An Active Genomic Data Recovery Attack

Öz

With the decreasing cost and availability of human genome sequencing, genomic privacy becomes an important issue. Several methods have been proposed in the literature to overcome these problems including cryptographic and privacy preserving data mining methods: homomorphic encryption, cryptographic hardware. In a recent work, Barman et. al studied privacy threats and practical solutions considering an SNP based scenario. The authors introduced a new protocol where a malicious medical center processes an active attack in order to retrieve genomic data of a given patient. The authors have mentioned that this protocol provides a trade-off between privacy and practicality. In this paper, we first give an overview of the system for SNP based risk calculation. We provide the definitions of privacy threats and briefly Barman et al.’s protocol and their solution. The authors proposed to use a weighted sum method of SNP coefficients for calculating disease tendency. They argue that the specific choice of the bases would prevent unique identification of SNPs. Our main observation is that this is not true. Contrary to the security claim, SNP combinations can be identified uniquely in many different scenarios. Our method exploits a pre-computed look-up table for retrieving SNPs’ values from the test result. An attacker can obtain all SNP values of a given patient by using the pre-computed look-up table. We provide practical examples of weights and pre-computed tables. We also mention that even in the case where the table is large and the attacker can not handle at one time, he can still gather information using multi queries. Our work shows that more realistic attack scenarios must be considered in the design of genetic security systems.

Anahtar Kelimeler

• genomic privacy,secure computation

Kaynakça

1. “Genomics England — 100,000 Genomes Project,” accessed: 2015-07-05. [Online]. Available: http://www.genomicsengland.co.uk/
2. M. Akgun, A. O. Bayrak, B. Ozer, and M. S. Sagiroglu, “Privacy preserving processing of genomic data: A survey ,”Journal of Biomedical Informatics, vol. 56, no. 0, pp. 103 – 111, 2015.
3. Y. Erlich and A. Narayanan, “Routes for breaching and protecting genetic privacy,” Nat. Rev. Genet., May 2014.
4. M. Goodrich, “The mastermind attack on genomic data,” in Security and Privacy, 2009 30th IEEE Symposium on, May 2009, pp. 204–218.
5. M. Canim, M. Kantarcioglu, and B. Malin, “Secure management of biomedical data with cryptographic hardware,” Trans. Info. Tech. Biomed., vol. 16, no. 1, pp. 166–175, Jan. 2012.
6. C. Uhler, A. B. Slavkovic, , and S. E. Fienberg, “Privacy-preserving data sharing for genome-wide association studies,” Journal of Privacy and Confidentiality, vol. 5, no. 1, pp. 137–166, 2013.
7. M. Naveed, E. Ayday, E. W. Clayton, J. Fellay, C. A. Gunter, J.-P.Hubaux, B. A. Malin, and X. Wang, “Privacy in the genomic era,” ACM Computing Surveys, vol. 48, no. 1, pp. 1–44, 2015. [Online]. Available: http://dl.acm.org/citation.cfm?doid=2808687.2767007
8. L. Barman, M. T. Elgraini, J. L. Raisaro, J. Hubaux, and E. Ayday, “Privacy threats and practical solutions for genetic risk tests,” in2015 IEEE Symposium on Security and Privacy Workshops, SPW 2015, San Jose, CA, USA, May 21-22, 2015 , 2015, pp. 27–31. [Online]. Available: https://doi.org/10.1109/SPW.2015.12

9. E. Ayday, J. L. Raisaro, P. J. McLaren, J. Fellay, and J.-P. Hubaux, “Privacy-preserving computation of disease risk by using genomic, clinical, and environmental data,” in Proceedings of the 2013 USENIX Conference on Safety, Security, Privacy and Interoperability of Health Information Technologies, ser. HealthTech’13. Berkeley, CA, USA: USENIX Association, 2013, pp. 1–1. [Online]. Available: http://dl.acm.org/citation.cfm?id=2696523.2696524
10. E. Ayday, J. L. Raisaro, and J.-P. Hubaux, “Personal Use of the Genomic Data: Privacy vs. storage Cost,” in IEEE Global Communications Conference, Exhibition and Industry Forum – GLOBECOM, 2013.
11. G. Danezis and E. D. Cristofaro, “Fast and private genomic testing for disease susceptibility,” in Proceedings of the 13th Workshop on Privacy in the Electronic Society, WPES 2014, Scottsdale, AZ, USA, November 3, 2014, 2014, pp. 31–34. [Online]. Available: http://doi.acm.org/10.1145/2665943.2665952
12. M. Djatmiko, A. Friedman, R. Boreli, F. Lawrence, B. Thorne, and S. Hardy, “Secure evaluation protocol for personalized medicine,” in Proceedings of the 13th Workshop on Privacy in the Electronic Society, ser. WPES ’14. New York, NY, USA: ACM, 2014, pp. 159–162. [Online]. Available: http://doi.acm.org/10.1145/2665943.2665967
13. J. Zhang, L. Zhang, M. He, and S. Yiu, “Privacy-preserving disease risk test based on bloom filters,” in Information and Communications Security - 19th International Conference, ICICS 2017, Beijing, China, December 6-8, 2017, Proceedings, 2017, pp. 472–486. [Online]. Available: https://doi.org/10.1007/978-3-319-89500-041
14. M. Akgun, B. Erguner, A. O. Bayrak, and M. S. Sagiroglu, “Human genome in a smart card,” in HEALTHINF 2014 - Proceedings ofthe International Conference on Health Informatics, ESEO, Angers, Loire Valley, France, 3-6 March, 2014, 2014, pp. 310–316. [Online]. Available: http://dx.doi.org/10.5220/0004799903100316
15. N. P. Karvelas, A. Peter, S. Katzenbeisser, E. Tews, and K. Hamacher, “Privacy-preserving whole genome sequence processing throughproxy-aided ORAM,” in Proceedings of the 13th Workshop on Privacy in the Electronic Society, WPES 2014, Scottsdale, AZ,USA, November 3, 2014, 2014, pp. 1–10. [Online]. Available: http://doi.acm.org/10.1145/2665943.2665962
16. E. Ayday, J. L. Raisaro, J. Hubaux, and J. Rougemont, “Protecting and evaluating genomic privacy in medical tests and personalized medicine,” in Proceedings of the 12th annual ACM Workshop on Privacy in the Electronic Society, WPES 2013, Berlin, Germany, November 4, 2013, 2013, pp. 95–106. [Online]. Available: http://doi.acm.org/10.1145/2517840.2517843