基于置信度分析的差分隐私保护参数配置方法研究

doi:10.11959/j.issn.2096-109x.2019036

网络与信息安全学报 ›› 2019, Vol. 5 ›› Issue (4): 29-39.doi: 10.11959/j.issn.2096-109x.2019036

• 专栏：隐私保护关键技术及其新型应用模式探索 • 上一篇下一篇

基于置信度分析的差分隐私保护参数配置方法研究

李森有(),季新生,游伟

国家数字交换系统工程技术研究中心，河南郑州 450002

修回日期:2019-06-06 出版日期:2019-08-15 发布日期:2019-08-20
作者简介:李森有（1993- ），河南驻马店人，国家数字交换系统工程技术研究中心硕士生，主要研究方向为新一代移动通信技术、移动通信安全、隐私保护。|季新生（1968- ），男，河南驻马店人，国家数字交换系统工程技术研究中心教授、博士生导师，主要研究方向为网络空间安全、移动通信网络安全、拟态安全。|游伟（1984- ），男，山东青岛人，国家数字交换系统工程技术研究中心讲师，主要研究方向为新一代移动通信网络技术、移动通信网络安全。
基金资助:
国家自然科学基金创新研究群体资助项目(61521003);国家自然科学基金创新研究群体资助项目(61801515);国家重点研发计划基金资助项目(2016YFB0801605)

Research on differential privacy protection parameter configuration method based on confidence level

Senyou LI(),Xinsheng JI,Wei YOU

National Digital Switching System Engineering ＆Technological Research Center,Zhengzhou 450002,China

Revised:2019-06-06 Online:2019-08-15 Published:2019-08-20
Supported by:
The National Natural Science Foundation for Creative Research Groups of China(61521003);The National Natural Science Foundation for Creative Research Groups of China(61801515);The National Key R＆D Program of China(2016YFB0801605)

摘要/Abstract

摘要：

为了解决数据发布和分析过程中用户真实数据信息被披露的问题，降低攻击者通过差分攻击和概率推理攻击获取真实结果的概率，提出了一种基于置信度分析的差分隐私保护参数配置方法。在攻击者概率推理攻击模型下对攻击者置信度进行分析，使之不高于根据数据隐私属性所设置的隐私概率阈值。所提出的方法能够针对不同查询用户查询权限的差异配置更加合理的隐私保护参数，避免了隐私披露的风险。实验分析表明，所提出的方法根据查询权限、噪声分布特性以及数据隐私属性分析攻击者置信度与隐私保护参数的对应关系，并据此推导出隐私保护参数的配置公式，从而在不违背隐私保护概率阈值的情况下配置合适的ε参数。

关键词: 差分隐私, 置信度分析, 概率推理攻击模型, ；隐私保护

Abstract:

In order to solve the problem that the user's real data information is disclosed during the data release and analysis process,and reduce the probability of an attacker gaining real results through differential attacks and probabilistic inference attacks,a differential privacy protection parameter configuration method based on confidence level is proposed.Analysis of attacker confidence under attacker probabilistic inference attack model and make it no higher than the privacy probability threshold set according to the data privacy attribute.The proposed method can configure more reasonable privacy protection parameters for different query privilege of query users,and avoids the risk of privacy disclosure.The experimental analysis shows that the proposed method analyzes the correspondence between attacker confidence level and privacy protection parameters based on query privilege,noise distribution characteristics and data privacy attributes,and derives the configuration formula of privacy protection parameters,which configure the appropriate parameters without violating the privacy protection probability threshold.

Key words: differential privacy, confidence level, probability inference attack model, privacy protection

中图分类号:

TP309.2

李森有,季新生,游伟. 基于置信度分析的差分隐私保护参数配置方法研究[J]. 网络与信息安全学报, 2019, 5(4): 29-39.

Senyou LI,Xinsheng JI,Wei YOU. Research on differential privacy protection parameter configuration method based on confidence level[J]. Chinese Journal of Network and Information Security, 2019, 5(4): 29-39.

图/表 6

图1

表1

图2

图3

图4

图5

参考文献 19

[1]	LIANG F , YU W , AN D ,et al. A survey on big data market:pricing,trading and protection[J]. IEEE Access, 2018,6: 15132-15154.
[2]	INAN A , GURSOY M E , SAYGIN Y . Sensitivity analysis for non-interactive differential privacy:bounds and efficient algorithms[J]. IEEE Transactions on Dependable ＆ Secure Computing, 2017,(99): 1-1.
[3]	LATANYA S . k-anonymity:a model for protecting privacy[J]. International Journal on Uncertainty,Fuzziness and Knowledge based Systems, 2002,10(5): 557-570.
[4]	ASHWIN M , JOHANNES G , DANIEL K . ?-diversity:privacy beyond k-anonymity[C]. International Conference on Data Engineering, 2006,1(1): 24-35.
[5]	LI N H , LI T C , SURESH V . T-closeness:privacy beyond k-anonymity and l-diversity[C]. IEEE International Conference on Data Engineering, 2007: 106-115.
[6]	DWORK C , ROTH A . The algorithmic foundations of differential privacy[M]. Now Publishers Inc. 2014.
[7]	ZHU T Q , LI G , ZHOU W ,et al. Differentially private data publishing and analysis:a survey[J]. IEEE Transactions on Knowledge＆ Data Engineering, 2017,29(8): 1619-1638.
[8]	DWORK C . Calibrating noise to sensitivity in private data analysis[J]. Lecture Notes in Computer Science, 2012,3876(8): 265-284.
[9]	熊平, 朱天清, 王晓峰 . 差分隐私保护及其应用[J]. 计算机学报, 2014,37(1): 101-122.
	XIONG P , ZHU T Q , WANG X F . A survey on differential privacy protection and application[J]. Chinese Journal of Computers, 2014,37(1): 101-122.
[10]	LI Q , LI Y , ZENG G ,et al. Differential privacy data publishing method based on cell merging[C]// IEEE International Conference on Networking,Sensing and Control. 2017: 778-782.
[11]	SORUIA-COMAS J , DOMINGO-FERRER J , SANCHEZ D ,et al. Individual differential privacy:a utility-preserving formulation of differential privacy guarantees[J]. IEEE Transactions on Information Forensics ＆ Security, 2017,12(6): 1418-1429.
[12]	SMITH M , LOPEZ MAA , ZWIESSELE M ,et al. Differentially private regression with Gaussian processes[C]// International Conference on Artificial Intelligence and Statistics. 2018.
[13]	HSU J , GABOARDI M , HAEBERLEN A ,et al. Differential privacy:an economic method for choosing epsilon[C]// 2014 IEEE 27th Computer Security Foundations Symposium. 2014: 398-410.
[14]	LEE J , CLIFTON C . How much is enough? choosing ε for differential privacy[C]// International Conference on Information Security. 2011: 325-340.
[15]	何贤芒, 王晓阳, 陈华辉 . 差分隐私保护参数 ε 的选取研究[J]. 通信学报, 2015,36(12): 124-130.
	HE X M , WANG X Y , CHEN H H . Study on choosing the parameter ε in differential privacy[J]. Journal on Communications, 2015,36(12): 124-130.
[16]	郝晨艳, 彭长根, 张盼盼 . 重复攻击下差分隐私保护参数ε的选取方法[J]. 计算机工程, 2018,44(7): 151-155.
	HAO Y C , PENG C G , ZHANG P P . Selection method of differential privacy protection parameter ε under repeated attack[J]. Computer Engineering, 2018,44(7): 151-155.
[17]	DWORK C . Differential privacy[J]. Encyclopedia of Cryptography and Security, 2011: 338-340.
[18]	DWORK C , ROTH A . The algorithmic foundations of differential privacy[J]. Foundations and Trends in Theoretical Computer Science, 2014,9(3-4): 211-407.
[19]	BONOMI L , XIONG L . A two-phase algorithm for mining sequential patterns with differential privacy[C]// The 22nd ACM International Conference on Information ＆ Knowledge Management. 2013: 269-278.

符号	含义
D	数据库D
Ε	隐私保护参数
Lap( )	Laplace分布函数
B	Laplace尺度参数
△f	查询函数敏感度
-α，α]	置信区间
conf (x)	置信度
T_prob	隐私保护概率阈值

基于置信度分析的差分隐私保护参数配置方法研究

Research on differential privacy protection parameter configuration method based on confidence level

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献 19

相关文章 13

Metrics

推荐阅读 0

[1]	余锋, 林庆新, 林晖, 汪晓丁. 基于生成对抗网络的隐私增强联邦学习方案[J]. 网络与信息安全学报, 2023, 9(3): 113-122.
[2]	应作斌, 方一晨, 张怡文. 动态聚合权重的隐私保护联邦学习框架[J]. 网络与信息安全学报, 2022, 8(5): 56-65.
[3]	张心语, 张秉晟, 孟泉润, 任奎. 隐私保护的加密流量检测研究[J]. 网络与信息安全学报, 2021, 7(4): 101-113.
[4]	赵明烽, Lei Chen, 钟洋, 熊金波. 移动边缘群智感知动态隐私度量模型与评价机制[J]. 网络与信息安全学报, 2021, 7(1): 157-166.
[5]	张煜,吕锡香,邹宇聪,李一戈. 基于生成对抗网络的文本序列数据集脱敏[J]. 网络与信息安全学报, 2020, 6(4): 109-119.
[6]	何贤芒. 基于差分隐私保护技术的多方求和查询方法[J]. 网络与信息安全学报, 2020, 6(3): 14-18.
[7]	杨磊,郑啸,赵伟. 基于差分隐私的非等距直方图发布方法[J]. 网络与信息安全学报, 2020, 6(3): 39-49.
[8]	刘慧,毕仁万,熊金波,赵明烽,金彪,林劼. 移动群智感知中基于雾节点协作的感知用户身份隐私保护[J]. 网络与信息安全学报, 2019, 5(6): 75-84.
[9]	郭鹏, 钟尚平, 陈开志, 程航. 差分隐私GAN梯度裁剪阈值的自适应选取方法[J]. 网络与信息安全学报, 2018, 4(5): 10-20.
[10]	任君,熊金波,姚志强. 基于差分隐私模型的云数据副本安全控制方案[J]. 网络与信息安全学报, 2017, 3(5): 38-46.
[11]	仝伟,毛云龙,陈庆军,王彬入,张保佳,仲盛. 抗大数据分析的隐私保护：研究现状与进展[J]. 网络与信息安全学报, 2016, 2(4): 44-55.
[12]	高志强,李庆鹏,胡人远. 基于Spark的支持隐私保护的聚类算法[J]. 网络与信息安全学报, 2016, 2(11): 47-51.
[13]	张文静,李晖. 差分隐私保护下的数据分级发布机制[J]. 网络与信息安全学报, 2015, 1(1): 58-65.