CN112131608B - Classification tree differential privacy protection method meeting LKC model - Google Patents

Classification tree differential privacy protection method meeting LKC model Download PDF

Info

Publication number
CN112131608B
CN112131608B CN202011227876.1A CN202011227876A CN112131608B CN 112131608 B CN112131608 B CN 112131608B CN 202011227876 A CN202011227876 A CN 202011227876A CN 112131608 B CN112131608 B CN 112131608B
Authority
CN
China
Prior art keywords
sequence
data
track
data set
classification tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011227876.1A
Other languages
Chinese (zh)
Other versions
CN112131608A (en
Inventor
李晓会
白雨靓
李波
伊华伟
贾旭
李锐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Liaoning University of Technology
Original Assignee
Liaoning University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Liaoning University of Technology filed Critical Liaoning University of Technology
Publication of CN112131608A publication Critical patent/CN112131608A/en
Application granted granted Critical
Publication of CN112131608B publication Critical patent/CN112131608B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/29Geographical information databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/906Clustering; Classification

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Remote Sensing (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a classification tree differential privacy protection method meeting an LKC model, which comprises the following steps: step 1, determining a sequence set needing global inhibition according to data to be distributed; step 2, calculating a newly generated minimum violation sequence according to the track data in the sequence set; wherein when a new minimum violation sequence is generated, the minimum violation sequence is discarded; and 3, when a new minimum violation sequence is not generated, establishing a classification tree according to the track data in the sequence set, and adding noise to the data through a Laplace mechanism to obtain release data.

Description

Classification tree differential privacy protection method meeting LKC model
Technical Field
The invention relates to the technical field of information security, in particular to a classification tree differential privacy protection method meeting an LKC model.
Background
The track data contains a large amount of personal information of mobile users, and researchers acquire a large amount of valuable information from the track data through analysis and exploration of the track data so as to study the privacy protection of the user information. If the trace data is not effectively privacy-protected before being distributed, an attacker who grasps the background knowledge can infer the privacy information of the user, such as physical diseases, household income and the like, by analyzing the trace data, which can cause economic loss of the user and even personal safety problems. If the original track data set is improperly processed in the release process, a great deal of loss of user information is caused, the availability and the integrity of release data are reduced, and the information waste is caused. It is a research topic to be solved to ensure that published track data does not reveal user privacy while having high data availability.
At present, a certain result is obtained for researching a privacy protection method in track data release. For example, mohammed et al propose an LKC privacy model applicable to RFID data, and implement the LKC privacy model using an anonymization algorithm. The algorithm firstly identifies the minimum violating sequence set in the track data set, then carries out global suppression on the violating sequence through a greedy method, and achieves the aim of reducing the maximum frequent sequence loss as much as possible, but the global suppression method needs to delete a large amount of data, and the data availability is not effectively improved. Chen et al propose the concept of local suppression through (K, C) L privacy models and algorithms. The algorithm firstly determines all sequences in the track data set which do not meet the requirements of the (K, C) L privacy model; and then simplifying the track data set by local inhibition on the premise of ensuring the efficient availability of the data. Ghasemzadeh et al studied the case of c=1 in the LKC-privacy model, and realized privacy protection of track data by global suppression; komishani et al propose a privacy protection algorithm for generalizing sensitive information, which implements suppression of a high-dimensional trajectory dataset by building a classification tree for sensitive information attributes, but suppresses a large amount of data due to uncertainty in the length of background knowledge mastered by an attacker, resulting in loss of the mining value of the dataset.
Disclosure of Invention
Based on the existing research results and the existing problems, the invention designs and develops a classification tree differential privacy protection method meeting the LKC model, and aims to solve the problems that the overall inhibition of track data can cause the reduction of data availability and the reduction of the risk of privacy leakage of users.
The technical scheme provided by the invention is as follows:
a classification tree differential privacy protection method meeting LKC model includes the following steps:
step 1, determining a sequence set needing global inhibition according to data to be distributed;
step 2, calculating a newly generated minimum violation sequence according to the track data in the sequence set;
wherein when a new minimum violation sequence is generated, the minimum violation sequence is discarded;
and 3, when a new minimum violation sequence is not generated, establishing a classification tree according to the track data in the sequence set, and adding noise to the data through a Laplace mechanism to obtain release data.
Preferably, in the step 2, calculating the newly generated minimum violation sequence includes:
step 2.1, finding out a minimum violation sequence set in the track data set from the sequence set, and determining a maximum frequent sequence set according to a given frequent threshold;
step 2.2, constructing an MFS tree, and determining the suppression sequence according to the suppression priority scores of the position points;
step 2.3, updating the MFS according to the suppression sequence;
and 2.4, recalculating the suppression priority scores of the rest position points, and updating the minimum violation sequence set to obtain the minimum violation sequence.
Preferably, in the step 2.2, the suppression priority score is
Where elimate (p) is the minimum number of violations that can be eliminated by position point p, and Loss (p) is the Loss of usefulness at position point p.
Preferably, in the step 2.2, the suppression is performed by selecting a point with the highest suppression priority score, and the order of the suppression is determined.
Preferably, in the step 2, the method further includes: when a new minimum violation sequence is generated, verifying whether a track data set of the track data meets an LKC-privacy model or not, and if the data sequence existing in the track data set cannot meet the LKC-privacy model, updating the minimum violation sequence until all the data sequences meet the LKC-privacy model;
wherein the trace data set of trace data satisfies an LKC-privacy model when:
|p|<L;
t (p) is not less than K; and
Conf(s|T(p))≤C;
in the formula, conf (s|T (P))= |T (P ∈s) |T (P) |, conf is a confidence threshold value calculated under different conditions, L is a maximum track length value mastered by an attacker, T is a track data set of all users, S is a sensitive attribute value in the data set T, P is any subsequence in the data set T, C is more than or equal to 0 and less than or equal to 1, S is epsilon S, C is a confidence threshold value of an anonymous set, and K is a number of hidden names in the sequence.
Preferably, in the step 3, the process of creating the classification tree includes the steps of:
step 3.1, initializing a track data set of all users, and selecting two groups of frequent sequences from the track data set of all users to construct a classification tree;
step 3.2, selecting a track sequence corresponding to the position point with the largest frequency as a first group according to the frequency of occurrence of any two position points in each track record;
step 3.3, selecting the sequence with the least frequency from all the sequences with the most frequency position points, and selecting the most frequent position point as a second group on the track where the sequence is positioned;
and 3.4, repeating the step 3.2 and the step 3.3, selecting other tracks to be placed in the first group and the second group until all tracks are placed in the classification tree, and obtaining the finally constructed classification tree.
Preferably, the adding noise to the data by the laplace mechanism in the step 3 includes:
the privacy budget epsilon used in the iterative segmentation process of the classification tree is subjected to refinement segmentation by a Laplacian mechanism, and epsilon is evenly distributed to each increment update data set epsilon m ' will epsilon m ' average divided into two partsRespectively used for a Laplace mechanism in the data iteration process and adding Laplace noise into leaf nodes;
for any function f T-R d If the output result of algorithm a satisfies inequality a (T) =f (T) + the algorithm a is applied to the image data<Lap 1 (Δf/ε),Lap 2 (Δf/ε),…,Lap i (Δf/ε)>A satisfies epsilon differential privacy;
wherein T is the track data set, R is the real number threshold of the mapping, d is f:T.fwdarw.R d A (T) is the output result of algorithm A on track data set T, f (T) is the function f: T→R d Output results on track dataset T, lap i (Δf/. Epsilon.) (1.ltoreq.i.ltoreq.d) is a Laplace variable independent of each other.
Compared with the prior art, the invention has the following beneficial effects: in the process of releasing track data, the availability of the track data is improved by replacing global inhibition with local inhibition, meanwhile, a classification tree is established according to user information in the track data set, noise is added to the data through a Laplacian mechanism, and the safety of the data to be released is improved while the availability of the data is ensured; experiments prove that compared with other algorithms, the algorithm provided by the method effectively reduces the MFS (maximum frequent item set) loss rate and the sequence loss rate, and the average relative error of counting queries is lower under the condition of the same privacy budget.
Drawings
Fig. 1 is a flowchart of a classification tree differential privacy protection method satisfying an LKC model according to the present invention.
FIG. 2 is a graph showing the effect of different K values on MFS loss rate according to the present invention.
FIG. 3 shows the effect of different K values on the sequence loss rate according to the present invention.
FIG. 4 is a graph showing the effect of different C values on MFS loss rate according to the present invention.
FIG. 5 shows the effect of different C values on the sequence loss rate according to the present invention.
Fig. 6 is the effect of data set length on average relative error when epsilon=0.5.
Fig. 7 is the effect of data set length on average relative error when epsilon=1.
Detailed Description
The present invention is described in further detail below with reference to the drawings to enable those skilled in the art to practice the invention by referring to the description.
As shown in fig. 1, the present invention provides a differential privacy protection method for classification trees, which satisfies an LKC model, considers the problem that global suppression of trace data causes reduced data availability, adopts local suppression to replace processing data, finds out an MVS set in the trace data set, finds out a maximum frequent sequence set according to a given frequent threshold E, constructs an MFS tree, determines the suppression order according to the suppression priority score of a location point, and updates a minimum violation sequence. When the noise is added, a classification tree algorithm is utilized, a Laplace noise mechanism is cited for protecting the data, so that the safety in the track data release process is improved, and the data loss rate caused by global inhibition is reduced; the method specifically comprises the following steps:
step 1, calculating newly generated minimum violation sequences (NewMVS): finding out the MVS set in the track data set, finding out the maximum frequent sequence set according to a given frequent threshold E, then constructing an MFS tree, determining the inhibition sequence according to an inhibition priority Score (p) of a position point p, wherein the inhibition priority Score = the number of MVSs (Eliminate (p)) which can be eliminated by the inhibition point p/the Loss of usefulness (Loss (p)) caused by the inhibition point p:
selecting a point p with the highest score each time, suppressing the sequence of the point p, updating the MFS (maximum frequent sequence), then recalculating the suppression priority scores of the rest position points, and updating the Minimum Violation Sequence (MVS) set;
step 2, verifying whether the track data set meets the LKC-privacy model to further judge whether the minimum violation sequence set needs to be continuously updated, if the sequence in the track data set does not meet the step 2, the minimum violation sequence set needs to be updated until all the sequences meet the step 2, judging whether a new minimum violation sequence is generated, if the new minimum violation sequence is generated, discarding the violation sequence, and if the new minimum violation sequence is not generated, building a classification tree according to sensitive information in the track data set;
wherein L is the maximum track length value mastered by an attacker, T is a track data set of all users, S is a sensitive attribute value in the data set T, K is the number of hidden names in the sequence, and the track data set T meets LKC-privacy and the following conditions only when any subsequence P in T is within |P| < L:
t (p) is not less than K, and T (p) is a user containing p in the track;
conf (s|T (P) is less than or equal to C, conf (s|T (P))= |T (P.u.s) |/|T (P) |, wherein Conf is an abbreviation of confidence, represents a confidence threshold (confidence threshold) calculated under different conditions, is used for being compared with a given confidence threshold C, 0 is less than or equal to C is less than or equal to 1, S epsilon S, C is the confidence threshold of an anonymity set, and the anonymity degree can be flexibly adjusted according to requirements;
step 3, building a classification tree: firstly, initializing a data set T, and selecting two groups of frequent sequences from a track data set to construct a classification tree; selecting a track sequence corresponding to the largest number of times as a first group according to the number of times of occurrence of any two position points in each track record, selecting the sequence with the smallest number of times from all sequences occurring at the position points, selecting the most frequent position point from the tracks where the sequence is located as a second group, and iteratively selecting other tracks to be placed in the two groups until all the tracks are placed in a classification tree, thereby constructing a classification tree
Step 4, reassigning privacy budget: the privacy budget epsilon used in the iterative segmentation process of the classification tree is subjected to a refinement segmentation scheme by a Laplacian mechanism, and epsilon is firstly averagely distributed to each increment update data set epsilon' m Then epsilon 'is added' m Is divided into two partsRespectively using Laplace mechanism in the data iteration process and adding Laplace noise into the leaf nodes;
step 5, adding noise: T.fwdarw.R for any function f d If the output result of algorithm a satisfies inequality a (T) =f (T) + with<Lap 1 (Δf/ε),Lap 2 (Δf/ε),…,Lap i (Δf/ε)>A satisfies epsilon-differential privacy; wherein T represents the trace dataset, R represents the real number threshold of the mapping, d represents f: T→R d A (T) represents the output result of algorithm A on track data set T, and f (T) represents the function f: T→R d Output results on track dataset T, lap i (Δf/. Epsilon.) (1.ltoreq.i.ltoreq.d) is a Laplace variable, noise level, independent of each otherThe magnitude is proportional to Δf and inversely proportional to ε.
Examples
In order to prove the effectiveness of the invention, the invention operates in a Python environment, and is realized by an algorithm implemented by Myeclipse integrated development software, and the invention is in an experimental hardware environment: the processor is an Intel (R) Core (TM) i7-5500U CPU 2.40GH and the RAM is an 8.0G, lnuix operating system, the invention adopts an open source data set provided by a Geolife project of Microsoft Asian institute to carry out experimental verification, and the data set comprises 18670 real user tracks and is widely applied to track data related research experiments.
As shown in fig. 2 to 5, the data loss is an important reference for measuring the availability of track data, and the present invention measures both the frequent sequence (MFS) and the track sequence:
(1) MFS data loss mfslass depends on the number of MFSs in the original trajectory data set and the number of MFSs remaining in the data set after the local suppression process:
wherein M (T) is the MFS number in the original track data set, and M (T) is the MFS number in the data set after the local inhibition processing;
(2) Track sequence loss TLoss depends on the number of sequences in the original track dataset and the number of sequences after data processing:
wherein L (T) is the number of tracks in the original track data set, and L (T) is the number of tracks in the data set after the local suppression processing.
As shown in fig. 6 and 7, the average relative error of the data is calculated by using the count query as a measure of data loss, and the count query R:
wherein R (T) represents a count query of the original dataset,the count query representing the processed dataset, b, is a rational constraint set to prevent denominator from being too small.
Experimental results
As shown in fig. 2 and 3, MFS loss and sequence loss increase with increasing K value, and data loss increases because increasing K value results in increasing Minimum Violation Sequences (MVSs) and thus increasing sequences that need to be suppressed. While another TP-NSA algorithm has some effect on reducing data loss compared to the figure, it represents that the KTP algorithm herein causes less loss of data.
As can be seen from fig. 4 and 5, as the C value increases, the MFS loss and the sequence loss decrease, and the increase in the C value decreases the number of Minimum Violating Sequences (MVSs) that need to be suppressed, so that both the MFS loss and the sequence loss decrease gradually. The data result shows that compared with another TP-NSA algorithm in the figure, the loss rate of data processing in the KTP algorithm representing the invention is lower.
As can be seen from fig. 6 and 7, the average relative error of the data gradually increases with the length of the trace data set, but the average relative error of the data decreases in both experiments under the condition that the privacy budget value is larger. Compared with another HDMPM algorithm in the figure, the CTL algorithm representing the invention is more effective, reduces average relative error, effectively protects the user track privacy and improves the usability of data.
Although embodiments of the present invention have been disclosed above, it is not limited to the details and embodiments shown and described, it is well suited to various fields of use for which the invention would be readily apparent to those skilled in the art, and accordingly, the invention is not limited to the specific details and illustrations shown and described herein, without departing from the general concepts defined in the claims and their equivalents.

Claims (2)

1. A classification tree differential privacy protection method meeting an LKC model is characterized by comprising the following steps:
step 1, determining a sequence set needing global inhibition according to data to be distributed;
step 2, calculating a newly generated minimum violation sequence according to the track data in the sequence set;
wherein when a new minimum violation sequence is generated, the minimum violation sequence is discarded;
step 3, when a new minimum violation sequence is not generated, establishing a classification tree according to track data in the sequence set, and adding noise to the data through a Laplace mechanism to obtain release data;
in said step 2, calculating the newly generated minimum violation sequence comprises:
step 2.1, finding out a minimum violation sequence set in the track data set from the sequence set, and determining a maximum frequent sequence set according to a given frequent threshold;
step 2.2, constructing an MFS tree, and determining the suppression sequence according to the suppression priority scores of the position points;
step 2.3, updating the MFS according to the suppression sequence;
step 2.4, recalculating suppression priority scores of other position points, and obtaining the minimum violation sequence after updating the minimum violation sequence set;
in the step 2.2, the suppression priority score is
Wherein elimate (p) is the minimum number of violations that can be eliminated by position point p, and Loss (p) is the Loss of usefulness of position point p;
in the step 2.2, selecting the point with the highest priority score for each inhibition to implement inhibition, and determining the order of inhibition;
in the step 2, further includes: when a new minimum violation sequence is generated, verifying whether a track data set of the track data meets an LKC-privacy model or not, and if the data sequence existing in the track data set cannot meet the LKC-privacy model, updating the minimum violation sequence until all the data sequences meet the LKC-privacy model;
wherein the trace data set of trace data satisfies an LKC-privacy model when:
|p|<L;
t (p) is not less than K; and
Conf(s|T(p))≤C;
in the formula, conf (s|T (P))= |T (P ∈s) |T (P) |, conf is a confidence threshold value calculated under different conditions, L is a maximum track length value mastered by an attacker, T is a track data set of all users, S is a sensitive attribute value in the data set T, P is any subsequence in the data set T, C is more than or equal to 0 and less than or equal to 1, S is epsilon S, C is a confidence threshold value of an anonymous set, and K is a hidden name number in the sequence;
in the step 3, the process of building the classification tree includes the following steps:
step 3.1, initializing a track data set of all users, and selecting two groups of frequent sequences from the track data set of all users to construct a classification tree;
step 3.2, selecting a track sequence corresponding to the position point with the largest frequency as a first group according to the frequency of occurrence of any two position points in each track record;
step 3.3, selecting the sequence with the least frequency from all the sequences with the most frequency position points, and selecting the most frequent position point as a second group on the track where the sequence is positioned;
and 3.4, repeating the step 3.2 and the step 3.3, selecting other tracks to be placed in the first group and the second group until all tracks are placed in the classification tree, and obtaining the finally constructed classification tree.
2. The classification tree differential privacy protection method according to claim 1, wherein the adding noise to the data by the laplace mechanism in the step 3 comprises:
the privacy budget epsilon used in the iterative segmentation process of the classification tree is subjected to refinement segmentation by a Laplacian mechanism, and epsilon is evenly distributed to each increment update data set epsilon m ' will epsilon m ' average divided into two partsRespectively used for a Laplace mechanism in the data iteration process and adding Laplace noise into leaf nodes;
T.fwdarw.R for any function f d If the output result of algorithm a satisfies inequality a (T) =f (T) + the algorithm a is applied to the image data<Lap 1 (Δf/ε),Lap 2 (Δf/ε),…,Lap i (Δf/ε)>A satisfies epsilon differential privacy;
wherein T is the track data set, R is the real number threshold of the mapping, d is f:T.fwdarw.R d A (T) is the output result of algorithm A on track data set T, f (T) is the function f: T→R d Output results on track dataset T, lap i (Δf/ε); wherein i is more than or equal to 1 and less than or equal to d; are independent laplace variables.
CN202011227876.1A 2020-08-03 2020-11-06 Classification tree differential privacy protection method meeting LKC model Active CN112131608B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2020107667717 2020-08-03
CN202010766771.7A CN111859460A (en) 2020-08-03 2020-08-03 Classification tree difference privacy protection method meeting LKC model

Publications (2)

Publication Number Publication Date
CN112131608A CN112131608A (en) 2020-12-25
CN112131608B true CN112131608B (en) 2024-01-26

Family

ID=72952899

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202010766771.7A Pending CN111859460A (en) 2020-08-03 2020-08-03 Classification tree difference privacy protection method meeting LKC model
CN202011227876.1A Active CN112131608B (en) 2020-08-03 2020-11-06 Classification tree differential privacy protection method meeting LKC model

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202010766771.7A Pending CN111859460A (en) 2020-08-03 2020-08-03 Classification tree difference privacy protection method meeting LKC model

Country Status (1)

Country Link
CN (2) CN111859460A (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112560984B (en) * 2020-12-25 2022-04-05 广西师范大学 Differential privacy protection method for self-adaptive K-Nets clustering
CN113032399B (en) * 2021-03-30 2022-08-30 北京邮电大学 Data processing method and device
CN113722752B (en) * 2021-08-19 2024-04-09 国网电力科学研究院有限公司 Track privacy data publishing method, device and system based on LFP tree and proxy vector

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107526975A (en) * 2017-08-10 2017-12-29 中国人民大学 A kind of method based on difference secret protection decision tree
CN109145633A (en) * 2018-06-08 2019-01-04 浙江捷尚人工智能研究发展有限公司 Track data method for secret protection, electronic equipment, storage medium and system
CN109726594A (en) * 2019-01-09 2019-05-07 南京航空航天大学 A kind of novel track data dissemination method based on difference privacy
CN109726758A (en) * 2018-12-28 2019-05-07 辽宁工业大学 A kind of data fusion publication algorithm based on difference privacy
CN110750806A (en) * 2019-07-16 2020-02-04 黑龙江省科学院自动化研究所 TP-MFSA (TP-Multi-function document analysis) inhibition release-based high-dimensional position track data privacy protection release system and method
CN116611101A (en) * 2023-03-03 2023-08-18 广州大学 Differential privacy track data protection method based on interactive query

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10936750B2 (en) * 2018-03-01 2021-03-02 International Business Machines Corporation Data de-identification across different data sources using a common data model

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107526975A (en) * 2017-08-10 2017-12-29 中国人民大学 A kind of method based on difference secret protection decision tree
CN109145633A (en) * 2018-06-08 2019-01-04 浙江捷尚人工智能研究发展有限公司 Track data method for secret protection, electronic equipment, storage medium and system
CN109726758A (en) * 2018-12-28 2019-05-07 辽宁工业大学 A kind of data fusion publication algorithm based on difference privacy
CN109726594A (en) * 2019-01-09 2019-05-07 南京航空航天大学 A kind of novel track data dissemination method based on difference privacy
CN110750806A (en) * 2019-07-16 2020-02-04 黑龙江省科学院自动化研究所 TP-MFSA (TP-Multi-function document analysis) inhibition release-based high-dimensional position track data privacy protection release system and method
CN116611101A (en) * 2023-03-03 2023-08-18 广州大学 Differential privacy track data protection method based on interactive query

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
A trajectory data publishing algorithm satisfying local suppression;Xiaohui Li等;International Journal of Distributed Sensor Networks;1-9 *
位置轨迹隐私保护综述;马春光;张磊;杨松涛;;信息网络安全(第10期);24-31 *
基于非敏感信息分析的轨迹数据隐私保护发布;邓劲松;罗永龙;俞庆英;陈付龙;;计算机应用(第02期);支持局部抑制和序列重构的轨迹隐私保护方法 *
支持局部抑制和序列重构的轨迹隐私保护方法;邓劲松;罗永龙;俞庆英;陈付龙;;小型微型计算机系统(第03期);478-482 *
面向数据发布的位置服务隐私保护研究;白雨靓;中国优秀硕士学位论文全文数据库 信息科技辑(第3期);I138-26 *
面向轨迹数据发布的优化抑制差分隐私保护研究;白雨靓等;小型微型计算机系统;第42卷(第8期);1787-1792 *

Also Published As

Publication number Publication date
CN111859460A (en) 2020-10-30
CN112131608A (en) 2020-12-25

Similar Documents

Publication Publication Date Title
CN112131608B (en) Classification tree differential privacy protection method meeting LKC model
CN108363928B (en) Adaptive differential privacy protection method in associated medical data
Fung et al. Privacy-preserving data publishing: A survey of recent developments
US11893133B2 (en) Budget tracking in a differentially private database system
Hajian et al. A methodology for direct and indirect discrimination prevention in data mining
US8738636B2 (en) Ontology alignment with semantic validation
Du et al. Privacy-maxent: integrating background knowledge in privacy quantification
Rafiei et al. Group-based privacy preservation techniques for process mining
Wang et al. Generalized bucketization scheme for flexible privacy settings
Gkountouna et al. Anonymizing collections of tree-structured data
Aggarwal et al. Privacy-preserving data mining: a survey
US8775364B2 (en) Model-theoretic approach to data anonymity and inference control
Orooji et al. A novel microdata privacy disclosure risk measure
Moqurrab et al. UtilityAware: A framework for data privacy protection in e-health
CN116186757A (en) Method for publishing condition feature selection differential privacy data with enhanced utility
Kassem et al. Differential inference testing: A practical approach to evaluate sanitizations of datasets
US20230274004A1 (en) Subject Level Privacy Attack Analysis for Federated Learning
CN112822004B (en) Belief network-based targeted privacy protection data publishing method
Hua et al. A survey of utility-based privacy-preserving data transformation methods
CN114817977B (en) Anonymous protection method based on sensitive attribute value constraint
Hu et al. IceBerg: Deep Generative Modeling for Constraint Discovery and Anomaly Detection
Wang et al. HighPU: a high privacy-utility approach to mining frequent itemset with differential privacy
CN113722752B (en) Track privacy data publishing method, device and system based on LFP tree and proxy vector
Yu et al. Trajectory personalization privacy preservation method based on multi-sensitivity attribute generalization and local suppression
Fukuchi et al. Locally Differentially Private Minimum Finding

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant