Yan Leng,Yijun Chen,Xiaowen Dong,Junfeng Wu,Guodong Shi

DOI: https://doi.org/10.2139/ssrn.3875878

2021-01-01

SSRN Electronic Journal

Abstract:There exists a growing concern about the privacy threats inherently encoded in the increasingly available behavioral data. In this paper, we focus on online service providers over which users reveal preferences (e.g., ratings or reviews) as publicly available behavioral data. We model users' strategic interactions in making these decisions as quadratic games on networks, where a user's payoff depends not only on their actions but also on their neighbors in a social interaction network. Based on the assumption that the observed preferences correspond to the Nash equilibrium of the game, we investigate whether eavesdroppers or competitors having access to such behavioral data could potentially infer or even thoroughly learn the hidden social interaction network from the observed user actions, leading to privacy risks at a system level for the platform. We introduce three notions of privacy risks on networks: fundamental privacy, conditional privacy, and practical privacy. We establish necessary and sufficient conditions for fundamental and conditional privacy of the social interaction structure, suggesting that at the system level, such interaction structure is not facing a critical risk of being fully exposed regardless of the amount of data available. To study practical privacy, we further propose and analyze a novel learning framework by solving a joint optimization problem for the network structure and the individual marginal benefits in the game. Extensive experiments on synthetic and real-world data demonstrate the effectiveness of the proposed framework, hence illustrating that behavioral data indeed present substantial privacy risks in practice. Broadly, this study enriches the network privacy literature and provides implications for online platforms by revealing the unexpected consequence of leaking network connections due to public consumer revealed preferences.

Li Kuang,Yujia Zhu,Shuqi Li,Xuejin Yan,Han Yan,Shuiguang Deng

DOI: https://doi.org/10.1155/2018/3486529

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:With the rapid development of sensor acquisition technology, more and more data are collected, analyzed, and encapsulated into application services. However, most of applications are developed by untrusted third parties. Therefore, it has become an urgent problem to protect users’ privacy in data publication. Since the attacker may identify the user based on the combination of user’s quasi-identifiers and the fewer quasi-identifier fields result in a lower probability of privacy leaks, therefore, in this paper, we aim to investigate an optimal number of quasi-identifier fields under the constraint of trade-offs between service quality and privacy protection. We first propose modelling the service development process as a cooperative game between the data owner and consumers and employing the Stackelberg game model to determine the number of quasi-identifiers that are published to the data development organization. We then propose a way to identify when the new data should be learned, as well, a way to update the parameters involved in the model, so that the new strategy on quasi-identifier fields can be delivered. The experiment first analyses the validity of our proposed model and then compares it with the traditional privacy protection approach, and the experiment shows that the data loss of our model is less than that of the traditional k-anonymity especially when strong privacy protection is applied.

Dongxiao Yu,Kaiyi Zhang,Youming Tao,Wenlu Xu,Yifei Zou,Xiuzhen Cheng

DOI: https://doi.org/10.1109/icnc59896.2024.10556247

2024-01-01

Abstract:Data collection from users is essential for various IoT services. However, privacy concerns may prevent users from sharing their raw data truthfully. The problem becomes more complex when the data and relationships are correlated and the privacy preferences are personalized. In particular, users' data are influenced by social interactions, which implies that others' data can affect users' privacy. Moreover, users care not only about their own privacy leakage, but also about their social contacts' privacy leakage, due to the social ties in reality. Furthermore, different users have different levels of privacy sensitivity for their own data, which poses a challenge for balancing user privacy and data utility. In this paper, we investigate the correlation-aware and personalized private data collection problem. We formulate the private data collection process as a Stackelberg game, where the platform sets its reward policy and users select their noise levels for privacy preservation. To tackle the challenges above, we adopt the Gaussian correlation model to represent the data correlation among users and integrate the relationship correlation and personalization when deriving the optimal strategies for both users and the platform. Notably, we employ mutual information differential privacy for a rigorous quantification of the correlated privacy loss. Through rigorous theoretical analysis, we first establish the connection between users' Nash equilibrium and the payment mechanism, and then optimize the platform's accuracy under a budget constraint by designing the reward policy. We also demonstrate the effectiveness of our proposed framework through extensive numerical experiments.

Datong Wu,Xiaotong Wu,Jiaquan Gao,Genlin Ji,Taotao Wu,Xuyun Zhang,Wanchun Dou

DOI: https://doi.org/10.1007/978-981-15-9129-7_15

2020-01-01

Abstract:Privacy preservation has been one of the biggest concerns in data sharing and publishing. The wide-spread application of data sharing and publishing contributes to the utilization of data, but brings a severe risk of privacy leakage. Although the corresponding privacy preservation techniques have been proposed, it is inevitable to decrease the accuracy of data. More importantly, it is a challenge to analyze the behaviors and interactions among different participants, including data owners, collectors and adversaries. For data owners and collectors, they need to select proper privacy preservation mechanisms and parameters to maximize their utility under a certain amount of privacy guarantee. For data adversaries, their objective is to get the sensitive information by various attack measurements. In this paper, we survey the related work of game theory-based privacy preservation under data sharing and publishing. We also discuss the possible trends and challenges of the future research. Our survey provides a systematic and comprehensive understanding about privacy preservation problems under data sharing and publishing.

Dongning Jia,Bo Yin,Xianqing Huang

DOI: https://doi.org/10.1155/2021/1181129

2021-01-01

Wireless Communications and Mobile Computing

Abstract:As people's awareness of the issue of privacy leakage continues to increase, and the demand for privacy protection continues to increase, there is an urgent need for some effective methods or means to achieve the purpose of protecting privacy. So far, there have been many achievements in the research of location-based privacy services, and it can effectively protect the location privacy of users. However, there are few research results that require privacy protection, and the privacy protection system needs to be improved. Aiming at the shortcomings of traditional differential privacy protection, this paper designs a differential privacy protection mechanism based on interactive social networks. Under this mechanism, we have proved that it meets the protection conditions of differential privacy and prevents the leakage of private information with the greatest possibility. In this paper, we establish a network evolution game model, in which users only play games with connected users. Then, based on the game model, a dynamic equation is derived to express the trend of the proportion of users adopting privacy protection settings in the network over time, and the impact of the benefit-cost ratio on the evolutionarily stable state is analyzed. A real data set is used to verify the feasibility of the model. Experimental results show that the model can effectively describe the dynamic evolution of social network users' privacy protection behaviors. This model can help social platforms design effective security services and incentive mechanisms, encourage users to adopt privacy protection settings, and promote the deployment of privacy protection mechanisms in the network.

Mingjing Sun,Chengcheng Zhao,Jianping He,Peng Cheng,Daniel E. Quevedo

DOI: https://doi.org/10.1109/tnse.2020.3044590

IF: 6.6

2020-01-01

IEEE Transactions on Network Science and Engineering

Abstract:The privacy issue in data publication is critical and has been extensively studied. Correlation is unavoidable in data publication, which universally manifests intrinsic correlations owing to social, physical, behavioral, and genetic relationships. However, most of the existing works assume that private data is independent, i.e., the correlation among data is neglected. In this paper, we investigate the privacy concern of data publication where deterministic and probabilistic correlations are considered, respectively. Specifically, $(\varepsilon, \delta)$-multi-dimensional data-privacy (MDDP) is proposed to quantify the correlated data privacy. It characterizes the disclosure probability of the published data being jointly estimated with the correlation under a given accuracy. Then, we explore the effects of deterministic and probabilistic correlations on privacy disclosure, respectively. For both kinds of correlations, it is shown that the privacy disclosure with correlations increases compared to the one without correlation knowledge. Meanwhile, a closed-form expression of disclosure probability and a strict bound of privacy disclosure gain are derived, respectively. To minimize the disclosure probability, we provide the optimal noise distribution in the sense of $(\varepsilon, \delta)$-MDDP. Extensive simulations on a real dataset verify our analytical results.

Lei Xu,Chunxiao Jiang,Jian Wang,Yong Ren,Jian Yuan,Mohsen Guizani

DOI: https://doi.org/10.1109/ICC.2015.7249454

2015-01-01

Abstract:Privacy issues arising in the process of collecting, publishing and mining individuals' personal data have attracted much attention in recent years. In this paper, we consider a scenario where a data collector collects data from data providers and then publish the data to a data user. To protect data providers' privacy, the data collector performs anonymization on the data. Anonymization usually causes a decline of data utility on which the data user's profit depends, meanwhile, data providers' would provide more data if anonymity is strongly guaranteed. How to make a trade-off between privacy protection and data utility is an important question for data collector. In this paper we model the interactions among data providers/collector/user as a game, and propose a general approach to find the Nash equilibriums of the game. To elaborate the analysis, we also present a specific game formulation which takes k-anonymity as the anonymization method. Simulation results show that the game theoretical analysis can help the data collector to deal with the privacy-utility trade-off.

Jian-Zhe Zhao,Xing-Wei Wang,Ke-Ming Mao,Chen-Xi Huang,Yu-Kai Su,Yu-Chen Li

DOI: https://doi.org/10.1007/s11390-021-1754-5

IF: 1.871

2022-01-31

Journal of Computer Science and Technology

Abstract:Differential privacy (DP) is widely employed for the private data release in the single-party scenario. Data utility could be degraded with noise generated by ubiquitous data correlation, and it is often addressed by sensitivity reduction with correlation analysis. However, increasing multiparty data release applications present new challenges for existing methods. In this paper, we propose a novel correlated differential privacy of the multiparty data release (MP-CRDP). It effectively reduces the merged dataset’s dimensionality and correlated sensitivity in two steps to optimize the utility. We also propose a multiparty correlation analysis technique. Based on the prior knowledge of multiparty data, a more reasonable and rigorous standard is designed to measure the correlated degree, reducing correlated sensitivity, and thus improve the data utility. Moreover, by adding noise to the weights of machine learning algorithms and query noise to the release data, MP-CRDP provides the release technology for both low-noise private data and private machine learning algorithms. Comprehensive experiments demonstrate the effectiveness and practicability of the proposed method on the utilized Adult and Breast Cancer datasets.

computer science, software engineering, hardware & architecture

Yanan Li,Xuebin Ren,Shusen Yang,Xinyu Yang

DOI: https://doi.org/10.1109/tifs.2019.2895970

IF: 7.231

2019-01-01

IEEE Transactions on Information Forensics and Security

Abstract:It has been widely understood that differential privacy can guarantee rigorous privacy against adversaries with arbitrary prior knowledge. However, recent studies demonstrate that this may not be true for correlated data, and indicate that three factors could influence privacy leakage: the data correlation pattern, prior knowledge of adversaries, and sensitivity of the query function. This poses a fundamental problem: what is the mathematical relationship between the three factors and privacy leakage? In this paper, we present a unified analysis of this problem. A new privacy definition, named prior differential privacy (PDP), is proposed to evaluate privacy leakage considering the exact prior knowledge possessed by the adversary. We use two models, the weighted hierarchical graph and the multivariate Gaussian model, to analyze discrete and continuous data, respectively. We demonstrate that positive, negative, and hybrid correlations have distinct impacts on privacy leakage. Considering general correlations, a closed-form expression of privacy leakage is derived for continuous data, and a chain rule is presented for discrete data. Our results are valid for general linear queries, including count, sum, mean, and histogram. Numerical experiments are presented to verify our theoretical analysis.

Wang Hao,Xu Zhengquan,Jia Shan,Xia Ying,Zhang Xu

DOI: https://doi.org/10.1007/s11280-020-00825-8

2020-01-01

World Wide Web

Abstract:Although data analysis and mining technologies can efficiently provide intelligent and personalized services to us, data owners may not always be willing to share their true data because of privacy concerns. Recently, differential privacy (DP) technology has achieved a good trade-off between data utility and privacy guarantee by publishing noisy outputs. Nonetheless, DP still has a risk of privacy leakage when handling correlated data directly. Current schemes attempt to extend DP to publish correlated data, but are faced with the challenge of violating DP or low-level data utility. In this paper, we try to explore the essential cause of this inapplicability. Specifically, we suppose that this inapplicability is caused by the different correlations between noise and original data. To verify our supposition, we propose the notion of Correlation-Distinguishability Attack (CDA) to separate IID (Independent and Identically Distributed) noise from correlated data. Furthermore, taking time series as an example, we design an optimum filter to realize CDA in practical applications. Experimental results support our supposition and show that, the privacy degree of current approaches has a degradation under CDA.

Rui Chen, Benjamin CM Fung, Philip S Yu, Bipin C Desai

2014-08-01

Abstract:With the increasing prevalence of information networks, research on privacy-preserving network data publishing has received substantial attention recently. There are two streams of relevant research, targeting different privacy requirements. A large body of existing works focus on preventing node re-identification against adversaries with structural background knowledge, while some other studies aim to thwart edge disclosure. In general, the line of research on preventing edge disclosure is less fruitful, largely due to lack of a formal privacy model. The recent emergence of differential privacy has shown great promise for rigorous prevention of edge disclosure. Yet recent research indicates that differential privacy is vulnerable to data correlation, which hinders its application to network data that may be inherently correlated. In this paper, we show that differential privacy could be tuned to provide provable …

Lei Cui,Youyang Qu,Mohammad Reza Nosouhi,Shui Yu,Jian-Wei Niu,Gang Xie

DOI: https://doi.org/10.1007/s11390-019-1910-3

IF: 1.871

2019-01-01

Journal of Computer Science and Technology

Abstract:Due to dramatically increasing information published in social networks, privacy issues have given rise to public concerns. Although the presence of differential privacy provides privacy protection with theoretical foundations, the trade-off between privacy and data utility still demands further improvement. However, most existing studies do not consider the quantitative impact of the adversary when measuring data utility. In this paper, we firstly propose a personalized differential privacy method based on social distance. Then, we analyze the maximum data utility when users and adversaries are blind to the strategy sets of each other. We formalize all the payoff functions in the differential privacy sense, which is followed by the establishment of a static Bayesian game. The trade-off is calculated by deriving the Bayesian Nash equilibrium with a modified reinforcement learning algorithm. The proposed method achieves fast convergence by reducing the cardinality from n to 2. In addition, the in-place trade-off can maximize the user's data utility if the action sets of the user and the adversary are public while the strategy sets are unrevealed. Our extensive experiments on the real-world dataset prove the proposed model is effective and feasible.

Hao Wang,Huan Wang

DOI: https://doi.org/10.1093/comjnl/bxab014

2021-01-01

Abstract:Differential privacy has made a significant progress in numerical data preserving. Compared with numerical data, non-numerical data (e.g. entity object) are also widely applied in intelligent processing tasks. But non-numerical data may reveal more user's privacy. Recently, researchers attempt to take advantage of the exponential mechanism of differential privacy to solve this challenge. Nonetheless, exponential mechanism has a drawback in correlated data protection, which can not achieve expected privacy degree. To remedy this issue, in this paper, an effective correlated non-numerical data release mechanism is proposed by defining the notion of Correlation-Indistinguishability and designing a correlated exponential mechanism to realize Correlation-Indistinguishability in practice. Inspired by the concept of indistinguishability, Correlation-Indistinguishability can guarantee the correlations of the probability distributions between the output distribution and original data the same to an adversary. In addition, we would rather let two Gaussian white samples pass through a designed filter, to realize the definition of Correlation-Indistinguishability, than using independent exponential variables. Experimental evaluation demonstrates that our mechanism outperforms current schemes in terms of security and utility for frequent items mining.

Xiaohui Li,Chaoyang Chen,Feng Liu,Bo Li,Yajun Wang

DOI: https://doi.org/10.1088/1757-899x/719/1/012011

2020-01-01

Abstract:In order to protect the user privacy in the big data environment, We propose a security method based on game theory through trust management mechanism. The main contribution of this paper include:(1) analysis service game relationship in the big data environment,(2)combine trust evaluation with decision management, and apply game theory to design a user-centric scheme to protect privacy,(3)proposing a service selection method. By using game theory to restrict the service interaction between the users and services in big data, we introduce some factors corresponding game model. we then apply the trust evaluation and decision management to describe the relationship and trust quantify in which we propose a method for service selection to implement user privacy protection. Simulation results show that the proposed method is effective and can apply the dynamic game of incomplete information relationship between user and service to make decisions on the service selection, thus providing customized privacy protection.

GE Xin-jing,ZHU Jian-ming

DOI: https://doi.org/10.3969/j.issn.1002-137x.2011.11.037

2011-01-01

Computer Science

Abstract:Privacy preserving distributed data mining has become an important issue in the data mining.Based on economic perspectives,game theory has been applied to privacy preserving data mining,which is a relatively new area of research.This paper studied the strategies of parties(two-party or multi-party) by using a complete information static game theory framework for the privacy preserving distributed data mining,where each party tries to maximize its own utility.Research results show that the semi-honest adversary strategy of parties(two-party or multi-party) is Pareto dominance and Nash equilibrium under certain conditions in distributed data mining;and non-collusion strategy of parties(multi-party) is not a Nash equilibrium under the assumption of semi-honest adversary behavior,then the mixed strategy Nash equilibrium was given.So this paper has some theoretical and practical implication for the strategy of parties in privacy preserving distributed data mining.

Lei Wang,Kemi Ding,Yan Leng,Xiaoqiang Ren,Guodong Shi

DOI: https://doi.org/10.1109/tcns.2024.3398729

IF: 4.347

2024-01-01

IEEE Transactions on Control of Network Systems

Abstract:In this paper, we develop distributed computation algorithms for Nash equilibriums of linear quadratic network games with proven differential privacy guarantees. In a network game with each player's payoff being a quadratic function, the dependencies of the decisions in the payoff function naturally encode a network structure governing the players' inter-personal influences. Such social influence structure and the individual marginal payoffs of the players indicate economic spillovers and individual preferences, and thus they are subject to privacy concerns. For distributed computing of the Nash equilibrium, the players are interconnected by a public communication graph, over which dynamical states are shared among neighboring nodes. When the players' marginal payoffs are considered to be private knowledge, we propose a distributed randomized gradient descent algorithm, in which each player adds a Laplacian random noise to her marginal payoff in the recursive updates. It is proven that the algorithm can guarantee differential privacy and convergence in expectation to the Nash equilibrium of the network game at each player's state. Moreover, the mean-square error between the players' states and the Nash equilibrium is shown to be bounded by a constant related to the differential privacy level. Next, when both the players' marginal payoffs and the influence graph are private information, we propose two distributed algorithms by randomized communication and randomized projection, respectively, for privacy preservation. The differential privacy and convergence guarantees are also established for such algorithms.

DOI: https://doi.org/10.1186/s40537-023-00705-8

2023-03-09

Journal Of Big Data

Abstract:Data are often correlated in real-world datasets. Existing data privacy algorithms did not consider data correlation an inherent property of datasets. This data correlation caused privacy leakages that most researchers left unnoticed. Such privacy leakages are often caused by homogeneity, background knowledge, and linkage attacks, and the probability of such attacks increases with the magnitude of correlation among data. This problem further got magnified by the large size of real-world datasets, and we refer to these large datasets as 'Big Data.' Several researchers proposed algorithms using machine learning models, correlation analysis, and data privacy algorithms to prevent privacy leakages due to correlation in large-sized data. The current proposed work first analyses the correlation among data. We studied the Mutual Information Correlation analysis technique and the distance correlation analysis technique for data correlation analysis. We found out distance correlation analysis technique to be more accurate for high-dimensional data. It then divides the data into blocks using the correlation computed earlier and applies the differential privacy algorithm to ensure the data privacy expectations. The results are derived based upon multiple parameters such as data utility, mean average error, variation with data size, and privacy budget values. The results showed that the proposed methodology provides better data utility when compared to the works of other researchers. Also, the data privacy commitments offered by the proposed method are comparable to the other results. Thus, the proposed methodology gives a better data utility while maintaining the required data privacy commitments.

Lei Xu,Chunxiao Jiang,Yi Qian,Yong Ren

DOI: https://doi.org/10.1007/978-3-319-77965-2_2

2018-01-01

Abstract:Collecting and publishing personal data may lead to the disclosure of individual privacy. In this chapter, we consider a scenario where a data collector collects data from data providers and then publish the data to a data miner. To protect data providers’ privacy, the data collector performs anonymization on the data. Anonymization usually causes a decline of data utility on which the data miner’s profit depends, meanwhile, data providers would provide more data if anonymity is strongly guaranteed. How to make a trade-off between privacy protection and data utility is an important question for data collector. We model the interactions among data providers, data collector and data miner as a game. A backward induction-based approach is proposed to find the Nash equilibria of the game. To elaborate the analysis, we also present a specific game formulation which uses k-anonymity as the privacy model. Simulation results show that the game theoretic analysis can help the data collector to achieve a better trade-off between privacy and utility.

Ningbo Wu,Changgen Peng,Kun Niu

DOI: https://doi.org/10.1109/access.2020.3041854

IF: 3.9

2020-01-01

IEEE Access

Abstract:Local differential privacy (LDP) is an effective privacy-preserving model to address the problems which do not have a trusted entity. The main idea of the LDP is to add randomness in real data to guarantee individual's private sensitive information. Here, the technology of randomized response is an effective method to realize the LDP mechanism. In fact, the randomized response is a probabilistic mapping from the real data to perturbed data, which can be modeled as an information-theoretic lossy compression mechanism. What's more, the privacy budget ϵ has become a de facto standard to quantify the worst-case privacy leakage. However, such a metrics can not capture the question that which one is the optimal privacy mechanism in a set of equivalent ϵ-privacy mechanisms. Besides, the privacy and utility are closely correlated with the privacy mechanism, and existing methods do not consider the strategic adversary's behavior. In this paper, we tackle the problem of tradeoffs privacy and utility under the rational framework within an information-theoretic approach as the metrics. To address the problem, we first formulate this trade-off as a minimax information leakage problem. Then, we propose a privacy preserving attack and defense (PPAD) game framework, that is, a two-person zero-sum (TPZS) game. Further, we develop an alternating optimization algorithm to compute the saddle point of the proposed PPAD game. As a case study, we apply our method to compare several alternative ln2-privacy mechanisms, the experimental result demonstrates that can provide an effective method to compare equivalent ϵ-privacy mechanisms. Furthermore, the numeric simulation result confirms that the proposed method also be useful for the protector to assess privacy disclosure risks.

Shuying Qin,Chongrong Fang,Jianping He

DOI: https://doi.org/10.1109/mass56207.2022.00059

2022-01-01

Abstract:Differential privacy is a widely-used metric, which provides rigorous privacy definitions and strong privacy guarantees. Much of the existing studies on differential privacy are based on datasets where the tuples are independent, and thus are not suitable for correlated data protection. In this paper, we focus on correlated differential privacy, by taking the data correlations and the prior knowledge of the initial data into account. The data correlations are modeled by Bayesian conditional probabilities, and the prior knowledge refers to the exact values of the data. We propose general correlated differential privacy conditions for the discrete and continuous random noise-adding mechanisms, respectively. In case that the conditions are inaccurate due to the insufficient prior knowledge, we introduce the tuple dependence based on rough set theory to improve the correlated differential privacy conditions. The obtained theoretical results reveal the relationship between the correlations and the privacy parameters. Moreover, the improved privacy condition helps strengthen the mechanism utility. Finally, evaluations are conducted over a micro-grid system to verify the privacy protection levels and utility guaranteed by correlated differential private mechanisms.