TY - GEN
T1 - Bubble trouble
T2 - 20th USENIX Security Symposium
AU - Calandrino, Joseph A.
AU - Clarkson, William
AU - Felten, Edward W.
N1 - Publisher Copyright:
© 2011 by The USENIX Association.
PY - 2011
Y1 - 2011
N2 - Fill-in-the-bubble forms are widely used for surveys, election ballots, and standardized tests. In these and other scenarios, use of the forms comes with an implicit assumption that individuals' bubble markings themselves are not identifying. This work challenges this assumption, demonstrating that fill-in-the-bubble forms could convey a respondent's identity even in the absence of explicit identifying information. We develop methods to capture the unique features of a marked bubble and use machine learning to isolate characteristics indicative of its creator. Using surveys from more than ninety individuals, we apply these techniques and successfully reidentify individuals from markings alone with over 50% accuracy. This bubble-based analysis can have either positive or negative implications depending on the application. Potential applications range from detection of cheating on standardized tests to attacks on the secrecy of election ballots. To protect against negative consequences, we discuss mitigation techniques to remove a bubble's identifying characteristics. We suggest additional tests using longitudinal data and larger datasets to further explore the potential of our approach in realworld applications.
AB - Fill-in-the-bubble forms are widely used for surveys, election ballots, and standardized tests. In these and other scenarios, use of the forms comes with an implicit assumption that individuals' bubble markings themselves are not identifying. This work challenges this assumption, demonstrating that fill-in-the-bubble forms could convey a respondent's identity even in the absence of explicit identifying information. We develop methods to capture the unique features of a marked bubble and use machine learning to isolate characteristics indicative of its creator. Using surveys from more than ninety individuals, we apply these techniques and successfully reidentify individuals from markings alone with over 50% accuracy. This bubble-based analysis can have either positive or negative implications depending on the application. Potential applications range from detection of cheating on standardized tests to attacks on the secrecy of election ballots. To protect against negative consequences, we discuss mitigation techniques to remove a bubble's identifying characteristics. We suggest additional tests using longitudinal data and larger datasets to further explore the potential of our approach in realworld applications.
UR - http://www.scopus.com/inward/record.url?scp=84914175177&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84914175177&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84914175177
T3 - Proceedings of the 20th USENIX Security Symposium
SP - 267
EP - 280
BT - Proceedings of the 20th USENIX Security Symposium
PB - USENIX Association
Y2 - 8 August 2011 through 12 August 2011
ER -