Entropy-Based Correlation Analysis for Privacy Risk Assessment in IoT Identity Ecosystem

Kai-Chih Chang; Suzanne Barber

doi:10.3390/e27070723

Entropy (Jul 2025)

Entropy-Based Correlation Analysis for Privacy Risk Assessment in IoT Identity Ecosystem

Kai-Chih Chang,
Suzanne Barber

Affiliations

Kai-Chih Chang: Department of Electrical and Computer Engineering, The University of Texas at Austin, Austin, TX 78712, USA
Suzanne Barber: Department of Electrical and Computer Engineering, The University of Texas at Austin, Austin, TX 78712, USA

DOI: https://doi.org/10.3390/e27070723
Journal volume & issue: Vol. 27, no. 7
p. 723

Abstract

Read online

As the Internet of Things (IoT) expands, robust tools for assessing privacy risk are increasingly critical. This research introduces a quantitative framework for evaluating IoT privacy risks, centered on two algorithmically derived scores: the Personalized Privacy Assistant (PPA) score and the PrivacyCheck score, both developed by the Center for Identity at The University of Texas. We analyze the correlation between these scores across multiple types of sensitive data—including email, social security numbers, and location—to understand their effectiveness in detecting privacy vulnerabilities. Our approach leverages Bayesian networks with cycle decomposition to capture complex dependencies among risk factors and applies entropy-based metrics to quantify informational uncertainty in privacy assessments. Experimental results highlight the strengths and limitations of each tool and demonstrate the value of combining data-driven risk scoring, information-theoretic analysis, and network modeling for privacy evaluation in IoT environments.

Published in Entropy

ISSN: 1099-4300 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Science: Astronomy: Astrophysics; Science: Physics
Website: http://www.mdpi.com/journal/entropy

About the journal

Abstract

Keywords