Objective
Build an HTML serious game to “attack” models, anonymized data… in order to extract private data:
- Study the literature about privacy attacks and establish a list of known methods and adequate contexts
- Select a few of them that you think may be implemented as an online game in controlled/simulated conditions
- Imagine playful game scenarios to showcase these attacks
- Implement these games in HTML/CSS/javascript
Example 1
Since the submission of this project proposal, a new article has been published in “The Conversation” about “De-anonymizing data”: http://theconversation.com/donnees-anonymes-bien-trop-faciles-a-identifier-123157
The authors develop an algorithm to estimate the probability of being certain to have identified someone from partial features, and have made an “online test”, you can try and play it: https://cpg.doc.ic.ac.uk/individual-risk/
Example 2
But we would prefer something that is more like a game, in the same spirit as this example: https://xss-game.appspot.com where the player is asked to attack a website with XSS injection.
Starting methods
- look at Example 1
- Extracting data from AI models (“arXiv 1802.08232”)
- “De-anonymizing web browsing data with social networks”