Researchers from Macquarie University uncovered a vulnerability in the Census data visualisation tool that would have allowed individuals to be re-identified through their responses.
The exploit, which the Australian Bureau of Statistics says has now been addressed, also made it possible to reconstruct original data from the population count, the new study [pdf] reveals.
Dr Dali Kaafar and Hassan Jameel Asghar discovered the vulnerability in the perturbation algorithm used for the agency’s online tool TableBuilder, which allows users to create tables, graphs and maps of census data.
The algorithm preserves privacy by adding “noise distributed within a bounded range (possibly undisclosed)” to perturbs answers to queries.
But the cyber security researchers said the algorithm was “faulty and puts the highly sensitive original census data at major risk of being revealed” after working out how to "find any hidden parameters of the algorithm" and "remove the noise applied by the algorithm".
While neither relies on any background information, the researchers said “a little background information” would be enough to link unique census responses to “real persons in the population”.
“Implications of this attack go beyond re-identification risks, as the attack makes it possible to reveal values intended to be hidden by the TBE perturbation algorithm and hence can reconstruct the original census data,” the researchers said.
The researchers found perturbed answers could be retrieved with a “probability of more than 95 percent with only 200 queries”.
While a “synthetic dataset accessed via an API built on top of the TBE algorithm” was used instead of real census data for ethical reasons, the researchers said the attack was applicable to TableBuilder.
"Even though the TableBuilder tool is not equipped with an API the attack could still be
performed in an automated way, e.g., one could use web-based scripts to query the tool," the research paper states.
When the researchers communicated the vulnerability to ABS, the agency said it was “bringing some upcoming changes to the TableBuilder tool”.
An ABS spokesperson told iTnews the agency had been working with the researchers since early 2017 on ways to mitigate the exploit and had “already implemented measures to address the vulnerability”.
“This includes reducing the amount of details to be accessed by certain Table Builder applications, strengthening the terms of use of Table Builder and also regularly monitoring the job logs to forestall any possible attacks,” the spokesperson said.
“There is no evidence of anyone's privacy being compromised with the use of Table Builder.
“We have been working, and will continue to work, with leading experts to ensure we are using the best approaches possible to protect individuals' data.”
