Engineering Strategic Hiring Initiative Seminar

Erman Ayday, Ph.D.
Holistic Privacy and Security in the Age of Big Data: From Social Networks to Digital Medicine
Bilkent University
White 411
11:30 AM - 12:30 PM
March 23, 2017

In the first part of this talk, I will discuss our research on de-anonymization and inference attacks and privacy risk quantification. First, I will present a novel profile matching scheme that quantifies and shows the risk of the profile matching attack in unstructured social networks (in which similarity in graphical structure cannot be used for profile matching). I will show how much different attributes (both obvious identifiers such as the user name and non-obvious identifiers such as interest similarity or sentiment variation between different posts of users) threaten the online privacy of the users. I will also show how simple countermeasures may mitigate this threat in the expense of slight reduction in the accuracy (or utility) of the attributes shared by the users.

Once anonymized data (or profile) of an individual is re-identified, the privacy risk is not typically limited to the target person; the risk also extends to the dependents (e.g., friends or family) of the individual. To illustrate this, next, I will present a novel inference attack that aims a unique type of sensitive data: DNA. In particular, I will focus on inference attacks and quantification of kin genomic privacy, using information theoretical tools. I will show how vulnerable the genomic privacy of individuals is due to genomic data shared by their relatives, and data available on online social networks. For this, we propose an algorithm to model such an attack using (i) available genomic data of a subset of family members, (ii) high order correlations between the nucleotides on the DNA, (iii) phenotype information, and (iv) publicly known genomic background. For the efficiency of such an algorithm, we represent this attack as an inference problem and develop a novel graph-based algorithm.

In the remaining of the talk, I will introduce a new protection mechanism, GenoGuard, based on a newly proposed cryptographic primitive called honey-encryption. Considering the high sensitivity and longevity of health-related data, GenoGuard is able to provide security against brute-force attacks (by attackers with unlimited computational power). I will also discuss about our ongoing research about its extensions such as privacy-preserving database update and synthetic data generation.


Erman Ayday is an assistant professor of computer science at Bilkent University, Ankara, Turkey. Before that he was a post-doctoral Researcher at EPFL, Switzerland, working with Prof. Jean-Pierre Hubaux.

He received his M.S. and Ph.D. degrees from School of Electrical and Computer Engineering (ECE), Georgia Institute of Technology, Atlanta, GA, in 2007 and 2011, respectively under the supervision of Dr. Faramarz Fekri. Erman’s research interests include privacy-enhancing technologies (including big data and genomic privacy), applied cryptography and data security, trust and reputation management, and inference from big data.

Erman is the recipient of Distinguished Student Paper Award at IEEE S&P 2015, 2010 Outstanding Research Award from CSIP at Georgia Tech, and 2011 ECE Graduate Research Assistant Excellence Award from Georgia Tech.

Erman has published more than 50 peer-reviewed papers in prestigious venues including ACM CCS, IEEE S&P, and IEEE TDSC. He has been also serving in the program committee of many conferences including ACM CCS, NDSS, and AsiaCCS. Other various accomplishments of Erman include several patents, research grants, and H2020 Marie Curie individual fellowship.