Songtao Guo,Xintao Wu,Yingjiu Li

DOI: https://doi.org/10.1007/s10115-008-0123-9

IF: 2.7

2008-01-01

Knowledge and Information Systems

Abstract:Additive randomization has been a primary tool for hiding sensitive private information. Previous work empirically showed that individual data values can be approximately reconstructed from the perturbed values, using spectral filtering techniques. This poses a serious threat of privacy breaches. In this paper we conduct a theoretical study on how the reconstruction error varies, for different types of additive noise. In particular, we first derive an upper bound for the reconstruction error using matrix perturbation theory. Attackers who use spectral filtering techniques to estimate the true data values may leverage this bound to determine how close their estimates are to the original data. We then derive a lower bound for the reconstruction error, which can help data owners decide how much noise should be added to satisfy a given threshold of the tolerated privacy breach.

Songtao Guo,Xintao Wu,Yingjiu Li

DOI: https://doi.org/10.1007/11871637_51

2006-01-01

Abstract:Additive Randomization has been a primary tool to hide sensitive private information during privacy preserving data mining. The previous work based on Spectral Filtering empirically showed that individual data can be separated from the perturbed one and as a result privacy can be seriously compromised. Our previous work initiated the theoretical study on how the estimation error varies with the noise and gave an upper bound for the Frobenius norm of reconstruction error using matrix perturbation theory. In this paper, we propose one Singular Value Decomposition (SVD) based reconstruction method and derive a lower bound for the reconstruction error. We then prove the equivalence between the Spectral Filtering based approach and the proposed SVD approach and as a result the achieved lower bound can also be considered as the lower bound of the Spectral Filtering based approach.

Songtao Guo,Xintao Wu,Yingjiu Li

DOI: https://doi.org/10.1109/ICDEW.2006.47

2006-01-01

Abstract:Several randomized techniques have been proposed for privacy preserving data mining of continuous data. These approaches generally attempt to hide the sensitive data by randomly modifying the data values using some additive noise and aim to reconstruct the original distribution closely at an aggregate level. However, one challenge here is whether the reconstructed distribution can be exploited by attackers or snoopers to derive sensitive individual data. This paper presents one simple attack using Inter-Quantile Range on reconstructed distribution. The experimental results show that current random perturbation-based privacy preserving data mining techniques may need a careful scrutiny in order to prevent privacy breaches through this model based inference.

Yuliang Zheng,Xintao Wu,Songtao Guo

2007-01-01

Abstract:Privacy is often considered as a social, moral or legal concept. As Internet and e-commerce have prospered nowadays, privacy has become one of the most important issues in IT and has received increasing attention from enterprises, consumers and legislators. Although various techniques, such as randomization-based methods, cryptographic-based methods, and database inference control etc. have been developed, many key problems still remain open in this area. Especially, new privacy and security issues have been identified, and the scope of the privacy has been expanded. An essential problem under the context is tradeoffs between the data utility and the disclosure risk. Since previous research only conducted empirical evaluations or limited analysis for existing randomization techniques, a more solid theoretical analysis is needed. This dissertation investigates different perturbation models in randomization-based privacy preserving data mining. Among them, the additive-noise-based model and the projection-based-model are primary tools. For the additive-noise-based perturbation, the explicit relation between noise and mining accuracy has not been carefully studied. We first propose an improved strategy to reconstruct the data based on the representative method. Then we develop explicit bounds of reconstruction error. Both the upper bound and the lower bound provide a guideline to balance the privacy/accuracy tradeoff. We also discuss other potential threats to the privacy based on our defined measure for quantifying the privacy. For the projection-based perturbation, properties of different models and possible disclosures within those models are analyzed in detail. Particularly, we propose an A-priori Knowledge-based ICA attack (AK-ICA) which is effective against all the existing projection models. Due to the vulnerabilities in previous randomization models, a general-location-model-based approach is proposed. It first builds a statistical model to fit the real data with both categorical and numerical types of variables, then generates a synthetic data set for mining by tuning parameters of the model instead of perturbing particular individual values. Since the search space of parameters of the model is much smaller than that of data and all information which attackers can derive is contained in those parameters, this approach is expected to be more effective and efficient. This dissertation investigates privacy issues of the numerical data in this model, wherein the disclosure is analyzed and controlled in different scenarios.

Jun Luo,Jinfei Liu,Li Xiong

DOI: https://doi.org/10.1007/978-3-319-06608-0_49

2014-01-01

Abstract:The pervasive usage of LBS (Location Based Services) has caused serious risk of personal privacy. In order to preserve the privacy of locations, only the anonymized or perturbated data are published. At the same time, the data mining results for the perturbated data should keep as close as possible to the data mining results for the original data. In this paper, we propose a novel perturbation method such that the Delaunay triangulation of the perturbated data is the same as that of the original data. Theoretically, the Delaunay triangulation of point data set presents the neighborhood relationships of points. Many data mining algorithms strongly depend on the neighborhood relationships of points. Our method is proved to be effective and efficient by performing several popular data mining algorithms such as KNN, K-means, DBSCAN.

Songtao Guo,Xintao Wu

2007-01-01

Abstract:Several perturbation techniques have been proposed for privacy preserving data mining, among which the most popular ones are the additive noise based randomization approach and the rotation based perturbation approach. This paper first presents a general framework based on the general linear transformation, which incorporates both the ad ditive noise based and the rotation based perturbation approaches. Then it explores its privacy preserving property . Specifically, an Independent Component Analysis based reconstruction method, AK-ICA, is proposed to breach privacy when a subset of sample data are a-priori known by attackers. The theoretical analysis and experimental resu lts show that all current transformed privacy preserving data mining techniques may need a careful scrutiny in order to prevent privacy breaches when a subset of sample data are available.

Sheng Zhong,Zhiqiang Yang

DOI: https://doi.org/10.1007/s00778-007-0056-z

2007-01-01

Abstract:There have been two methods for privacy- preserving data mining: the perturbation approach and the cryptographic approach. The perturbation approach is typically very efficient, but it suffers from a tradeoff between accuracy and privacy. In contrast, the cryptographic approach usually maintains accuracy, but it is more expensive in computation and communication overhead. We propose a novel perturbation method, called guided perturbation . Specifically, we focus on a central problem of privacy-preserving data mining—the secure scalar product problem of vertically partitioned data, and give a solution based on guided perturbation, with good, provable privacy guarantee. Our solution achieves accuracy comparable to the cryptographic solutions, while keeping the efficiency of perturbation solutions. Our experimental results show that it can be more than one hundred times faster than a typical cryptographic solution.

Chris Giannella,Kun Liu,Hillol Kargupta

DOI: https://doi.org/10.48550/arXiv.0911.2942

2013-01-02

Abstract:We examine Euclidean distance-preserving data perturbation as a tool for privacy-preserving data mining. Such perturbations allow many important data mining algorithms e.g. hierarchical and k-means clustering), with only minor modification, to be applied to the perturbed data and produce exactly the same results as if applied to the original data. However, the issue of how well the privacy of the original data is preserved needs careful study. We engage in this study by assuming the role of an attacker armed with a small set of known original data tuples (inputs). Little work has been done examining this kind of attack when the number of known original tuples is less than the number of data dimensions. We focus on this important case, develop and rigorously analyze an attack that utilizes any number of known original tuples. The approach allows the attacker to estimate the original data tuple associated with each perturbed tuple and calculate the probability that the estimation results in a privacy breach. On a real 16-dimensional dataset, we show that the attacker, with 4 known original tuples, can estimate an original unknown tuple with less than 7% error with probability exceeding 0.8.

Databases,Cryptography and Security

LI Feng,LI Sheng-hong,LI Jian-hua

DOI: https://doi.org/10.3321/j.issn:1006-2467.2009.03.020

2009-01-01

Abstract:Analysis and evaluations on the security of general data perturbation method through SVD(Singular Vector Decomposition) based attacks shows its vulnerability.An evaluation method was raised for quantifying the strength of data perturbation,and an enhanced method was presented based on eigen space to prevent against SVD-based attacks.The experiments show the availability and robustness of the model with unknown data source under SVD attacks.

Ji Li,Jianghong Wei,Mao Ye,Wenfen Liu,Xuexian Hu

DOI: https://doi.org/10.1049/iet-ifs.2019.0255

2019-01-01

IET Information Security

Abstract:With the increasing concern on the preservation of personal privacy, privacy-preserving data mining has become a hot topic in recent years. Spectral clustering is one of the most widely used clustering algorithm for exploratory data analysis and usually has to deal with sensitive data sets. How to conduct privacy-preserving spectral clustering is an urgent problem to be solved. In this study, the authors focus on introducing the notion of differential privacy, which is considered as the de facto standard of privacy-preserving data analysis, into spectral clustering. Specifically, by combining the well-studied constrained spectral clustering with the Wishart mechanism in a novel way, the authors propose a differentially private constrained spectral clustering (DP-CSC) algorithm. The DP-CSC algorithm is proved to capture asymptotic property and achieves.-differential privacy. To illustrate the effectiveness and efficiency of DP-CSC, the authors conduct experiments on five real-word data sets. The results indicate that the DP-CSC algorithm can provide acceptable clustering accuracy with short running time while preserving individual privacy.

Zhiqiang Yang,Sheng Zhong,Rebecca N. Wright

DOI: https://doi.org/10.1137/1.9781611972757.9

2005-01-01

Abstract:Privacy has become an increasingly important issue in data mining. In this paper, we consider a scenario in which a data miner surveys a large number of customers to learn classification rules on their data, while the sensitive attributes of these customers need to be protected. Solutions have been proposed to address this problem using randomization techniques. Such solutions exhibit a tradeoff of accuracy and privacy: the more each customer's private information is protected, the less accurate result the miner obtains; conversely, the more accurate the result, the less privacy for the customers.In this paper, we propose a simple cryptographic approach that is efficient even in a many-customer setting, provides strong privacy for each customer, and does not lose any accuracy as the cost of privacy. Our key technical contribution is a privacy-preserving method that allows a data miner to compute frequencies of values or tuples of values in the customers' data, without revealing the privacy-sensitive part of the data. Unlike general-purpose cryptographic protocols, this method requires no interaction between customers, and each customer only needs to send a single flow of communication to the data miner. However, we are still able to ensure that nothing about the sensitive data beyond the desired frequencies is revealed to the data miner.To illustrate the power of our approach, we use our frequency mining computation to obtain a privacy-preserving naive Bayes classifier learning algorithm. Initial experimental results demonstrate the practical efficiency of our solution. We also suggest some other applications of privacy-preserving frequency mining.

Jianping He,Lin Cai,Xinping Guan

DOI: https://doi.org/10.1109/tit.2018.2842221

IF: 2.5

2018-01-01

IEEE Transactions on Information Theory

Abstract:Network systems often rely on distributed algorithms to achieve a global computation goal with iterative local information exchanges between neighbor nodes. To preserve data privacy, a node may add a random noise to its original data for information exchange at each iteration. Nevertheless, an eavesdropping node can estimate other’s original data based on the information it received. The estimation accuracy and data privacy can be measured in terms of $(\epsilon, \delta)$ -data-privacy, defined as the probability of $\epsilon $ -accurate estimate (the difference of an estimation and the original data is within $\epsilon $ ) is no larger than $\delta $ (the disclosure probability). How to optimize the estimation and analyze data privacy is a critical and open issue. In this paper, a theoretical framework is developed to investigate how to optimize the estimation of neighbor’s original data using the local information received, named optimal distributed estimation. Then, we study the disclosure probability under the optimal estimation for data privacy analysis. We further apply the developed framework to analyze the data privacy of the privacy-preserving average consensus algorithm and identify the optimal noises for the algorithm.

Ling Guo,Songtao Guo,Xintao Wu

DOI: https://doi.org/10.1007/978-3-540-74976-9_13

2007-01-01

Abstract:Randomized Response techniques have been empirically investigated in privacy preserving association rule mining. However, previous research on privacy preserving market basket data analysis was solely focused on support/confidence framework. Since there are inherent problems with the concept of finding rules based on their support and confidence measures, many other measures (e.g., correlation, lift, etc.) for the general market basket data analysis have been studied. How those measures are affected due to distortion is not clear in the privacy preserving analysis scenario.In this paper, we investigate the accuracy (in terms of bias and variance of estimates) of estimates of various rules derived from the randomized market basket data and present a general framework which can conduct theoretical analysis on how the randomization process affects the accuracy of various measures adopted in market basket data analysis. We also show several measures (e.g., correlation) have monotonic property, i.e., the values calculated directly from the randomized data are always less or equal than those original ones. Hence, some market basket data analysis tasks can be executed on the randomized data directly without the release of distortion probabilities,. which can better protect data privacy.

Ling Guo,Songtao Guo,Xintao Wu

DOI: https://doi.org/10.1007/978-3-540-68125-0_13

2008-01-01

Abstract:Randomized Response techniques have been empirically investigated in privacy preserving association rule mining. In this paper, we investigate the accuracy (in terms of bias and variance of estimates) of both support and confidence estimates of association rules derived from the randomized data. We demonstrate that providing confidence on data mining results from randomized data is significant to data miners. We propose the novel idea of using interquantile range to bound those estimates derived from the randomized market basket data. The performance is evaluated using both representative real and synthetic data sets.

Shenggang Ying,Mingsheng Ying,Yuan Feng

DOI: https://doi.org/10.48550/arxiv.1702.04420

2017-01-01

Abstract:Data analytics (such as association rule mining and decision tree mining) can discover useful statistical knowledge from a big data set. But protecting the privacy of the data provider and the data user in the process of analytics is a serious issue. Usually, the privacy of both parties cannot be fully protected simultaneously by a classical algorithm. In this paper, we present a quantum protocol for data mining that can much better protect privacy than the known classical algorithms: (1) if both the data provider and the data user are honest, the data user can know nothing about the database except the statistical results, and the data provider can get nearly no information about the results mined by the data user; (2) if the data user is dishonest and tries to disclose private information of the other, she/he will be detected with a high probability; (3) if the data provider tries to disclose the privacy of the data user, she/he cannot get any useful information since the data user hides his privacy among noises.

Chuan Ma,Long Yuan,Li Han,Ming Ding,Raghav Bhaskar,Jun Li

DOI: https://doi.org/10.1109/tkde.2021.3137047

IF: 9.235

2021-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:With the great amount of available data, especially collecting from the ubiquitous Internet of Things (IoT), the issue of privacy leakage arises increasingly concerns recently. To preserve the privacy of IoT datasets, traditional methods usually calibrate random noises on the data values to achieve differential privacy (DP). However, the amount of the calibrating noises should be carefully designed and a heedless value will definitely degrade the availability of datasets. Thus, in this work, we propose a stochastic perturbation method to sanitize the dataset, where the perturbation is obtained from the rest samples in the same dataset. In addition, we derive the expression of the utility level based on its unique framework and prove that the proposed algorithm can achieve the $\epsilon$ε-DP. To show the effectiveness of the proposed algorithm, we conduct extensive experiments on real-life datasets by various functions, such as query answers and machine learning tasks. By comparing with the state-of-the-art methods, our proposed algorithm can achieve a better performance under the same privacy level.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Lei Xu,Chunxiao Jiang,Yi Qian,Yong Ren

DOI: https://doi.org/10.1007/978-3-319-77965-2_6

2018-01-01

Abstract:An important issue in distributed data mining is privacy. It is necessary for each participant to make sure that its privacy is not disclosed to other participants or a third party. To protect privacy, one can apply a differential privacy approach to perturb the data before sharing them with others, which generally hurts the mining result. That is to say, the participant faces a trade-off between privacy and the mining result. In this chapter, we study a distributed classification scenario where a mediator builds a classifier based on the perturbed query results returned by a number of users. A game theoretical approach is proposed to analyze how users choose their privacy budgets. Specifically, interactions among users are modeled as a game in satisfaction form. And an algorithm is proposed for users to learn the satisfaction equilibrium (SE) of the game. Experimental results demonstrate that, when the differences among users’ expectations are not significant, the proposed learning algorithm can converge to an SE, at which every user achieves a balance between the accuracy of the classifier and the preserved privacy.

S. Chidambaram,K.G Srinivasagan

DOI: https://doi.org/10.1109/icrtit.2014.6996194

2014-04-01

Abstract:Now a Days huge volume of personal and sensitive data is collected and retrieved by various enterprises like social networking system, health networks, financial organizations and retailers. There are three main entities such as data owner; the database service provider and the client are mainly involved in this type of outsourced based data model. So that is more essential for the privacy preservation of the owner. Privacy preservation is a main challenging area in data mining. In that, Data based privacy perturbation technique is the standard model which performs the data transformation process before publishing the data. This paper proposes Additive Multiplicative Perturbation Privacy Preserving Data Mining (AM-PPDM) which is suitable for multiple trust level. In that, the random noise perturbation is applied to individual values before the data are published. This hybrid approach improves the privacy guarantee value during the reconstruction process. In AM-PPDM, the generated random Gaussian noise multiplied with the original data to produce different perturbed copies at various trust levels. By implementing this approach, the diversity attack is completely avoided during the reconstruction process.

Pedro Reviriego,Jim Apple,David Larrabeiti,Shanshan Liu,Fabrizio Lombardi

DOI: https://doi.org/10.1109/tifs.2024.3404868

IF: 7.231

2024-06-04

IEEE Transactions on Information Forensics and Security

Abstract:As probabilistic data structures are widely adopted in computing systems, their privacy is a major issue. Recent works have shown that even though the values stored in these structures look random, information can be extracted from them in some settings. In this paper, we consider the privacy of adaptive cuckoo filters, a probabilistic data structure that implements approximate membership checking. The main novelty and benefit of these filters are that they can adapt to removing false-positives. Unfortunately, our analysis shows that adaptation can dramatically reduce the privacy of the filters, allowing an attacker to extract the set of elements stored in the filter. Indeed, in some settings, the attacker can identify 100% of the elements stored in the filter. This means that the protection of the privacy of adaptive cuckoo filters should be considered. To that end, we propose preprocessing reduction (PR), a scheme that prevents an attacker from extracting the set of elements stored in the filter at the cost of increasing the false-positive probability of the filter. In many settings, the impact on false-positives will be negligible. For example, in a case study with 32-bit universes, the increase in the false-positive probability was smaller than 8% in all the configurations tested. Interestingly, PR is applicable not only to adaptive filters but also to approximate membership check filters in general and thus can be used to protect, for example, Bloom filters.

computer science, theory & methods,engineering, electrical & electronic

Wan Haiping,He Huacan

DOI: https://doi.org/10.5555/1166890.1166956

2006-01-01

Artificial Intelligence and Applications

Abstract:We provide an overview of the emerging issues in privacy preserving data mining. Also we develop solutions for two secure two-party computing problems. Many of the research issues focus on underlying blocks, we show how to integrate them with kernel methods in classifications. We evaluate their performance, privacy capacity, and draw some initial conclusions.