What is a differencing attack?

A differencing attack occurs when an attacker uses aggregate statistics from a database to learn information about an individual.

Example of differencing attack

As an example of a differencing attack scenario, to maintain privacy of individuals, a database of medical diagnoses may be constructed with a rule to reject queries that would return results for fewer than 10 people.

If an attacker wants to determine the medical diagnosis of a single person, they could first query the counts of each diagnosis in the entire dataset, then the counts of each diagnosis in the entire dataset excluding the individual. Neither query would be rejected, because both include over 10 people. However, by finding the difference, the attacker can determine the diagnosis of an individual.

More about privacy in a differencing attack scenario.

Devron is a next-generation federated learning and data science platform that enables decentralized analytics. Learn more about our solutions, read more of our knowledge base articles, about our federated learning platform, or schedule a demo with us today.