Xiuwen Liu,Yanjiao Chen

DOI: https://doi.org/10.1016/j.comnet.2022.109507

2022-01-01

SSRN Electronic Journal

Abstract:In mobile crowdsensing systems, the public crowd are required to report data with actual locations under location privacy vulnerabilities. Moreover, even sensing data itself further deepens location privacy breaches. Existing works allow each worker to consider his own privacy, but the accumulated privacy budget will lower down group data privacy of each sensing region. Moreover, multi-region spatial data correlations indicate that multi-group correlated data privacy may be leaked from each other. To this end, we develop a novel MCS framework, called GDA-Crowd(Group effect-based Data Aggregation), which consists of three parts: location obfuscation and aggregation, group effect-based data privacy and aggregation, and incentive mechanism. We start from individual location privacy guarantee and propose a location aggregation method to cluster workers into groups. Then, we exploit intra-group effect, i.e., data privacy interdependence under the judicious selection of workers’ participation, to enhance privacy-accuracy balance. Moreover, multi-group global histogram incorporates inter-group effect, i.e., correlated privacy loss from spatial data correlations, into inter-group data aggregation. Finally, we design a truthful, individually rational and computationally efficient incentive mechanism for participant selection. The synopsis of contributions includes dual privacy protection, dual group effect for desirable privacy-accuracy tradeoff, synergies among incentive mechanism, privacy-preserving data aggregation for approximate optimality. Theoretical analysis and extensive experiments validate our effectiveness and superiority.

Yandong Zheng,Rongxing Lu,Hui Zhu,Songnian Zhang,Yunguo Guan,Jun Shao,Fengwei Wang,Hui Li

DOI: https://doi.org/10.1109/tifs.2022.3231785

IF: 7.231

2023-01-04

IEEE Transactions on Information Forensics and Security

Abstract:The advance of cloud computing has driven a new paradigm of outsourcing large-scale data and data-driven services to public clouds. Due to the increased awareness of privacy protection, many studies have focused on addressing security and privacy issues in outsourced query services. Although many privacy-preserving schemes have been proposed for various query types, the set reverse k nearest neighbors (RkNN) query is still an unexplored area. Even if some existing schemes can be adapted to achieve privacy-preserving set RkNN queries, they will suffer from linear search efficiency. As a steppingstone, in this paper, we propose an efficient and privacy-preserving set RkNN query scheme over encrypted data with sublinear query efficiency. Specifically, we first design an inverted prefix index to organize the set dataset and propose an algorithm to traverse the index with sublinear search efficiency. Then, we propose two oblivious data comparison protocols based on a symmetric homomorphic encryption (SHE) scheme and design the private filter/refinement protocols to preserve the privacy of index searching. After that, we propose an access pattern privacy-preserving set RkNN query scheme by using private filter/refinement protocols. Rigorous security analysis demonstrates that our scheme can protect data privacy and access pattern privacy. Experimental results indicate that our scheme is more efficient than the available naive solution in terms of computational costs and communication overheads.

computer science, theory & methods,engineering, electrical & electronic

Yandong Zheng,Rongxing Lu,Songnian Zhang,Jun Shao,Hui Zhu

DOI: https://doi.org/10.1109/tdsc.2024.3376084

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:As one of the most popular queries in big data era, the $k$ nearest neighbors ($k$NN) query plays a significant role in various applications, such as medical diagnosis, signal processing, and recommendation systems. Meanwhile, driven by the advancement of the cloud service, an emerging trend among applications is to outsource the dataset and the corresponding $k$NN query services to the cloud. However, as the cloud is not fully trusted, those applications will face vital privacy concerns, and thus they usually encrypt data before outsourcing them to the cloud. Because encrypted data are outsourced to cloud, the $k$NN query over encrypted data has become increasingly attractive, and many solutions have been put forth in recent years. However, existing solutions cannot fully satisfy the objects of returning exact query results, protecting database privacy and query privacy, achieving high query efficiency, and imposing low computational costs at the user side. To address these issues, in this paper, we propose a new practical and privacy-preserving $k$NN query scheme. Specifically, we first refine the general security requirements for the matrix encryption by systematically analyzing existing algorithms. Then, we design a novel asymmetric matrix encryption (AME) to securely achieve Euclidean distance computation and two distances comparison in a single-party and non-interactive way. Then, based on the AME scheme, we propose a privacy-preserving $k$NN query scheme, in which a max-heap of size $k$ is used to accelerate query efficiency. Detailed security analysis shows that our proposed scheme is really privacy-preserving. In addition, extensive performance evaluations are conducted, and the results demonstrate that our proposed scheme is also highly efficient.

computer science, information systems, software engineering, hardware & architecture

Lian Huijuan,Qiu Weidong,Yan Di,Huang Zheng,Tang Peng

DOI: https://doi.org/10.1007/s12083-020-00909-2

IF: 3.488

2020-01-01

Peer-to-Peer Networking and Applications

Abstract:k-nearest neighbor (k-NN) query is widely applied to various networks, such as mobile Internet, peer-to-peer (P2P) network, urban road networks, and so on. The location-based service in the outsourced environment has become a research hotspot with the rise of cloud computing. Meanwhile, various privacy issues have been increasingly prominent. We propose an efficient privacy-preserving query protocol to accomplish the k-nearest neighbor (k-NN) query processing on outsourced data. We adopt the Moore curve to transform the spatial data into one-dimensional sequence and utilize the AES to encrypt the original data. According to the cryptographic transformation, the proposed protocol can minimize the communication overhead to achieve efficient k-NN query while protecting the spatial data and location privacy. Furthermore, the proposed efficient scheme offers considerable performance with privacy preservation. Experiments show that the proposed scheme achieves high accuracy and efficiency while preserving the data and location privacy when compared with the existing related approach.

Lei Yang,Mengyuan Zhang,Shibo He,Ming Li,Junshan Zhang

DOI: https://doi.org/10.1145/3209582.3209598

2018-01-01

Abstract:We develop an auction framework for privacy-preserving data aggregation in mobile crowdsensing, where the platform plays the role as an auctioneer to recruit workers for a sensing task. In this framework, the workers are allowed to report privacy-preserving versions of their data to protect their data privacy; and the platform selects workers based on their sensing capabilities, which aims to address the drawbacks of game-theoretic models that cannot ensure the accuracy level of the aggregated result, due to the existence of multiple Nash Equilibria. Observe that in this auction based framework, there exists externalities among workers' data privacy, because the data privacy of each worker depends on both her injected noise and the total noise in the aggregated result that is intimately related to which workers are selected to fulfill the task. To achieve a desirable accuracy level of the data aggregation in a cost-effective manner, we explicitly characterize the externalities, i.e., the impact of the noise added by each worker on both the data privacy and the accuracy of the aggregated result. Further, we explore the problem structure, characterize the hidden monotonicity property of the problem, and determine the critical bid of workers, which makes it possible to design a truthful, individually rational and computationally efficient incentive mechanism. The proposed incentive mechanism can recruit a set of workers to approximately minimize the cost of purchasing private sensing data from workers subject to the accuracy requirement of the aggregated result. We validate the proposed scheme through theoretical analysis as well as extensive simulations.

Shumei Yang,Shaohua Tang,Xiao Zhang

DOI: https://doi.org/10.1016/j.jpdc.2019.07.013

IF: 4.542

2019-01-01

Journal of Parallel and Distributed Computing

Abstract:k nearest neighbor (kNN) queries are frequently used in location-based services (LBSs), by which we wish to get k closest points of interest (POIs) given a certain point. Since the cloud computing is developing fast, LBS providers are tended to outsource spatial databases to the cloud. However, cloud servers are often untrusty, so that ensuring the spatial query integrity as well as the spatial query privacy is critical. We present a verifiable privacy-preserving kNN query scheme, which can be used on road networks. Our work makes use of the network Voronoi diagram and several cryptographic primitives including pseudo-random functions, Paillier cryptosystem, condensed RSA digital signature, and so on. It can simultaneously preserve the privacy of spatial data and kNN queries, and verify the reliability of query results. The effectiveness and practicability of our scheme are validated by our experimental results. We further analyzed the security of our scheme under the adaptive chosen-query attack via rigorous proof.

Sai Wu,Xiaoli Wang,Sheng Wang,Zhenjie Zhang,Anthony K. H. Tung

DOI: https://doi.org/10.1109/tkde.2013.93

IF: 9.235

2014-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:In crowdsourcing database, human operators are embedded into the database engine and collaborate with other conventional database operators to process the queries. Each human operator publishes small HITs (Human Intelligent Task) to the crowdsourcing platform, which consists of a set of database records and corresponding questions for human workers. The human workers complete the HITs and return the results to the crowdsourcing database for further processing. In practice, published records in HITs may contain sensitive attributes, probably causing privacy leakage so that malicious workers could link them with other public databases to reveal individual private information. Conventional privacy protection techniques, such as K-Anonymity , can be applied to partially solve the problem. However, after generalizing the data, the result of standard K-Anonymity algorithms may render uncontrollable information loss and affects the accuracy of crowdsourcing. In this paper, we first study the tradeoff between the privacy and accuracy for the human operator within data anonymization process. A probability model is proposed to estimate the lower bound and upper bound of the accuracy for general K-Anonymity approaches. We show that searching the optimal anonymity approach is NP-Hard and only heuristic approach is available. The second contribution of the paper is a general feedback-based K-Anonymity scheme. In our scheme, synthetic samples are published to the human workers, the results of which are used to guide the selection on anonymity strategies. We apply the scheme on Mondrian algorithm by adaptively cutting the dimensions based on our feedback results on the synthetic samples. We evaluate the performance of the feedback-based approach on U.S. census dataset, and show that given a predefined $K$ , our proposal outperforms standard K-Anonymity approaches on retaining the effectiveness of crowdsourcing.

Ke Cheng,Liangmin Wang,Yulong Shen,Hua Wang,Yongzhi Wang,Xiaohong Jiang,Hong Zhong

DOI: https://doi.org/10.1109/tbdata.2017.2707552

2017-01-01

IEEE Transactions on Big Data

Abstract:The k-nearest neighbors (k-NN) query is a fundamental primitive in spatial and multimedia databases. It has extensive applications in location-based services, classification & clustering and so on. With the promise of confidentiality and privacy, massive data are increasingly outsourced to cloud in the encrypted form for enjoying the advantages of cloud computing (e.g., reduce storage and query processing costs). Recently, many schemes have been proposed to support k-NN query on encrypted cloud data. However, prior works have all assumed that the query users (QUs) are fully-trusted and know the key of the data owner (DO), which is used to encrypt and decrypt outsourced data. The assumptions are unrealistic in many situations, since many users are neither trusted nor knowing the key. In this paper, we propose a novel scheme for secure k-NN query on encrypted cloud data with multiple keys, in which the DO and each QU all hold their own different keys, and do not share them with each other; meanwhile, the DO encrypts and decrypts outsourced data using the key of his own. Our scheme is constructed by a distributed two trapdoors public-key cryptosystem (DT-PKC) and a set of protocols of secure two-party computation, which not only preserves the data confidentiality and query privacy but also supports the offline data owner. Our extensive theoretical and experimental evaluations demonstrate the effectiveness of our scheme in terms of security and performance.

Mengyuan Zhang,Lei Yang,Shibo He,Ming Li,Junshan Zhang

DOI: https://doi.org/10.1109/tnet.2021.3056490

2021-01-01

IEEE/ACM Transactions on Networking

Abstract:We develop an auction framework for privacy-preserving data aggregation in mobile crowdsensing, where the platform plays the role as an auctioneer to recruit workers for sensing tasks. The workers are allowed to report noisy versions of their data for privacy protection; and the platform selects workers by taking into account their sensing capabilities to ensure the accuracy level of the aggregated result. Observe that when moving the control of data privacy from the data aggregator to the workers, the data aggregator has limited market power in the sense that it can only partially control the noise by judiciously choosing a subset of workers based on workers' privacy preferences. This introduces externalities because the privacy of each worker depends on the total noise in the aggregated result that in turn relies on which workers are selected. Specifically, we first consider a privacy-passive scenario where workers participate if their privacy loss can be adequately compensated by the rewards. We explicitly characterize the externalities and the hidden monotonicity property of the problem, making it possible to design a truthful, individually rational and computationally efficient incentive mechanism. We then extend the results to a privacy-proactive scenario where workers have individual requirements for their perceivable data privacy levels. Our proposed mechanisms for both scenarios can select a subset of workers to (nearly) minimize the cost of purchasing their private sensing data subject to the accuracy requirement of the aggregated result. We validate the proposed scheme through theoretical analysis as well as extensive simulations.

Guang Yang,Shibo He,Junshan Zhang,Zhiguo Shi

DOI: https://doi.org/10.1109/tvt.2019.2950907

IF: 6.8

2019-01-01

IEEE Transactions on Vehicular Technology

Abstract:Crowdsensing has been recognized as a promising data collection paradigm, in which a platform outsources sensing tasks to a large number of users. However, requesting users to report raw data may give rise to many practical concerns, such as a significant overhead of communication and central processing, besides users' privacy concerns. In many scenarios (e.g, advertising and recommendation), the data collector directly benefits from statistical aggregation of raw data. Thus motivated, we consider the data collection problem based on user's local histograms, which is intimately related to the fundamental trade-off between the platform's accuracy and users' privacy. Because of users' social relationship, their data are often correlated, indicating that users' privacy may be leaked from others' data. To tackle this challenge, we first utilize Gaussian Markov random fields to model the correlation structure embedded in users' data. The data collection is modeled as a Stackelberg game where the platform decides its reward policy and users decide their noise levels while taking into account the social coupling among users. For the reward policy design, we first establish the relationship between users' Nash equilibrium and the payment mechanism, and then optimize the platform's accuracy under a budget constraint. Further, since the noise levels are users' private information, they may use falsified noise levels to achieve higher payoffs, which in turn impairs the crowdsensing performance. It turns out that with the insight into the correlation structure among users' data, the information asymmetry can be overcome based on peer prediction. We revisit the payment mechanism to guarantee dominant truthfulness of each user's strategy. Theoretical analysis and numerical results demonstrate the effectiveness of the proposed mechanism.

Tanzima Hashem,Lars Kulik,Rui Zhang

DOI: https://doi.org/10.48550/arXiv.1104.2756

2011-04-14

Databases

Abstract:We present a novel approach that protects trajectory privacy of users who access location-based services through a moving k nearest neighbor (MkNN) query. An MkNN query continuously returns the k nearest data objects for a moving user (query point). Simply updating a user's imprecise location such as a region instead of the exact position to a location-based service provider (LSP) cannot ensure privacy of the user for an MkNN query: continuous disclosure of regions enables the LSP to follow a user's trajectory. We identify the problem of trajectory privacy that arises from the overlap of consecutive regions while requesting an MkNN query and provide the first solution to this problem. Our approach allows a user to specify the confidence level that represents a bound of how much more the user may need to travel than the actual kth nearest data object. By hiding a user's required confidence level and the required number of nearest data objects from an LSP, we develop a technique to prevent the LSP from tracking the user's trajectory for MkNN queries. We propose an efficient algorithm for the LSP to find k nearest data objects for a region with a user's specified confidence level, which is an essential component to evaluate an MkNN query in a privacy preserving manner; this algorithm is at least two times faster than the state-of-the-art algorithm. Extensive experimental studies validate the effectiveness of our trajectory privacy protection technique and the efficiency of our algorithm.

Jinbao Wang,Yingshu Li,Donghua Yang,Hong Gao,Guangchun Luo,Jianzhong Li

DOI: https://doi.org/10.1109/access.2017.2766669

IF: 3.9

2017-01-01

IEEE Access

Abstract:Location-based services (LBS) leveraged by ubiquitous mobile devices have brought great convenience to mobile users in various aspects, including communication, information exchange, social activities, and so on. However, privacy concerns arise at the same time, since the users need to submit their locations and query contents to the LBS servers. To this end, location privacy and query privacy have been recognized. In particular, this paper focuses on query privacy for preventing the leakage of users' query contents. Cloaking region-based techniques using untrusted servers and client-based k-anonymity approaches have been devised to preserve query privacy in LBS. However, these works suffer from single point of failure or insufficiency of query privacy. To address this issue, we investigate effective k-anonymity-based solutions for query privacy in LBS. We formulate a probabilistic framework PkA, under which k-anonymity-based mechanisms can be initiated, and analyze a recent proposed algorithm DLS as an instance of PkA. An algorithm circle segment is presented to provide effective query privacy when query interests have similar prior probability. To obtain more effective query privacy in general cases, we propose two algorithms MEE and MER, which optimize two individual privacy metrics, denoted expected entropy and expected max-min ratio, adopted in this paper. We recognize two practical properties - No More Leakage and k-Effectiveness for effective query privacy, and our proposed algorithms satisfy both of No More Leakage and k-Effectiveness. We conduct evaluation based on real-life data sets and synthetic distributions of query interests, and the evaluation results demonstrate that our proposed algorithms produce significantly improved query privacy.

Honghao Zhou,Tinghuai Ma,Jing Jia,Yuan Tian,Mznah Al-Rodhaan

DOI: https://doi.org/10.1007/978-3-030-00012-7_4

2018-01-01

Abstract:In location based services, users can request interesting services around them at any time and anywhere through mobile devices. They need to send their locations to get the service, which may cause the disclosure of their location privacy. In order to protect the location privacy, a typical way is to convert the specific location into a location area. After finding the interest points around the region, the server needs to refine the result set to get the exact result of the query. In this article, we extended the existing kNN query algorithm based on the circular region, and proposed an algorithm called EkCRNN. This algorithm used an anonymous server to exchange information between the user and the LBS server. We compared two algorithms through experiments, and the experimental results show that our algorithm has higher accuracy.

Xuebin Ren,Chia-Mu Yu,Wei Yu,Xinyu Yang,Jun Zhao,Shusen Yang

DOI: https://doi.org/10.1109/JIOT.2020.3020089

2020-09-30

Abstract:In Internet of Things (IoT) driven smart-world systems, real-time crowd-sourced databases from multiple distributed servers can be aggregated to extract dynamic statistics from a larger population, thus providing more reliable knowledge for our society. Particularly, multiple distributed servers in a decentralized network can realize real-time collaborative statistical estimation by disseminating statistics from their separate databases. Despite no raw data sharing, the real-time statistics could still expose the data privacy of crowd-sourcing participants. For mitigating the privacy concern, while traditional differential privacy (DP) mechanism can be simply implemented to perturb the statistics in each timestamp and independently for each dimension, this may suffer a great utility loss from the real-time and multi-dimensional crowd-sourced data. Also, the real-time broadcasting would bring significant overheads in the whole network. To tackle the issues, we propose a novel privacy-preserving and communication-efficient decentralized statistical estimation algorithm (DPCrowd), which only requires intermittently sharing the DP protected parameters with one-hop neighbors by exploiting the temporal correlations in real-time crowd-sourced data. Then, with further consideration of spatial correlations, we develop an enhanced algorithm, DPCrowd+, to deal with multi-dimensional infinite crowd-data streams. Extensive experiments on several datasets demonstrate that our proposed schemes DPCrowd and DPCrowd+ can significantly outperform existing schemes in providing accurate and consensus estimation with rigorous privacy protection and great communication efficiency.

Distributed, Parallel, and Cluster Computing

Xuebin Ren,Chia-Mu Yu,Wei Yu,Xinyu Yang,Jun Zhao,Shusen Yang

DOI: https://doi.org/10.1109/jiot.2020.3020089

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:In Internet-of-Things (IoT)-driven smart-world systems, real-time crowdsourced databases from multiple distributed servers can be aggregated to extract dynamic statistics from a larger population, thus providing more reliable knowledge for our society. Particularly, multiple distributed servers in a decentralized network can realize real-time collaborative statistical estimation by disseminating statistics from their separate databases. Despite no raw data sharing, the real-time statistics could still expose the data privacy of crowdsourcing participants. For mitigating the privacy concern, while the traditional differential privacy (DP) mechanism can be simply implemented to perturb the statistics in each timestamp and independently for each dimension, this may suffer a great utility loss from the real-time and multidimensional crowdsourced data. Also, the real-time broadcasting would bring significant overheads in the whole network. To tackle the issues, we propose a novel privacy preserving and communication-efficient decentralized statistical estimation algorithm (DPCrowd), which only requires intermittently sharing the DP protected parameters with one-hop neighbors by exploiting the temporal correlations in real-time crowdsourced data. Then, with further consideration of spatial correlations, we develop an enhanced algorithm, DPCrowd+, to deal with multidimensional infinite crowd-data streams. Extensive experiments on several data sets demonstrate that our proposed schemes DPCrowd and DPCrowd+ can significantly outperform existing schemes in providing accurate and consensus estimation with rigorous privacy protection and great communication efficiency.

Kun Yang,Chengliang Tian,Hequn Xian,Weizhong Tian,Yan Zhang

DOI: https://doi.org/10.1007/s11280-022-01093-4

2022-10-21

World Wide Web

Abstract:In the current cloud computing and big data era, outsourcing the storage and associated query operations of large-scale databases to cloud service providers has become an increasingly popular computing paradigm. However, due to the potential mutual distrust among the data owner (DO), cloud server (CS) and query user (QU), the risk of privacy disclosure constrains the wide deployment of this attractive computing paradigm. To handle this dilemma, various encryption approaches are designed to assure privacy during query processing over outsourced databases. Recently, Wu et al. (World Wide Web 22 (1), 101–123 2019) presented a 'secure' k -nearest neighbor ( k NN) classification scheme over encrypted cloud database which aimed to concurrently keep the privacy of the database, the DO's key, the QU's query, and the data access patterns. In this paper, we first revisit their scheme and present an efficient known-plaintext attack on the privacy of database with linearization technique. Then, we propose an improved scheme that outperforms the prior scheme in both security and efficiency. Precisely, on the security side, we realize the above four security intentions with rigorous theoretical arguments. On the efficiency side, our new design greatly reduces the computational overhead of the DO and the QU, and makes full use of the resources of two cloud servers by better balancing their computational loads. Finally, we measure the practical performance of our scheme from an experimental perspective, and the result corroborates our theoretical analysis.

Dong Yuan,Qi Li,Guoliang Li,Qian Wang,Kui Ren

DOI: https://doi.org/10.1109/tifs.2019.2913232

IF: 7.231

2020-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Privacy leakage is a serious issue in spatial crowdsourcing in various scenarios. In this paper, we study privacy protection in spatial crowdsourcing. The main challenge is to efficiently assign tasks to nearby workers without needing to know the exact locations of tasks and workers. To address this problem, we propose a privacy-preserving framework without online trusted third parties. We devise a grid-based location protection method, which can protect the locations of workers and tasks while keeping the distance-aware information on the protected locations such that we can quantify the distance between tasks and workers. We propose an efficient task assignment algorithm, which can instantly assign tasks to nearby workers on encrypted data. To protect the task content, we leverage both attribute-based encryption and symmetric-key encryption to establish secure channels through servers, which ensures that the task is delivered securely and accurately by any untrusted server. Moreover, we analyze the security properties of our method. We have conducted real experiments on real-world datasets. Experimental results show that our method outperforms existing approaches.

Shenlu Wang,Muhammad Aamir Cheema,Xuemin Lin

DOI: https://doi.org/10.1093/comjnl/bxt115

2013-01-01

Abstract:Given a set of clients C , a set of facilities F and a query q ∈ F , a reverse k-nearest neighbor (RkNN) query retrieves every client c ∈ C for which q is one of the k closest facilities. In the past few years, RkNN queries have received significant research attention due to their wide range of applications. In this paper, we study the problem of continuous monitoring of RkNN queries in road networks. The state-of-the-art technique is sensitive toward the movement of clients, e.g. whenever a client that is inside the so-called unpruned region changes its location, the existing technique requires expensive verification of whether the client is an RkNN of q or not. To address this problem, we utilize the novel concept of influence zone, which is a region in the network such that a client c is the RkNN if and only if it lies inside this zone. This significantly improves performance because the problem of continuously monitoring RkNN queries is reduced to the problem of continuously monitoring the clients that are inside this zone. Based on several non-trivial observations, we present an efficient algorithm to compute the influence zone. Our extensive experimental study demonstrates that our algorithm is more than an order of magnitude faster than the state-of-the-art algorithm.

Huiting Fan,Kai Xing,Lei Tan,Weikang Rui,Zhonghu Xu,Shuo Zhang,Jing Xu

DOI: https://doi.org/10.1155/2017/8026787

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:In social activities, people are interested in some statistical data, such as purchase records, monthly consumption, and health data, which are usually utilized in recommendation systems. And it is seductive for them to acquire the ranking of these data among friends or other communities. In the meantime, they want their privacy data to be confidential. Therefore, a strategy is presented to allow users to obtain the result of calculating their privacy data while preserving these data. In this method, firstly a polynomial approximation function model is set up for each user. Afterwards, "fragment" the coefficients of each model into pieces. Eventually "blend" all scraps to build the global model of all users. Users can use the global model to gain their corresponding ranking results after a special computing. Security analyses of three aspects elaborate the validity of proposed privacy method, even if some spiteful attackers try to steal private data of users, no matter who they are (users or someone outside the community). Experiments results manifest that the global model competently fits all users data and all privacy data are protected.

Kai Xing,Chunqiang Hu,Jiguo Yu,Xiuzhen Cheng,Fengjuan Zhang

DOI: https://doi.org/10.1109/tii.2017.2695487

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider the problem of mutual privacy protection in social participatory sensing in which individuals contribute their private information to build a (virtual) community. Particularly, we propose a mutual privacy preserving $k$-means clustering scheme that neither discloses an individual's private information nor leaks the community's characteristic data (clusters). Our scheme contains two privacy-preserving algorithms called at each iteration of the $k$-means clustering. The first one is employed by each participant to find the nearest cluster while the cluster centers are kept secret to the participants; and the second one computes the cluster centers without leaking any cluster center information to the participants while preventing each participant from figuring out other members in the same cluster. An extensive performance analysis is carried out to show that our approach is effective for $k$ -means clustering, can resist collusion attacks, and can provide mutual privacy protection even when the data analyst colludes with all except one participant.