{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,16]],"date-time":"2026-07-16T18:54:43Z","timestamp":1784228083269,"version":"3.55.0"},"reference-count":21,"publisher":"Association for Computing Machinery (ACM)","issue":"1-2","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Proc. VLDB Endow."],"published-print":{"date-parts":[[2010,9]]},"abstract":"<jats:p>\n            The principle of\n            <jats:italic>anonymization<\/jats:italic>\n            for data sharing has become a very popular paradigm for the preservation of privacy of the data subjects. Since the introduction of\n            <jats:italic>k<\/jats:italic>\n            -anonymity, dozens of methods and enhanced privacy definitions have been proposed. However, over-eager attempts to minimize the information lost by the anonymization potentially allow private information to be inferred. Proof-of-concept of this \"minimality attack\" has been demonstrated for a variety of algorithms and definitions [16].\n          <\/jats:p>\n          <jats:p>In this paper, we provide a comprehensive analysis and study of this attack, and demonstrate that with care its effect can be almost entirely countered. The attack allows an adversary to increase his (probabilistic) belief in certain facts about individuals over the data. We show that (a) a large class of algorithms are not affected by this attack, (b) for a class of algorithms that have a \"symmetric\" property, the attacker's belief increases by at most a small constant, and (c) even for an algorithm chosen to be highly susceptible to the attack, the attacker's belief when using the attack increases by at most a small constant factor. We also provide a series of experiments that show in all these cases that the confidence about the sensitive value of any individual remains low in practice, while the published data is still useful for its intended purpose. From this, we conclude that the impact of such method-based attacks can be minimized.<\/jats:p>","DOI":"10.14778\/1920841.1920972","type":"journal-article","created":{"date-parts":[[2014,6,24]],"date-time":"2014-06-24T12:17:57Z","timestamp":1403612277000},"page":"1045-1056","source":"Crossref","is-referenced-by-count":28,"title":["Minimizing minimality and maximizing utility"],"prefix":"10.14778","volume":"3","author":[{"given":"Graham","family":"Cormode","sequence":"first","affiliation":[{"name":"AT&amp;T Labs---Research"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Divesh","family":"Srivastava","sequence":"additional","affiliation":[{"name":"AT&amp;T Labs---Research"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ninghui","family":"Li","sequence":"additional","affiliation":[{"name":"Purdue University"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tiancheng","family":"Li","sequence":"additional","affiliation":[{"name":"Purdue University"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2010,9]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30570-5_17"},{"key":"e_1_2_1_2_1","volume-title":"UCI ML repository","author":"Asuncion A.","year":"2007","unstructured":"A. Asuncion and D. Newman . UCI ML repository , 2007 . A. Asuncion and D. Newman. UCI ML repository, 2007."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1559845.1559968"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2005.143"},{"key":"e_1_2_1_5_1","volume-title":"S&amp;P","author":"Gehrke J.","year":"2009","unstructured":"J. Gehrke and A. Machanavajjhala . Privacy in data publishing . In S&amp;P , 2009 . J. Gehrke and A. Machanavajjhala. Privacy in data publishing. In S&amp;P, 2009."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1559845.1559861"},{"key":"e_1_2_1_7_1","first-page":"116","volume-title":"ICDE","author":"Koudas N.","year":"2007","unstructured":"N. Koudas , D. Srivastava , T. Yu , and Q. Zhang . Aggregate query answering on anonymized tables . In ICDE , pages 116 -- 125 , 2007 . N. Koudas, D. Srivastava, T. Yu, and Q. Zhang. Aggregate query answering on anonymized tables. In ICDE, pages 116--125, 2007."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1066157.1066164"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2006.101"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2007.367856"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2008.4497453"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2006.1"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/69.971193"},{"key":"e_1_2_1_14_1","volume-title":"SRI","author":"Samarati P.","year":"1998","unstructured":"P. Samarati and L. Sweeney . Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. SRI-CSL-98-04 , SRI , 1998 . P. Samarati and L. Sweeney. Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. SRI-CSL-98-04, SRI, 1998."},{"key":"e_1_2_1_15_1","first-page":"543","volume-title":"VLDB","author":"Wong R. C.-W.","year":"2007","unstructured":"R. C.-W. Wong , A. W.-C. Fu , K. Wang , and J. Pei . Minimality attack in privacy preserving data publishing . In VLDB , pages 543 -- 554 , 2007 . R. C.-W. Wong, A. W.-C. Fu, K. Wang, and J. Pei. Minimality attack in privacy preserving data publishing. In VLDB, pages 543--554, 2007."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1538909.1538910"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1150402.1150499"},{"key":"e_1_2_1_19_1","first-page":"139","volume-title":"VLDB","author":"Xiao X.","year":"2006","unstructured":"X. Xiao and Y. Tao . Anatomy: simple and effective privacy preservation . In VLDB , pages 139 -- 150 , 2006 . X. Xiao and Y. Tao. Anatomy: simple and effective privacy preservation. In VLDB, pages 139--150, 2006."},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1735886.1735887"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1150402.1150504"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315316"}],"container-title":["Proceedings of the VLDB Endowment"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.14778\/1920841.1920972","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,12,28]],"date-time":"2022-12-28T11:43:59Z","timestamp":1672227839000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.14778\/1920841.1920972"}},"subtitle":["analyzing method-based attacks on anonymized data"],"short-title":[],"issued":{"date-parts":[[2010,9]]},"references-count":21,"journal-issue":{"issue":"1-2","published-print":{"date-parts":[[2010,9]]}},"alternative-id":["10.14778\/1920841.1920972"],"URL":"https:\/\/doi.org\/10.14778\/1920841.1920972","relation":{},"ISSN":["2150-8097"],"issn-type":[{"value":"2150-8097","type":"print"}],"subject":[],"published":{"date-parts":[[2010,9]]}}}