDelete = "You are deleting a bookmarked search result. \nThe bookmark will also be deleted.";var msgLabelDefault = "e.g., News, To do, summer vacation";var tbIF = false;var isPopupWin = false;var lsep = ", ";var ei = "PXoBR7uUL8yykwGp1_CxDQ";var html_lang = "en";var msgPause = "Pause";var msgResume = "Resume";var urlPause = "./unsubscribe?q=&max=1190606400000000&month=9&day=23&yr=2007&hl=en&zx=bN8nAbUxhVs&sig=hJKK0J-ZBXz3dBxYVATOLA";var urlResume = "./subscribe?q=&max=1190606400000000&month=9&day=23&yr=2007&hl=en&zx=bN8nAbUxhVs&sig=1ga_Ot_X5QnKpe2OBjhZGA";var urlModLabel = "/bookmarks/mark?op=modlabel&sig=tmfgxXbImhKWKp1kIb2KXQ";var msgErrSaveLbl = "Sorry, we weren\x27t able to save your changes. Please try again.";var msgErrNameLbl = 'You have entered an invalid label. Labels cannot contain \x22,\x22.';var msgConfirmDeleteLbl = "Delete label: ";var msgConfirmDeleteLbl2 = "Remove the label \"${label}\" from all bookmarks and delete the label?";var msgNoBkmkName = "Please enter a name for this bookmark.";var msgNoBkmkLocation = "Please enter a location for this bookmark.";var msgEG = "e.g., ${labels}";
// --> </script><style type="text/css"><!--.scripthide { display:none; }.noscripthide { display:inline; }--></style><noscript><style type="text/css"><!--.scripthide { display:inline; }.noscripthide { display:none; }--></style></noscript></head><body dir="LTR" alink=#ff0000 bgcolor=#ffffff link=#0000cc text=#000000 vlink=#551a8b topmargin=3
marginheight=3 onLoad="onld();"><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td valign=top><table border=0 cellspacing=0 cellpadding=0 width=100%><tr><td width=100%></td><td nowrap><font size=-1><b>[email protected]</b></font></td><td nowrap><font size=-1> | </font></td><td nowrap><font size=-1><a href="http://www.google.com/"><nobr>Google Home</nobr></a></font></td><td nowrap><font size=-1> | </font></td><td nowrap><font size=-1><a href="https://www.google.com/accounts/ManageAccount?service=hist&hl=en"><nobr>My Account</nobr></a></font></td><td nowrap><font size=-1> | </font></td><td nowrap><font size=-1><a href="https://www.google.com/accounts/Logout?continue=http://www.google.com/&hl=en"><nobr>Sign out</nobr></a></font></td></tr><tr height=4><td><img alt="" width=1 height=1></td></tr></table><table border=0 cellpadding=0 cellspacing=0 width=100%><tr><td valign=top width=3><a href=/><img src=images/logo_sm.gif alt="Go to Google Home" border=0 height=55 width=150 vspace=12></a></td><td width=3> </td><td class="valign"><div><img src="http://www.google.com/images/cleardot.gif" width="1" height="22" alt="spacer"/></div><table><tr><td valign=middle><form style="margin-bottom: 0em;" name=smhf method=GET action=./find><input type=hidden name=day value=23><input type=hidden name=month value=9><input type=hidden name=yr value=2007><input type=hidden name=hl value="en"> <input type=hidden name=zx value="bN8nAbUxhVs"> <input name=q type=text value="" size=25> <input type=submit name=btnSMH value="Search History"> <input type=submit name=btnWeb value="Search the Web"></form></td></tr></table><div>
[1] Google Web History. http://www.google.com/psearch[2] Yahoo! Search Builder, http://builder.search.yahoo.com[3] Xeuhua Shen, Bin tan, ChenXiang Zhai, Department of Computer Science University of
Illinois, “Privacy Protection in Personalized Search”, ACM SIGIR Forum Vol.41 No.1, June 2007.
[4] Yabo Xu, Benyu Zhang, Zheng Chen, Ke Wang; Simon Fraser University and Microsoft Research Asia, “Privacy-Enhancing Personalized Web Search”, International World Wide Web Conference archive proceedings of the 16th international conference on World Wide Web, 2007.
