电子学报 ›› 2019, Vol. 47 ›› Issue (5): 1079-1085.DOI: 10.3969/j.issn.0372-2112.2019.05.015

• 学术论文 • 上一篇    下一篇

局部差分隐私约束的关联属性不变后随机响应扰动

杨高明, 朱海明, 方贤进, 苏树智   

  1. 安徽理工大学计算机科学与工程学院, 安徽淮南 232001
  • 收稿日期:2018-09-14 修回日期:2018-11-21 出版日期:2019-05-25
    • 通讯作者:
    • 方贤进
    • 作者简介:
    • 杨高明 男,1974年出生,安徽临泉人.2012年在哈尔滨工程大学获博士学位,现为安徽理工大学副教授,硕士研究生导师,主要研究领域为隐私保护、机器学习;朱海明 男,1994年出生,安徽阜阳人.现为安徽理工大学硕士研究生,主要研究领域为隐私保护.
    • 基金资助:
    • 国家自然科学基金 (No.61572034,No.61806006); 安徽省高校自然科学基金 (No.KJ2018A0083,No.KJ2014A061); 安徽省重大科技专项 (No.18030901025)

Invariant Post-Random Response Perturbation for Correlated Attributes Under Local Differential Privacy Constraint

YANG Gao-ming, ZHU Hai-ming, FANG Xian-jin, SU Shu-zhi   

  1. School of Computer Science and Engineering, Anhui University of Science and Technology, Huainan, Anhui 232001, China
  • Received:2018-09-14 Revised:2018-11-21 Online:2019-05-25 Published:2019-05-25
    • Supported by:
    • National Natural Science Foundation of China (No.61572034, No.61806006); Natural Science Foundation for Colleges and Universities in Anhui Province (No.KJ2018A0083, No.KJ2014A061); Major Science and Technology Project of Anhui Province (No.18030901025)

摘要: 本文研究敏感属性与部分准标识符属性存在相关时,如何有效减小重构攻击导致的隐私泄漏风险.首先,用互信息理论寻找原始数据集中对敏感属性具有强依赖关系的准标识符属性,为精确扰动数据属性提供理论依据;其次,针对关联属性和非关联属性,应用不变后随机响应方法分别对某个数据属性或者属性之间的组合进行扰动,使之满足局部ε-差分隐私要求,并理论分析后数据扰动对隐私泄露概率和数据效用的影响;最后,实验验证所提算法的有效性和处理增量数据的能力,理论分析了数据结果.由实验结果可知,算法可以更好地达到数据效用和隐私保护的平衡.

关键词: 局部差分隐私, 不变后随机响应, 数据重构, 数据扰动, 隐私保护

Abstract: We investigate in this paper how to effectively reduce the risk of privacy leakage caused by refactoring attacks when the sensitive attributes and some quasi-identifier attributes are correlated.Firstly,the mutual information theory is used to find the quasi-identifier attributes which have strong dependence on the sensitive attributes in the original dataset,which provides a theoretical basis for accurately perturbing the data attributes.Secondly,for the correlated attributes and the non-correlated attributes,the invariant random response method is applied to perturb a certain data attribute or a combination of data attributes to satisfy the local ε-differential privacy requirement.Theoretical analysis of the impact of data perturbations on privacy leakage probability and data utility is also conducted.Finally,the experiment verifies the effectiveness of the proposed algorithm and its ability to process incremental data.The experimental results demonstrate that the algorithm can achieve a better balance between data utility and privacy protection.

Key words: local differential privacy, invariant post-random response, data reconstruction, data perturbation, privacy protection

中图分类号: