基于差分隐私的大数据隐私保护

摘要
图/表
参考文献(43)
相关文章 (15)

全文: PDF (5750 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要随着数据分析和发布等应用需求的出现和发展，如何保护隐私数据和防止敏感信息泄露成为当前面临的重大挑战.信息化和网络化的高速发展使得大数据成为当前学术界和工业界的研究热点，是IT业正在发生的深刻技术变革.但它在提高经济和社会效益的同时，也为个人和团体的隐私保护以及数据安全带来极大风险与挑战.大数据隐私以及数据挖掘中的隐私问题是信息安全领域目前的一个研究热点.差分隐私作为一种严格的和可证明的隐私定义，自诞生以来便受到了相当关注.介绍了隐私保护的变化和发展，对差分隐私保护技术的基本原理和特征进行了阐述，分析了差分隐私保护模型相对于传统安全模型的优势，并对其在数据发布与数据挖掘中的应用研究作了相应介绍.在对已有技术深入对比分析的基础上，展望了差分隐私保护技术的未来发展方向.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	朱天清

关键词 ：差分隐私, 数据发布, 数据挖掘, 统计查询, 隐私保护, 大数据

Abstract：As the emergence and development of application requirements such as data analysis and data publication, a challenge to those applications is to protect private data and prevent sensitive information from disclosure. With the highspeed development of information and network, big data has become a hot topic in both the academic and industrial research, which is regarded as a new revolution in the field of information technology. However, it brings about not only significant economic and social benefits, but also great risks and challenges to individuals` privacy protection and data security. People on the Internet leave many data footprint with cumulatively and relevance. Personal privacy information can be found by gathering data footprint in together.Malicious people use this information for fraud. It brings many trouble or economic loss to personal life.Privacy preserving, especially in data release and data mining, is a hot topic in the information security field. Differential privacy has grown rapidly recently due to its rigid and provable privacy guarantee. We analyze the advantage of differential privacy model relative to the traditional ones, and review other applications of differential privacy in various fields and discuss the future research directions. Following the comprehensive comparison and analysis of existing works, future research directions are put forward.

Key words： differential privacy data release data mining statistical query privacy preserving big data

收稿日期: 2015-12-14 出版日期: 2015-12-15

通讯作者: 朱天清 E-mail: tianqing.e.zhu@foxmail.com

作者简介: 朱天清澳大利亚墨尔本迪肯大学信息技术学院讲师，主要研究方向为隐私保护. tianqing.e.zhu@foxmail.com 何木青博士研究生，主要研究方向为隐私保护. papaya19870330@gmail.com 邹德清博士，教授，博士生导师，主要研究方向为系统安全、网络攻防、大数据安全、容错计算. deqingzou@hust.edu.cn

引用本文:

朱天清. 基于差分隐私的大数据隐私保护[J]. 信息安全研究, 2015, 1(3): 224-229.

链接本文:

http://ris.sic.gov.cn/CN/ 或 http://ris.sic.gov.cn/CN/Y2015/V1/I3/224

［1］Samarati P. Protecting respondents identities in microdata release［J］. IEEE Trans on Knowledge and Data Engineering, 2001, 13(6): 10101027 ［2］Srivatsa M S, Hicks M. Deanonymizing mobility traces: Using social network as a sidechannel［C］ Proc of the 2012 ACM Conf on Computer and Communications Security. New York: ACM, 2012: 628637 ［3］Nyholt D R, Yu ChangEn, Visscher P M. On Jim Watsons APOE status: Genetic information is hard to hide［J］. European Journal of Human Genetics, 2009, 17(2): 147149 ［4］Khan R, Mittelman D. Rumors of the death of consumer genomics are greatly exaggerated［J］. Genome Biol, 2013, 14(11): 13 ［5］Ye Mao, Yin Peifeng, Lee WangChien, et al. Exploiting geographical influence for collaborative pointofinterest recommendation［C］ Proc of the 34th Int ACM SIGIR Conf on Research and Development in Information Retrieval. New York: ACM, 2011: 325334 ［6］Goel S, Hofman J M, Lahaie S, et al. Predicting consumer behavior with Web search［J］. Proceedings of the National Academy of Sciences, 2010, 107(41): 1748617490 ［7］Sweeney L, Abu A, Winn J. Identifying participants in the personal genome project by name［OL］. 2013 ［20151104］. http:ssrn.com ［8］Sweeney L. kAnonymity: A model for protecting privacy 1［J］. International Journal of Uncertainty Fuzziness and KnowledgeBased Systems, 2002, 10(5): 557570 ［9］National Research Council (U S). Putting People on the Map: Protecting Confidentiality with Linked SocialSpatial Data［MOL］. National Academies Press, 2007 ［20151104］. http:www.nap.edu ［10］Narayanan A, Shmatikov V. How to break anonymity of the netflix prize dataset［JOL］. 2006 ［20151104］. http:arxiv.org ［11］Melissa L. This website knows where your cat lives［EBOL］. ［20151104］. http:time.com3019671iknowwhereyourcatliveswebsitedatavisualization ［12］de Montjoye Y A, Hidalgo C A, Verleysen M, et al. Unique in the Crowd: The privacy bounds of human mobility［J］. Scientific Reports, 2013, 3(6): 776776 ［13］Peddinti ST, Ross K W, Cappos J. On the internet, nobody knows youre a dog: A twitter case study of anonymity in social networks［C］ Proc of the 2nd Edition of the ACM Conf on Online Social Networks. New York: ACM, 2014: 8394 ［14］Enserink M, Chin G. The end of privacy［J］. Science, 2015, 347(3): 490491 ［15］Dalenius T. Towards a methodology for statistical disclosure control［J］. Statistik Tidskrift, 1977, 15(429444): 21 ［16］Sweeney L. kanonymity: A model for protecting privacy［J］. International Journal of Uncertainty, Fuzziness and KnowledgeBased Systems, 2002, 10(5): 557570 ［17］Machanavajjhala A, Kifer D, Gehrke J, et al. ldiversity: Privacy beyond kanonymity［J］. ACM Trans on Knowledge Discovery from Data (TKDD), 2007, 1(1): 2459 ［18］Li Ninghui, Li Tiancheng, Venkatasubramanian S. tcloseness: Privacy beyond kanonymity and ldiversity［C］ Proc of the 23rd IEEE Int Conf on Data Engineering (ICDE 2007). Piscataway, NJ: IEEE, 2007: 106115［19］Wong R C W, Li Jiuyong, Fu A W C, et al. (α, k)anonymity: An enhanced kanonymity model for privacy preserving data publishing［C］ Proc of the 12th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2006: 754759 ［20］Xiao Xiaokui, Tao Yufei. Minvariance: Towards privacy preserving republication of dynamic datasets［C］ Proc of the 2007 ACM SIGMOD Int Conf on Management of Data. New York: ACM, 2007: 689700 ［21］Wong R C W, Fu A W C, Wang Ke, et al. Minimality attack in privacy preserving data publishing［C］ Proc of the 33rd Int Conf on Very Large Data Bases. New York: ACM, 2007: 543554 ［22］Ganta S R, Kasiviswanathan S P, Smith A. Composition attacks and auxiliary information in data privacy［C］ Proc of the 14th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2008: 265273［23］Wong R C W, Fu A W C, Wang Ke, et al. Can the utility of anonymized data be used for privacy breaches?［J］. ACM Trans on Knowledge Discovery from Data (TKDD), 2011, 5(3): 16(1)16(24) ［24］Kifer D. Attacks on privacy and de finetti’s theorem［C］ Proc of 2009 ACM SIGMOD Int Conf. New York: ACM, 2009: 127138 ［25］Dwork C. Differential privacy［C］ Proc of Encyclopedia of Cryptography and Security. Berlin: Springer, 2011: 338340 ［26］Haeberlen A, Pierce B C, Narayan A. Differential privacy under fire［C］ Proc of Usenix Security Symposium, 2011: 3333 ［27］Hardt M, Rothblum G N. A multiplicative weights mechanism for privacypreserving data analysis［C］ Proc of the 51st Annual IEEE Symp on Foundations of Computer Science (FOCS). Piscataway, NJ: IEEE, 2010: 6170 ［28］Dinur I, Nissim K. Revealing information while preserving privacy［C］ Proc of ACM SIGMODPODS Conf. New York: ACM, 2003: 202210 ［29］熊平, 朱天清, 王晓峰. 差分隐私保护及其应用［J］. 计算机学报, 2014, 37(1): 101122 ［30］Dwork C, McSherry F, Nissim K et al. Calibrating noise to sensitivity in private data analysis［C］ Proc of Theory of Cryptography. Berlin: Springer, 2006: 265284 ［31］Friedman A, Schuster A. Data mining with differential privacy［C］ Proc of the 16th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2010: 493502 ［32］Machanavajjhala A, Korolova A, Sarma A D. Personalized social recommendations: accurate or private［J］. Proceedings of the VLDB Endowment, 2011, 4(7): 440450 ［33］McSherry F, Mironov I. Differentially private recommender systems: Building privacy into the net［C］ Proc of the 15th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2009: 627636 ［34］Zhu Tianqing, Li gang, Ren Yongli, et al. Differential privacy for neighborhoodbased collaborative filtering［C］ Proc of the 2013 IEEEACM Int Conf on Advances in Social Networks Analysis and Mining. New York: ACM, 2013: 752759 ［35］Zhu Tianqing, Li gang, Ren Yongli, et al. Privacy preserving for tagging recommender systems［C］ Proc of 2013 IEEEWICACM Int Joint Conf on Web Intelligence (WI) and Intelligent Agent Technologies (IAT). Piscataway, NJ: IEEE, 2013: 8188 ［36］Chen Rui, Fung B, Desai B C, et al. Differentially private transit data publication: A case study on the montreal transportation system［C］ Proc of the 18th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2012: 213221 ［37］McSherry F, Mahajan R. Differentiallyprivate network trace analysis［J］. ACM SIGCOMM Computer Communication Review, 2011, 41(4): 123134 ［38］Johnson A, Shmatikov V. Privacypreserving data exploration in genomewide association studies［C］ Proc of the 19th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2013:10791087 ［39］Kifer D, Machanavajjhala A. No free lunch in data privacy［C］ Proc of the 2011 ACM SIGMOD Int Conf on Management of Data. New York: ACM, 2011: 193204 ［40］Chan T H H, Shi Elaine, Song Dawn. Private and continual release of statistics［C］ Proc of Automata, Languages and Programming. Berlin: Springer, 2010: 405417 ［41］McGregor A, Mironov I, Pitassi T, et al. The limits of twoparty differential privacy［C］ Proc of the 51st Annual IEEE Symp on Foundations of Computer Science (FOCS). Piscataway, NJ: IEEE, 2010: 8190 ［42］Beimel A, Nissim K, Omri E. Distributed private data analysis: Simultaneously solving how and what［C］ Proc of Advances in CryptologyCRYPTO 2008. Berlin: Springer, 2008: 451468 ［43］Gehrke J, Hay M, Lui E, et al. Crowdblending privacy［C］ Proc of Advances in CryptologyCRYPTO 2012. Berlin: Springer, 2012: 479496