Wei Qi Yan,Feng Liu

DOI: https://doi.org/10.1007/978-3-319-30285-0_29

2016-01-01

Abstract:Privacy preservation as a thorny problem in surveillance has been arisen because of its relevance to human right, however it has not been completely solved yet today. In this paper, we investigate this existing problem and expect to get ride of those intuitive methods such as pixelization, blurring or mosaicking on human face regions through object tracking. We detail privacy preservation at event level and thereafter choose suitable events represented by motion pictures in virtual reality to replace those events of surveillance in real reality. The advantage of taking use of this approach is to leverage the utility and privacy of surveillance events. The outcome will not affect visual effects and surveillance security much however it is able to achieve the objectives of privacy preservation.

Yi Guo,Shunan Guo,Zhuochen Jin,Smiti Kaul,David Gotz,Nan Cao

DOI: https://doi.org/10.48550/arXiv.2006.14291

2020-06-25

Abstract:Event sequence data record series of discrete events in the time order of occurrence. They are commonly observed in a variety of applications ranging from electronic health records to network logs, with the characteristics of large-scale, high-dimensional, and heterogeneous. This high complexity of event sequence data makes it difficult for analysts to manually explore and find patterns, resulting in ever-increasing needs for computational and perceptual aids from visual analytics techniques to extract and communicate insights from event sequence datasets. In this paper, we review the state-of-the-art visual analytics approaches, characterize them with our proposed design space, and categorize them based on analytical tasks and applications. From our review of relevant literature, we have also identified several remaining research challenges and future research opportunities.

Human-Computer Interaction

Kaustav Bhattacharjee,Akm Islam,Jaideep Vaidya,Aritra Dasgupta

DOI: https://doi.org/10.1109/VizSec56996.2022.9941431

2022-08-13

Abstract:Open data sets that contain personal information are susceptible to adversarial attacks even when anonymized. By performing low-cost joins on multiple datasets with shared attributes, malicious users of open data portals might get access to information that violates individuals' privacy. However, open data sets are primarily published using a release-and-forget model, whereby data owners and custodians have little to no cognizance of these privacy risks. We address this critical gap by developing a visual analytic solution that enables data defenders to gain awareness about the disclosure risks in local, joinable data neighborhoods. The solution is derived through a design study with data privacy researchers, where we initially play the role of a red team and engage in an ethical data hacking exercise based on privacy attack scenarios. We use this problem and domain characterization to develop a set of visual analytic interventions as a defense mechanism and realize them in PRIVEE, a visual risk inspection workflow that acts as a proactive monitor for data defenders. PRIVEE uses a combination of risk scores and associated interactive visualizations to let data defenders explore vulnerable joins and interpret risks at multiple levels of data granularity. We demonstrate how PRIVEE can help emulate the attack strategies and diagnose disclosure risks through two case studies with data privacy experts.

Cryptography and Security,Computers and Society

Jiehui Zhou,Xumeng Wang,Jason K. Wong,Huanliang Wang,Zhongwei Wang,Xiaoyu Yang,Xiaoran Yan,Haozhe Feng,Huamin Qu,Haochao Ying,Wei Chen

DOI: https://doi.org/10.1109/tvcg.2022.3209391

IF: 5.2

2022-12-21

IEEE Transactions on Visualization and Computer Graphics

Abstract:Data privacy is an essential issue in publishing data visualizations. However, it is challenging to represent multiple data patterns in privacy-preserving visualizations. The prior approaches target specific chart types or perform an anonymization model uniformly without considering the importance of data patterns in visualizations. In this paper, we propose a visual analytics approach that facilitates data custodians to generate multiple private charts while maintaining user-preferred patterns. To this end, we introduce pattern constraints to model users' preferences over data patterns in the dataset and incorporate them into the proposed Bayesian network-based Differential Privacy (DP) model PriVis. A prototype system, DPVisCreator, is developed to assist data custodians in implementing our approach. The effectiveness of our approach is demonstrated with quantitative evaluation of pattern utility under the different levels of privacy protection, case studies, and semi-structured expert interviews.

computer science, software engineering

Hongbo Liu,Ziliang Wu,Erqing Zhang,Zhaosong Huang,Mingliang Xu,Lechao Cheng,Minfeng Zhu,Wei Chen

DOI: https://doi.org/10.1016/j.cag.2023.07.031

IF: 1.821

2023-01-01

Computers & Graphics

Abstract:Visual querying of location-based data assists users in expressing query requirements, investigating query results and making inferences. However, directly accessing data records exposes individual location information and may cause privacy issues. Conventional aggregation-based methods can preserve location-relevant privacy but may lead to the loss of detailed information and failure of analysis. Visualization aids users in gaining a deeper comprehension of the query process and the variation of information concerning privacy-preservation. In this paper, we present a privacy-aware visual query approach for location-based data. We propose a graph-based privacy-preserving scheme to protect location privacy in the visualization, and two visual metaphors to enhance understandings of information-variation in the privacy-preserving process. We design and implement a visual interface that supports a progressive process of query conditions specification and query results exploration. Experiments on real-world urban datasets demonstrate that our approach is capable of making a fair balance between location privacy and data analysis.

Songheng Zhang,Dong Ma,Yong Wang

2023-05-21

Abstract:Data visualizations have been widely used on mobile devices like smartphones for various tasks (e.g., visualizing personal health and financial data), making it convenient for people to view such data anytime and anywhere. However, others nearby can also easily peek at the visualizations, resulting in personal data disclosure. In this paper, we propose a perception-driven approach to transform mobile data visualizations into privacy-preserving ones. Specifically, based on human visual perception, we develop a masking scheme to adjust the spatial frequency and luminance contrast of colored visualizations. The resulting visualization retains its original information in close proximity but reduces the visibility when viewed from a certain distance or further away. We conducted two user studies to inform the design of our approach (N=16) and systematically evaluate its performance (N=18), respectively. The results demonstrate the effectiveness of our approach in terms of privacy preservation for mobile data visualizations.

Human-Computer Interaction,Cryptography and Security

Shouling Ji,Weiqing Li,Prateek Mittal,Xin Hu,Raheem Beyah

2015-01-01

Abstract:In this paper, we analyze and systematize the state-of-the-art graph data privacy and utility techniques. Specifically, we propose and develop SecGraph (available at [1]), a uniform and open-source Secure Graph data sharing/publishing system. In SecGraph, we systematically study, implement, and evaluate 11 graph data anonymization algorithms, 19 data utility metrics, and 15 modern Structure-based De-Anonymization (SDA) attacks. To the best of our knowledge, SecGraph is the first such system that enables data owners to anonymize data by state-of-the-art anonymization techniques, measure the data's utility, and evaluate the data's vulnerability against modern De-Anonymization (DA) attacks. In addition, SecGraph enables researchers to conduct fair analysis and evaluation of existing and newly developed anonymization/DA techniques. Leveraging SecGraph, we conduct extensive experiments to systematically evaluate the existing graph data anonymization and DA techniques. The results demonstrate that (i) most anonymization schemes can partially or conditionally preserve most graph utilities while losing some application utility; (ii) no DA attack is optimum in all scenarios. The DA performance depends on several factors, e.g., similarity between anonymized and auxiliary data, graph density, and DA heuristics; and (iii) all the state-of-the-art anonymization schemes are vulnerable to several or all of the modern SDA attacks. The degree of vulnerability of each anonymization scheme depends on how much and which data utility it preserves.

Xiaofeng Ding,Cui Wang,Kim-Kwang Raymond Choo,Hai Jin

DOI: https://doi.org/10.1109/tkde.2019.2931903

IF: 9.235

2019-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:The need to efficiently store and query large scale graph datasets is evident in the growing number of data-intensive applications, particularly to maximize the mining of intelligence from these data (e.g., to inform decision making). However, directly releasing graph dataset for analysis may leak sensitive information of an individual even if the graph is anonymized, as demonstrated by the re-identification attacks on the DBpedia datasets. A key challenge in the design of graph sanitization methods is scalability, as existing execution models generally have significant memory requirements. In this paper, we propose a novel $k$<math>k</math>-decomposition algorithm and define a new information loss matrix designed for utility measurement in massively large graph datasets. We also propose a novel privacy preserving framework that can be seamlessly integrated with graph storage, anonymization, query processing, and analysis. Our experimental studies show that the proposed solution achieves privacy-preserving, utility, and efficiency.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Jin Qian,Mingchen Zheng,Ying Yu,Chuanpeng Zhou,Duoqian Miao

DOI: https://doi.org/10.1016/j.ins.2024.121316

IF: 8.1

2024-01-01

Information Sciences

Abstract:Data anonymization is one of the common techniques for ensuring data security and privacy. However, the existing anonymization techniques often suffer lower execution efficiency and unnecessary information loss when dealing with complex data. Therefore, we propose a dynamic anonymity privacy-preserving model based on hierarchical sequential three-way decisions. Specifically, we first divide the data into multiple granularity spaces by attributes and dynamically process the data in the granularity spaces. Then, in a single granularity space, we construct a generalization hierarchy for the data based on the attributes generalization trees and divide it into the positive, negative and boundary regions based on anonymous parameter. Next, we can acquire the positive and boundary regions by generalization and dynamically update the processed data at the next granularity. After that, we suppress the data in the final negative and boundary regions while releasing the positive region. To further improve data availability, we combine the idea of differential privacy by adding noise data to the final boundary region enabling its release and propose an enhanced anonymity model. Finally, we compare our proposed algorithms with other methods on six datasets. Experimental results show that our method effectively reduces processing costs, improves data usability and protects data privacy.

Xiang-Yang Li,Chunhong Zhang,Taeho Jung,Jianwei Qian,Linlin Chen

DOI: https://doi.org/10.1109/infocom.2016.7524584

2016-01-01

Abstract:We propose a graph-based framework for privacy preserving data publication, which is a systematic abstraction of existing anonymity approaches and privacy criteria. Graph is explored for dataset representation, background knowledge specification, anonymity operation design, as well as attack inferring analysis. The framework is designed to accommodate various datasets including social networks, relational tables, temporal and spatial sequences, and even possible unknown data models. The privacy and utility measurements of the anonymity datasets are also quantified in terms of graph features. Our experiments show that the framework is capable of facilitating privacy protection by different anonymity approaches for various datasets with desirable performance.

Li Zheng,Gang Yu,Yuntian Zheng

DOI: https://doi.org/10.1007/s11265-023-01836-0

2023-02-01

Journal of Signal Processing Systems

Abstract:Data visualization is an important approach for data analysis, which can reveal the patterns and characteristics of complex datasets through visual processing, and provide aid for data analysts. In recent years, with the expansion of Internet users and the rich diversity of various Internet applications, the importance of network security is increasing. In the field of network security data analysis, it is a developing direction to use data visualization methods and visual analysis tools to assist manual analysis. In this paper, a visualization system for network security data is designed and implemented, which is mainly based on network flow records and security policies. The node centrality measurement and high-dimensional data visualization methods are comprehensively applied, and an interactive visualization approach is proposed. The IP topology is presented in three different view modes: static analysis, temporal analysis and exploration analysis. In addition, the high-dimensional projection map takes flow, security policy and IP address as analysis objects and selects several dimensional features as indicators. After visual presentation, the distribution of the stream set and IP set contained in the record after projection in the selected dimension space can be obtained, so that the analyst can find the points with significant abnormal eigenvalue distribution, and deduce the possible situation based on this. After testing, the system can accept the new original data record file, and quickly generate the corresponding visualization content, which can be used for the visualization analysis of network security optimization tool software, and has been used in the actual system.

computer science, information systems,engineering, electrical & electronic

Lidan Shou,Xuan Shang,Ke Chen,Gang Chen,Chao Zhang

DOI: https://doi.org/10.1109/tkde.2011.249

IF: 9.235

2013-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Time series is an important form of data available in numerous applications and often contains vast amount of personal privacy. The need to protect privacy in time-series data while effectively supporting complex queries on them poses nontrivial challenges to the database community. We study the anonymization of time series while trying to support complex queries, such as range and pattern matching queries, on the published data. The conventional k-anonymity model cannot effectively address this problem as it may suffer severe pattern loss. We propose a novel anonymization model called (k, P)-anonymity for pattern-rich time series. This model publishes both the attribute values and the patterns of time series in separate data forms. We demonstrate that our model can prevent linkage attacks on the published data while effectively support a wide variety of queries on the anonymized data. We propose two algorithms to enforce (k, P)-anonymity on time-series data. Our anonymity model supports customized data publishing, which allows a certain part of the values but a different part of the pattern of the anonymized time series to be published simultaneously. We present estimation techniques to support query processing on such customized data. The proposed methods are evaluated in a comprehensive experimental study. Our results verify the effectiveness and efficiency of our approach.

Xuebin Ren,Shuyang Wang,Xianghua Yao,Chia-Mu Yu,Wei Yu,Xinyu Yang

DOI: https://doi.org/10.1007/978-3-030-23597-0_22

2019-01-01

Abstract:Continuous publication of statistics over user-generated streams can provide timely data monitoring and analysis for various applications. Nonetheless, such published statistics may reveal the details of individuals’ sensitive status or activities. To guarantee the privacy for event occurrences in data streams, based on the known privacy standard of $$\varepsilon $$-differential privacy, w-event privacy has been proposed to hide multiple events occurring at continuous time instances. Nonetheless, the too strict requirement of w-event privacy makes it hard to achieve effective privacy protection with high data utility in many real-world scenarios. To this end, in this paper we propose a novel notion of average w-event privacy and the first Lyapunov optimization-based privacy-preserving scheme on infinite streams, aiming to obtain higher data utility while satisfying a relatively stable privacy guarantee for whole streams. In particular, we first formulate both our proposed privacy definition and the utility loss function of statistics publishing in a stream setting. We then design a Lyapunov optimization-based scheme with a detailed algorithm to maximize the publishing data utility under the requirement of our privacy notion. Finally, we conduct extensive experiments on both synthetic and real-world datasets to confirm the effectiveness of our scheme.

Helen Wilfred Raj,S. Balachandran

DOI: https://doi.org/10.3844/JCSSP.2020.194.201

2020-02-01

Journal of Computer Science

Abstract:Bigdata era is seeing the data burst occurring in a multitude of angles that are better expressed in terms of the 4Vs (Volume, Velocity, Velocity, Veracity). While trying to infer information from data, care should be exercised as not to reveal the identity of the data owner, which breaches the privacy rights. Leakage of information can happen right from the data collection point, at the data storage area, followed by the distribution of data to data users/miners and finally with published results. A cross-matching of all these points with the 4Vs (growing still) of big data, puts a huge challenge on how to extract the maximum possible information, without compromising on the privacy of the data owner. Anonymization of the original data should be done at one or more of the above-mentioned stages before the data are given for the mining process. This work makes a survey of the various anonymization techniques followed to transform the data in such a way that the privacy of the data owner is not compromised. Also, the sample data drawn should resemble and represent the original dataset in the maximum possible number of dimensions. The results of the various methodologies have been analyzed and the observations have been presented.

Computer Science

Shouling Ji,Prateek Mittal,Raheem Beyah

DOI: https://doi.org/10.1109/comst.2016.2633620

2017-01-01

Abstract:Nowadays, many computer and communication systems generate graph data. Graph data span many different domains, ranging from online social network data from networks like Facebook to epidemiological data used to study the spread of infectious diseases. Graph data are shared regularly for many purposes including academic research and for business collaborations. Since graph data may be sensitive, data owners often use various anonymization techniques that often compromise the resulting utility of the anonymized data. To make matters worse, there are several state-of-the-art graph data de-anonymization attacks that have proven successful in recent years. In this paper, we survey the graph data anonymization, de-anonymization, and de-anonymizability quantification techniques in the past decade. Specifically, we systematically classify, summarize, and analyze state-of-the-art graph data anonymization, de-anonymization, and de-anonymizability quantification techniques. For existing graph data anonymization techniques, we classify them into six categories and analyze their utility performance with respect to 15 fundamental graph utility metrics and seven high-level application utility metrics. For existing de-anonymization attacks, we classify them into two categories and examine their performance with respect to scalability, practicability, robustness, etc. We also analyze the resistance of existing graph anonymization techniques against existing graph de-anonymizaiton attacks. For existing de-anonymizability quantifications, we classify them according to whether they consider seed information or not, and analyze them in terms of their soundness. Our analysis demonstrates that: 1) most anonymization schemes can partially or conditionally preserve most graph utility while losing some application utility and 2) state-of-the-art anonymization schemes are vulnerable to several or all of the emerging structure-based de-anonymization attacks. The actual vulnerability of each anonymization algorithm depends on how much and which data utility it preserves. Based on our summarization and analysis, we discuss the research evolution, future directions, and challenges in the research area of graph data anonymization, de-anonymization, and de-anonymizability quantification.

Xiao Xie,Moqi He,Yingcai Wu

DOI: https://doi.org/10.48550/arXiv.2008.11899

2020-08-27

Abstract:Understanding the relation of events plays an important role in different domains, such as identifying the reasons for users' certain actions from application logs as well as explaining sports players' behaviors according to historical records. Co-occurrence has been widely used to characterize the relation of events. However, insights provided by the co-occurrence relation are vague, which leads to difficulties in addressing domain problems. In this paper, we use causation to model the relation of events and present a visualization approach for conducting the causation analysis of event sequences. We integrate automatic causal discovery methods into the approach and propose a model for detecting event causalities. Considering the interpretability, we design a novel visualization named causal flow to integrate the detected causality into timeline-based event sequence visualizations. With this design, users can understand the occurrence of certain events and identify the causal pathways. We further implement an interactive system to help users comprehensively analyze event sequences. Two case studies are provided to evaluate the usability of the approach.

Human-Computer Interaction

Yang Lu,Junxian Li,Zhitong Cui,Jiapeng Hu,Yanna Lin,Shijian Luo

DOI: https://doi.org/10.1145/3664647.3681460

2024-01-01

Abstract:Virtual reality (VR) is a revolutionary method of presenting data visualizations, which brings potential possibilities for enhancing analytical activities. However, applying this method to visualize complex data flows remains largely underexplored, especially the Sankey diagrams, which have an advantageous capacity to represent trends in data flows. In this work, we explored a novel design for the immersive Sankey diagram system within VR environments, utilizing a three-dimensional visual design and several interaction techniques that leveraged VR's spatial and immersive capabilities. Through two comparative user studies, we found the effectiveness of the VR Sankey diagram system in improving task performance and engagement and reducing cognitive workload in complex data analysis. We contribute an interactive, immersive Sankey diagram system in VR environments, empirical evidence of its advantages, and design lessons for future immersive visualization tools.

Yang Li,Michael Purcell,Thierry Rakotoarivelo,David Smith,Thilina Ranbaduge,Kee Siong Ng

DOI: https://doi.org/10.1145/3569085

IF: 16.6

2023-02-24

ACM Computing Surveys

Abstract:The application of graph analytics to various domains has yielded tremendous societal and economical benefits in recent years. However, the increasingly widespread adoption of graph analytics comes with a commensurate increase in the need to protect private information in graph data, especially in light of the many privacy breaches in real-world graph data that were supposed to preserve sensitive information. This article provides a comprehensive survey of private graph data release algorithms that seek to achieve the fine balance between privacy and utility, with a specific focus on provably private mechanisms. Many of these mechanisms are natural extensions of the Differential Privacy framework to graph data, but we also investigate more general privacy formulations like Pufferfish Privacy that address some of the limitations of Differential Privacy. We also provide a wide-ranging survey of the applications of private graph data release mechanisms to social networks, finance, supply chain, and health care. This article should benefit practitioners and researchers alike in the increasingly important area of private analytics and data release.

computer science, theory & methods

Bo Jiang,Ming Li,Ravi Tandon

2023-07-26

Abstract:Publishing streaming data in a privacy-preserving manner has been a key research focus for many years. This issue presents considerable challenges, particularly due to the correlations prevalent within the data stream. Existing approaches either fall short in effectively leveraging these correlations, leading to a suboptimal utility-privacy tradeoff, or they involve complex mechanism designs that increase the computation complexity with respect to the sequence length. In this paper, we introduce Sequence Information Privacy (SIP), a new privacy notion designed to guarantee privacy for an entire data stream, taking into account the intrinsic data correlations. We show that SIP provides a similar level of privacy guarantee compared to local differential privacy (LDP), and it also enjoys a lightweight modular mechanism design. We further study two online data release models (instantaneous or batched) and propose corresponding privacy-preserving data perturbation mechanisms. We provide a numerical evaluation of how correlations influence noise addition in data streams. Lastly, we conduct experiments using real-world data to compare the utility-privacy tradeoff offered by our approaches with those from existing literature. The results reveal that our mechanisms offer utility improvements more than twice those based on LDP-based mechanisms.

Cryptography and Security

Ye Tao,Anand D. Sarwate,Sandeep Panta,Sergey Plis,Vince Calhoun

DOI: https://doi.org/10.1101/2024.10.11.617267

2024-10-15

Abstract:Privacy protection is important in visualization due to the risk of leaking personal sensitive information. In this paper, we study the problem of privacy-preserving visualizations using differential privacy, employing biomedical data from neuroimaging as a use case. We investigate several approaches based on perturbing correlation values and characterize their privacy cost and the impact of pre- and post-processing. To obtain a better privacy/visual utility tradeoff, we propose workflows for connectogram and seed-based connectivity visualizations, respectively. These workflows successfully generate visualizations similar to their non-private counterparts. Experiments show that qualitative assessments can be preserved while guaranteeing privacy. These results show that differential privacy is a promising method for protecting sensitive information in data visualization.

Neuroscience