Zhen Gu,Guoyin Zhang,Chen Yang

DOI: https://doi.org/10.1155/2022/7963004

IF: 1.968

2022-08-02

Security and Communication Networks

Abstract:In this paper, we study the privacy-preserving data publishing problem in a distributed environment. The data contain sensitive information; hence, directly pooling and publishing the local data will lead to privacy leaks. To solve this problem, we propose a multiparty horizontally partitioned data publishing method under differential privacy (HPDP-DP). First, in order to make the noise level of the published data in the distributed scenario the same as in the centralized scenario, we use the infinite divisibility of the Laplace distribution to design a distributed noise addition scheme to perturb the locally shared data and use Paillier encryption to transmit the locally shared data to the semitrusted curator. Then, the semitrusted curator obtains the estimator of the covariance matrix of the aggregated data with Laplace noise and then obtains the principal components of the aggregated data and returns them to each data owner. Finally, the data owner utilizes the generative model of probabilistic principal component analysis to generate a synthetic data set for publication. We conducted experiments on different real data sets; the experimental results demonstrate that the synthetic data set released by the HPDP-DP method can maintain high utility.

computer science, information systems,telecommunications

Noman Mohammed,Rui Chen,Benjamin C.M. Fung,Philip S. Yu

DOI: https://doi.org/10.1145/2020408.2020487

2011-01-01

Abstract:Privacy-preserving data publishing addresses the problem of disclosing sensitive data when mining for useful information. Among the existing privacy models, ∈-differential privacy provides one of the strongest privacy guarantees and has no assumptions about an adversary's background knowledge. Most of the existing solutions that ensure ∈-differential privacy are based on an interactive model, where the data miner is only allowed to pose aggregate queries to the database. In this paper, we propose the first anonymization algorithm for the non-interactive setting based on the generalization technique. The proposed solution first probabilistically generalizes the raw data and then adds noise to guarantee ∈-differential privacy. As a sample application, we show that the anonymized data can be used effectively to build a decision tree induction classifier. Experimental results demonstrate that the proposed non-interactive anonymization algorithm is scalable and performs better than the existing solutions for classification analysis.

Xiang Cheng,Peng Tang,Sen Su,Rui Chen,Zequn Wu,Binyuan Zhu

DOI: https://doi.org/10.1109/tkde.2019.2906610

IF: 9.235

2020-08-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:In this paper, we study the problem of publishing high-dimensional data in a distributed multi-party environment under differential privacy. In particular, with the assistance of a semi-trusted curator, the parties (i.e., local data owners) collectively generate a synthetic integrated dataset while satisfying $\varepsilon$ɛ-differential privacy. To solve this problem, we present a differentially private sequential update of Bayesian network (DP-SUBN) approach. In DP-SUBN, the parties and the curator collaboratively identify the Bayesian network $\mathbb {N}$N that best fits the integrated dataset in a sequential manner, from which a synthetic dataset can then be generated. The fundamental advantage of adopting the sequential update manner is that the parties can treat the intermediate results provided by previous parties as their prior knowledge to direct how to learn $\mathbb {N}$N. The core of DP-SUBN is the construction of the search frontier, which can be seen as a priori knowledge to guide the parties to update $\mathbb {N}$N. By exploiting the correlations of attribute pairs, we propose exact and heuristic methods to construct the search frontier. In particular, to privately quantify the correlations of attribute pairs without introducing too much noise, we first put forward a non-overlapping covering design (NOCD) method, and then devise a dynamic programming method for determining the optimal parameters used in NOCD. Through privacy analysis, we show that DP-SUBN satisfies $\varepsilon$ɛ-differential privacy. Extensive experiments on real datasets demonstrate that DP-SUBN offers desirable data utility with low communication cost.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Peng Tang,Rui Chen,Sen Su,Shanqing Guo,Lei Ju,Gaoyuan Liu

DOI: https://doi.org/10.1109/tkde.2023.3241661

IF: 9.235

2023-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Given a set of local sequential datasets held by multiple parties, we study the problem of publishing a synthetic dataset that preserves approximate sequentiality information of the integrated dataset while satisfying differential privacy for each local dataset. The existing solutions for publishing differentially private sequential data in the centralized setting mostly adopt tree-based approaches. Such approaches rely on different tree structures that encode sequential data's statistical information. The construction of a tree structure is normally done by recursively splitting nodes whose noisy scores (e.g., entropy or count) are larger than a given threshold. However, extending similar ideas to the multi-party setting is challenging. First, the comparison between noisy scores and a given threshold needs to be done in a distributed manner without letting the parties know the noisy scores, while satisfying differential privacy for each local dataset. Second, in the multi-party setting the large number of node splitting decisions incurs prohibitive computation costs. In addressing the above challenges, we present DPST, a distributed prediction suffix tree construction solution. In DPST, we first introduce a novel node splitting decision method that calculates the comparison result under encryption with substantially improved efficiency. Then we present a novel batch-based tree construction approach to reduce computation costs. In order to achieve high parallel performance without incurring any extra communication cost, we introduce the conjunction and slide methods to ensure that each batch contains a stable number of carefully arranged decision tasks. To further reduce communication and computation costs, we propose a prefix-based pre-pruning method to reduce the number of nodes that need to be judged whether to split by an interactive protocol. Extensive experiments on real datasets demonstrate that our DPST solution offers desirable data utility with low computation and communication costs.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Jingyu Hua,An Tang,Yixin Fang,Zhenyu Shen,Sheng Zhong

DOI: https://doi.org/10.1109/tifs.2016.2532839

IF: 7.231

2016-01-01

IEEE Transactions on Information Forensics and Security

Abstract:In the problem of privacy-preserving collaborative data publishing, a central data publisher is responsible for aggregating sensitive data from multiple parties and then anonymizing it before publishing for data mining. In such scenarios, the data users may have a strong demand to measure the utility of the published data, since most anonymization techniques have side effects on data utility. Nevertheless, this task is non-trivial, because the utility measuring usually requires the aggregated raw data, which is not revealed to the data users due to privacy concerns. Furthermore, the data publishers may even cheat in the raw data, since no one, including the individual providers, knows the full data set. In this paper, we first propose a privacy-preserving utility verification mechanism based upon cryptographic technique for DiffPart-a differentially private scheme designed for set-valued data. This proposal can measure the data utility based upon the encrypted frequencies of the aggregated raw data instead of the plain values, which thus prevents privacy breach. Moreover, it is enabled to privately check the correctness of the encrypted frequencies provided by the publisher, which helps detect dishonest publishers. We also extend this mechanism to DiffGen-another differentially private publishing scheme designed for relational data. Our theoretical and experimental evaluations demonstrate the security and efficiency of the proposed mechanism.

Xiao Yonghui,Xiong Li,Yuan Chun

DOI: https://doi.org/10.1007/978-3-642-15546-8_11

2010-01-01

Abstract:Differential privacy is a strong notion for protecting individual privacy in privacy preserving data analysis or publishing. In this paper, we study the problem of differentially private histogram release based on an interactive differential privacy interface. We propose two multidimensional partitioning strategies including a baseline cell-based partitioning and an innovative kd-tree based partitioning. In addition to providing formal proofs for differential privacy and usefulness guarantees for linear distributive queries, we also present a set of experimental results and demonstrate the feasibility and performance of our method.

Honglu Jiang,S M Sarwar,Haotian Yu,Sheikh Ariful Islam

DOI: https://doi.org/10.48550/arXiv.2112.07061

2021-12-14

Abstract:Conventional private data publication mechanisms aim to retain as much data utility as possible while ensuring sufficient privacy protection on sensitive data. Such data publication schemes implicitly assume that all data analysts and users have the same data access privilege levels. However, it is not applicable for the scenario that data users often have different levels of access to the same data, or different requirements of data utility. The multi-level privacy requirements for different authorization levels pose new challenges for private data publication. Traditional PPDP mechanisms only publish one perturbed and private data copy satisfying some privacy guarantee to provide relatively accurate analysis results. To find a good tradeoff between privacy preservation level and data utility itself is a hard problem, let alone achieving multi-level data utility on this basis. In this paper, we address this challenge in proposing a novel framework of data publication with compressive sensing supporting multi-level utility-privacy tradeoffs, which provides differential privacy. Specifically, we resort to compressive sensing (CS) method to project a $n$-dimensional vector representation of users' data to a lower $m$-dimensional space, and then add deliberately designed noise to satisfy differential privacy. Then, we selectively obfuscate the measurement vector under compressive sensing by adding linearly encoded noise, and provide different data reconstruction algorithms for users with different authorization levels. Extensive experimental results demonstrate that ML-DPCS yields multi-level of data utility for specific users at different authorization levels.

Cryptography and Security

Graham Cormode,Magda Procopiuc,Entong Shen,Divesh Srivastava,Ting Yu

DOI: https://doi.org/10.48550/arXiv.1103.5170

2012-03-14

Abstract:Differential privacy has recently emerged as the de facto standard for private data release. This makes it possible to provide strong theoretical guarantees on the privacy and utility of released data. While it is well-known how to release data based on counts and simple functions under this guarantee, it remains to provide general purpose techniques to release different kinds of data. In this paper, we focus on spatial data such as locations and more generally any data that can be indexed by a tree structure. Directly applying existing differential privacy methods to this type of data simply generates noise. Instead, we introduce a new class of "private spatial decompositions": these adapt standard spatial indexing methods such as quadtrees and kd-trees to provide a private description of the data distribution. Equipping such structures with differential privacy requires several steps to ensure that they provide meaningful privacy guarantees. Various primitives, such as choosing splitting points and describing the distribution of points within a region, must be done privately, and the guarantees of the different building blocks composed to provide an overall guarantee. Consequently, we expose the design space for private spatial decompositions, and analyze some key examples. Our experimental study demonstrates that it is possible to build such decompositions efficiently, and use them to answer a variety of queries privately with high accuracy.

Databases

Wenjie Chen,Haoyu Chen,Tingxuan Han,Wei Tong,Sheng Zhong

DOI: https://doi.org/10.1109/tmc.2024.3464744

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:Frequent itemset mining is an essential task in data analysis. Therefore, it is crucial to design practical methods for privacy-preserving frequent itemset mining, enabling private data analysis. For two-party data analysis tasks, each party possesses its portion of the data and is reluctant to share the data with the other. While secure computation can enable two-party frequent itemset mining, the output of exact top- $k$ itemsets may still leave the adversary a chance to infer the sensitive information. Differential privacy has been utilized in various data analysis tasks to safeguard participating individuals. However, addressing how to ensure differential privacy for two-party frequent itemset mining remains unexplored. To prevent each party's data from being leaked to the other while achieving differential privacy for releasing the output, this paper investigates the problem of differentially private two-party frequent itemset mining. We first propose a practical method that can efficiently select the frequent items of the union of two confidential databases in a differentially private way without the need to combine all elements. Then we extend this technique for general frequent itemset mining. Extensive experiments were conducted on real-world datasets, and the results show that the proposed method can achieve satisfactory utility with affordable overheads.

Yi Li,Yitao Duan,Wei Xu

DOI: https://doi.org/10.1007/978-3-319-71246-8_6

2017-01-01

Abstract:Privacy has become a serious concern in data mining. Achieving adequate privacy is especially challenging when the scale of the problem is large. Fundamentally, designing a practical privacy-preserving data mining system involves tradeoffs among several factors such as the privacy guarantee, the accuracy or utility of the mining result, the computation efficiency and the generality of the approach. In this paper, we present PEM, a practical system that tries to strike the right balance among these factors. We use a combination of noise-based and noise-free techniques to achieve provable differential privacy at a low computational overhead while obtaining more accurate result than previous approaches. PEM provides an efficient private gradient descent that can be the basis for many practical data mining and machine learning algorithms, like logistic regression, k-means, and Apriori. We evaluate these algorithms on three real-world open datasets in a cloud computing environment. The results show that PEM achieves good accuracy, high scalability, low computation cost while maintaining differential privacy.

Fengqiong Wei,Wei Zhang,Yunfang Chen,Jingwen Zhao

DOI: https://doi.org/10.1007/978-3-030-01701-9_8

2018-01-01

Abstract:Differentially private data publication has recently received considerable attention. However, it faces some challenges in differentially private high-dimensional data publication, such as the complex attribute relationships, the high computational complexity and data sparsity. Therefore, we propose PrivMN, a novel method to publish high-dimensional data with differential privacy guarantee. We first use the Markov model to represent the mutual relationships between attributes to solve the problem that the direction of relationship between variables cannot be determined in practical application. We then take advantage of approximate inference to calculate the joint distribution of high-dimensional data under differential privacy to figure out the computational and spatial complexity of accurate reasoning. Extensive experiments on real datasets demonstrate that our solution makes the published high-dimensional synthetic datasets more efficient under the guarantee of differential privacy.

Zhihui Wang,Yun Zhu,Xuchen Zhou

DOI: https://doi.org/10.1007/978-3-030-18590-9_85

2019-01-01

Abstract:For data openness and sharing, we need to publish data and protect sensitive data at the same time. This paper provides the users with a system to realize privacy-preserving data publishing, which is implemented based on differential privacy. It has the following characteristics: (1) the raw data are first imported into a database and then are used to generate synthetic data for publishing; (2) a user can choose different privacy preservation levels for the synthetic data; (3) a subset of the attributes can been chosen to be synthesized while keeping the others untouched.

Chugui Xu,Ju Ren,Yaoxue Zhang,Zhan Qin,Kui Ren

DOI: https://doi.org/10.1109/tifs.2017.2737966

IF: 7.231

2017-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Releasing representative data sets without compromising the data privacy has attracted increasing attention from the database community in recent years. Differential privacy is an influential privacy framework for data mining and data release without revealing sensitive information. However, existing solutions using differential privacy cannot effectively handle the release of high-dimensional data due to the increasing perturbation errors and computation complexity. To address the deficiency of existing solutions, we propose DPPro, a differentially private algorithm for high-dimensional data release via random projection to maximize utility while guaranteeing privacy. We theoretically prove that DPPro can generate synthetic data set with the similar squared Euclidean distance between high-dimensional vectors while achieving (epsilon, delta)-differential privacy. Based on the theoretical analysis, we observed that the utility guarantees of released data depend on the projection dimension and the variance of the noise. Extensive experimental results demonstrate that DPPro substantially outperforms several state-of-the-art solutions in terms of perturbation error and privacy budget on high-dimensional data sets.

Riad Ladjel,Nicolas Anciaux,Aurélien Bellet,Guillaume Scerri

DOI: https://doi.org/10.48550/arXiv.2112.12411

2021-12-23

Abstract:Imagine a group of citizens willing to collectively contribute their personal data for the common good to produce socially useful information, resulting from data analytics or machine learning computations. Sharing raw personal data with a centralized server performing the computation could raise concerns about privacy and a perceived risk of mass surveillance. Instead, citizens may trust each other and their own devices to engage into a decentralized computation to collaboratively produce an aggregate data release to be shared. In the context of secure computing nodes exchanging messages over secure channels at runtime, a key security issue is to protect against external attackers observing the traffic, whose dependence on data may reveal personal information. Existing solutions are designed for the cloud setting, with the goal of hiding all properties of the underlying dataset, and do not address the specific privacy and efficiency challenges that arise in the above context. In this paper, we define a general execution model to control the data-dependence of communications in user-side decentralized computations, in which differential privacy guarantees for communication patterns in global execution plans can be analyzed by combining guarantees obtained on local clusters of nodes. We propose a set of algorithms which allow to trade-off between privacy, utility and efficiency. Our formal privacy guarantees leverage and extend recent results on privacy amplification by shuffling. We illustrate the usefulness of our proposal on two representative examples of decentralized execution plans with data-dependent communications.

Cryptography and Security,Databases,Distributed, Parallel, and Cluster Computing,Machine Learning

Zhiqiang Gao,Yutao Wang,Yanyu Duan,Yun Wang,Zhensheng Peng

DOI: https://doi.org/10.1504/ijica.2018.092587

2018-01-01

International Journal of Innovative Computing and Applications

Abstract:Policedata is an important source of social media data and can be regarded as a technical assistance to increase government accountability and transparency. Notably, it contains large amounts of personal private information that should be preserved deliberately. However, sharing and publishing policedata through private or public cloud infrastructure are still faced with tremendously potential threats and challenges recently. Unfortunately, existing researches regarding privacy preserving data publishing (PPDP) fail to cope with the aforementioned problems. Our work aims to propose a systematic multi-level privacy preserving data publishing (ML-PPDP) architecture. Moreover, a personalised multi-level privacy preserving (pML-PPDP) mechanism that developed from the combination of k-anonymity, l-diversity, t-closeness and differential privacy is designed for policedata publishing. Our solution authorised users with different privileges to different privacy-preserving levels. Experimental results of pML-PPDP mechanism on datasets collected from policedata website are implemented under our proposed ML-PPDP architecture with satisfactory trade-off between privacy and utility.

Wei Tong,Wenjie Chen,Tingxuan Han,Haoyu Chen,Sheng Zhong

DOI: https://doi.org/10.1109/icdcs57875.2023.00045

2023-01-01

Abstract:Various data analysis tasks take frequent item mining as an essential part of them. Thus, it is crucial to design practical privacy-preserving frequent item mining methods such that private data analysis can be enabled. For two-party data analysis tasks, each party possesses its portion of the data and is reluctant to share the data with the other. Although secure computation can enable two-party frequent item mining, the output of exact top- $k$ items may still leave the adversary a chance to infer the sensitive information. Differential privacy has been utilized in various data analysis tasks to protect participating individuals, but how to provide differential privacy for two-party frequent item mining has not been addressed. To prevent each party's data from being leaked to the other while achieving differential privacy for releasing the output, we study the problem of differentially private two-party frequent item mining in this paper. We have proposed a practical protocol that can efficiently select the frequent items of the union of two confidential databases in a differentially private way but does not need to combine all the elements. We have conducted extensive experiments to evaluate the proposed method on real-world datasets, and the results show that it can achieve satisfactory utility with affordable overheads.

Xue Jiang,Yufei Zhang,Xuebing Zhou,Jens Grossklags

DOI: https://doi.org/10.56553/popets-2023-0050

2023-04-01

Proceedings on Privacy Enhancing Technologies

Abstract:In the era of big data, user data are often vertically partitioned and stored at different local parties. Exploring the data from all the local parties would enable data analysts to gain a better understanding of the user population from different perspectives. However, the publication of vertically-partitioned data faces a dilemma: on the one hand, the original data cannot be directly shared by local parties due to privacy concerns; on the other hand, independently privatizing the local datasets before publishing may break the potential correlation between the cross-party attributes and lead to a significant utility loss. Prior solutions compute the privatized multivariate distributions of different attribute sets for constructing a synthetic integrated dataset. However, these algorithms are only applicable for low-dimensional structured data and may suffer from large utility loss with the increase in data dimensionality. Following the idea of synthetic data generation, we propose VertiGAN, the first framework based on a generative adversarial network (GAN) for publishing vertically-partitioned data with privacy protection. The framework adopts a GAN model comprised of one multi-output global generator and multiple local discriminators. The generator is collaboratively trained by the server and local parties to learn the distribution of all parties' local data and is used to generate a high-utility synthetic integrated dataset on the server side. Additionally, we apply differential privacy (DP) during the training process to ensure strict privacy guarantees for the local data. We evaluate the framework's performance on a number of real-world datasets containing 68--1501 classification attributes and show that our framework is more capable of capturing joint distributions and cross-attribute correlations compared to statistics-based baseline algorithms. Moreover, with a privacy guarantee of epsilon=8, our framework achieves around a 2%~15% improvement in classification accuracy compared to the baseline algorithms. Extensive experimental results demonstrate the capability and efficiency of our framework in synthesizing vertically-partitioned data while striking a satisfactory utility-privacy balance.

Fragkiskos Koufogiannis,Shuo Han,George J. Pappas

DOI: https://doi.org/10.29012/jpc.v7i2.649

2017-01-12

Journal of Privacy and Confidentiality

Abstract:We introduce the problem of releasing private data under differential privacy when the privacy level is subject to change over time. Existing work assumes that privacy level is determined by the system designer as a fixed value before private data is released. For certain applications, however, users may wish to relax the privacy level for subsequent releases of the same data after either a re-evaluation of the privacy concerns or the need for better accuracy. Specifically, given a database containing private data, we assume that a response y1 that preserves \( \epsilon _1\)-differential privacy has already been published. Then, the privacy level is relaxed to \( \epsilon _2\), with \( \epsilon _2 > \epsilon _1\), and we wish to publish a more accurate response y2 while the joint response (y1,y2) preserves \( \epsilon _2\)-differential privacy. How much accuracy is lost in the scenario of gradually releasing two responses y1 and y2 compared to the scenario of releasing a single response that is \( \epsilon _2\)-differentially private? Our results consider the more general case with multiple privacy level relaxations and show that there exists a composite mechanism that achieves no loss in accuracy. We consider the case in which the private data lies within Rn with an adjacency relation induced by the \( \ell _1\)-norm, and we initially focus on mechanisms that approximate identity queries. We show that the same accuracy can be achieved in the case of gradual release through a mechanism whose outputs can be described by a lazy Markov stochastic process. This stochastic process has a closed form expression and can be efficiently sampled. Moreover, our results extend beyond identity queries to a more general family of privacy-preserving mechanisms. To this end, we demonstrate the applicability of our tool to multiple scenarios including Google’s project RAPPOR, trading of private data, and controlled transmission of private data in a social network. Finally, we derive similar results for the approximated differential privacy.

English Else

Justus Mattern,Zhijing Jin,Benjamin Weggenmann,Bernhard Schoelkopf,Mrinmaya Sachan

DOI: https://doi.org/10.48550/arXiv.2210.13918

2022-10-26

Abstract:To protect the privacy of individuals whose data is being shared, it is of high importance to develop methods allowing researchers and companies to release textual data while providing formal privacy guarantees to its originators. In the field of NLP, substantial efforts have been directed at building mechanisms following the framework of local differential privacy, thereby anonymizing individual text samples before releasing them. In practice, these approaches are often dissatisfying in terms of the quality of their output language due to the strong noise required for local differential privacy. In this paper, we approach the problem at hand using global differential privacy, particularly by training a generative language model in a differentially private manner and consequently sampling data from it. Using natural language prompts and a new prompt-mismatch loss, we are able to create highly accurate and fluent textual datasets taking on specific desired attributes such as sentiment or topic and resembling statistical properties of the training data. We perform thorough experiments indicating that our synthetic datasets do not leak information from our original data and are of high language quality and highly suitable for training models for further analysis on real-world data. Notably, we also demonstrate that training classifiers on private synthetic data outperforms directly training classifiers on real data with DP-SGD.

Machine Learning,Computation and Language,Cryptography and Security

Joshua Snoke,Aleksandra Slavković

DOI: https://doi.org/10.48550/arXiv.1805.09392

2018-05-24

Abstract:We propose a method for the release of differentially private synthetic datasets. In many contexts, data contain sensitive values which cannot be released in their original form in order to protect individuals' privacy. Synthetic data is a protection method that releases alternative values in place of the original ones, and differential privacy (DP) is a formal guarantee for quantifying the privacy loss. We propose a method that maximizes the distributional similarity of the synthetic data relative to the original data using a measure known as the pMSE, while guaranteeing epsilon-differential privacy. Additionally, we relax common DP assumptions concerning the distribution and boundedness of the original data. We prove theoretical results for the privacy guarantee and provide simulations for the empirical failure rate of the theoretical results under typical computational limitations. We also give simulations for the accuracy of linear regression coefficients generated from the synthetic data compared with the accuracy of non-differentially private synthetic data and other differentially private methods. Additionally, our theoretical results extend a prior result for the sensitivity of the Gini Index to include continuous predictors.

Methodology