CN112131608B - Classification tree differential privacy protection method meeting LKC model - Google Patents
Classification tree differential privacy protection method meeting LKC model Download PDFInfo
- Publication number
- CN112131608B CN112131608B CN202011227876.1A CN202011227876A CN112131608B CN 112131608 B CN112131608 B CN 112131608B CN 202011227876 A CN202011227876 A CN 202011227876A CN 112131608 B CN112131608 B CN 112131608B
- Authority
- CN
- China
- Prior art keywords
- sequence
- data
- track
- data set
- classification tree
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 230000005764 inhibitory process Effects 0.000 claims abstract description 17
- 230000001629 suppression Effects 0.000 claims description 25
- 230000011218 segmentation Effects 0.000 claims description 6
- SLXKOJJOQWFEFD-UHFFFAOYSA-N 6-aminohexanoic acid Chemical compound NCCCCCC(O)=O SLXKOJJOQWFEFD-UHFFFAOYSA-N 0.000 claims description 3
- 238000013507 mapping Methods 0.000 claims description 3
- 230000000694 effects Effects 0.000 description 7
- 238000012545 processing Methods 0.000 description 5
- 230000007423 decrease Effects 0.000 description 4
- 238000002474 experimental method Methods 0.000 description 3
- 238000011160 research Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 208000024335 physical disease Diseases 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/29—Geographical information databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/906—Clustering; Classification
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Medical Informatics (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Remote Sensing (AREA)
- Computer Hardware Design (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a classification tree differential privacy protection method meeting an LKC model, which comprises the following steps: step 1, determining a sequence set needing global inhibition according to data to be distributed; step 2, calculating a newly generated minimum violation sequence according to the track data in the sequence set; wherein when a new minimum violation sequence is generated, the minimum violation sequence is discarded; and 3, when a new minimum violation sequence is not generated, establishing a classification tree according to the track data in the sequence set, and adding noise to the data through a Laplace mechanism to obtain release data.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a classification tree differential privacy protection method meeting an LKC model.
Background
The track data contains a large amount of personal information of mobile users, and researchers acquire a large amount of valuable information from the track data through analysis and exploration of the track data so as to study the privacy protection of the user information. If the trace data is not effectively privacy-protected before being distributed, an attacker who grasps the background knowledge can infer the privacy information of the user, such as physical diseases, household income and the like, by analyzing the trace data, which can cause economic loss of the user and even personal safety problems. If the original track data set is improperly processed in the release process, a great deal of loss of user information is caused, the availability and the integrity of release data are reduced, and the information waste is caused. It is a research topic to be solved to ensure that published track data does not reveal user privacy while having high data availability.
At present, a certain result is obtained for researching a privacy protection method in track data release. For example, mohammed et al propose an LKC privacy model applicable to RFID data, and implement the LKC privacy model using an anonymization algorithm. The algorithm firstly identifies the minimum violating sequence set in the track data set, then carries out global suppression on the violating sequence through a greedy method, and achieves the aim of reducing the maximum frequent sequence loss as much as possible, but the global suppression method needs to delete a large amount of data, and the data availability is not effectively improved. Chen et al propose the concept of local suppression through (K, C) L privacy models and algorithms. The algorithm firstly determines all sequences in the track data set which do not meet the requirements of the (K, C) L privacy model; and then simplifying the track data set by local inhibition on the premise of ensuring the efficient availability of the data. Ghasemzadeh et al studied the case of c=1 in the LKC-privacy model, and realized privacy protection of track data by global suppression; komishani et al propose a privacy protection algorithm for generalizing sensitive information, which implements suppression of a high-dimensional trajectory dataset by building a classification tree for sensitive information attributes, but suppresses a large amount of data due to uncertainty in the length of background knowledge mastered by an attacker, resulting in loss of the mining value of the dataset.
Disclosure of Invention
Based on the existing research results and the existing problems, the invention designs and develops a classification tree differential privacy protection method meeting the LKC model, and aims to solve the problems that the overall inhibition of track data can cause the reduction of data availability and the reduction of the risk of privacy leakage of users.
The technical scheme provided by the invention is as follows:
a classification tree differential privacy protection method meeting LKC model includes the following steps:
step 1, determining a sequence set needing global inhibition according to data to be distributed;
step 2, calculating a newly generated minimum violation sequence according to the track data in the sequence set;
wherein when a new minimum violation sequence is generated, the minimum violation sequence is discarded;
and 3, when a new minimum violation sequence is not generated, establishing a classification tree according to the track data in the sequence set, and adding noise to the data through a Laplace mechanism to obtain release data.
Preferably, in the step 2, calculating the newly generated minimum violation sequence includes:
step 2.1, finding out a minimum violation sequence set in the track data set from the sequence set, and determining a maximum frequent sequence set according to a given frequent threshold;
step 2.2, constructing an MFS tree, and determining the suppression sequence according to the suppression priority scores of the position points;
step 2.3, updating the MFS according to the suppression sequence;
and 2.4, recalculating the suppression priority scores of the rest position points, and updating the minimum violation sequence set to obtain the minimum violation sequence.
Preferably, in the step 2.2, the suppression priority score is
Where elimate (p) is the minimum number of violations that can be eliminated by position point p, and Loss (p) is the Loss of usefulness at position point p.
Preferably, in the step 2.2, the suppression is performed by selecting a point with the highest suppression priority score, and the order of the suppression is determined.
Preferably, in the step 2, the method further includes: when a new minimum violation sequence is generated, verifying whether a track data set of the track data meets an LKC-privacy model or not, and if the data sequence existing in the track data set cannot meet the LKC-privacy model, updating the minimum violation sequence until all the data sequences meet the LKC-privacy model;
wherein the trace data set of trace data satisfies an LKC-privacy model when:
|p|<L;
t (p) is not less than K; and
Conf(s|T(p))≤C;
in the formula, conf (s|T (P))= |T (P ∈s) |T (P) |, conf is a confidence threshold value calculated under different conditions, L is a maximum track length value mastered by an attacker, T is a track data set of all users, S is a sensitive attribute value in the data set T, P is any subsequence in the data set T, C is more than or equal to 0 and less than or equal to 1, S is epsilon S, C is a confidence threshold value of an anonymous set, and K is a number of hidden names in the sequence.
Preferably, in the step 3, the process of creating the classification tree includes the steps of:
step 3.1, initializing a track data set of all users, and selecting two groups of frequent sequences from the track data set of all users to construct a classification tree;
step 3.2, selecting a track sequence corresponding to the position point with the largest frequency as a first group according to the frequency of occurrence of any two position points in each track record;
step 3.3, selecting the sequence with the least frequency from all the sequences with the most frequency position points, and selecting the most frequent position point as a second group on the track where the sequence is positioned;
and 3.4, repeating the step 3.2 and the step 3.3, selecting other tracks to be placed in the first group and the second group until all tracks are placed in the classification tree, and obtaining the finally constructed classification tree.
Preferably, the adding noise to the data by the laplace mechanism in the step 3 includes:
the privacy budget epsilon used in the iterative segmentation process of the classification tree is subjected to refinement segmentation by a Laplacian mechanism, and epsilon is evenly distributed to each increment update data set epsilon m ' will epsilon m ' average divided into two partsRespectively used for a Laplace mechanism in the data iteration process and adding Laplace noise into leaf nodes;
for any function f T-R d If the output result of algorithm a satisfies inequality a (T) =f (T) + the algorithm a is applied to the image data<Lap 1 (Δf/ε),Lap 2 (Δf/ε),…,Lap i (Δf/ε)>A satisfies epsilon differential privacy;
wherein T is the track data set, R is the real number threshold of the mapping, d is f:T.fwdarw.R d A (T) is the output result of algorithm A on track data set T, f (T) is the function f: T→R d Output results on track dataset T, lap i (Δf/. Epsilon.) (1.ltoreq.i.ltoreq.d) is a Laplace variable independent of each other.
Compared with the prior art, the invention has the following beneficial effects: in the process of releasing track data, the availability of the track data is improved by replacing global inhibition with local inhibition, meanwhile, a classification tree is established according to user information in the track data set, noise is added to the data through a Laplacian mechanism, and the safety of the data to be released is improved while the availability of the data is ensured; experiments prove that compared with other algorithms, the algorithm provided by the method effectively reduces the MFS (maximum frequent item set) loss rate and the sequence loss rate, and the average relative error of counting queries is lower under the condition of the same privacy budget.
Drawings
Fig. 1 is a flowchart of a classification tree differential privacy protection method satisfying an LKC model according to the present invention.
FIG. 2 is a graph showing the effect of different K values on MFS loss rate according to the present invention.
FIG. 3 shows the effect of different K values on the sequence loss rate according to the present invention.
FIG. 4 is a graph showing the effect of different C values on MFS loss rate according to the present invention.
FIG. 5 shows the effect of different C values on the sequence loss rate according to the present invention.
Fig. 6 is the effect of data set length on average relative error when epsilon=0.5.
Fig. 7 is the effect of data set length on average relative error when epsilon=1.
Detailed Description
The present invention is described in further detail below with reference to the drawings to enable those skilled in the art to practice the invention by referring to the description.
As shown in fig. 1, the present invention provides a differential privacy protection method for classification trees, which satisfies an LKC model, considers the problem that global suppression of trace data causes reduced data availability, adopts local suppression to replace processing data, finds out an MVS set in the trace data set, finds out a maximum frequent sequence set according to a given frequent threshold E, constructs an MFS tree, determines the suppression order according to the suppression priority score of a location point, and updates a minimum violation sequence. When the noise is added, a classification tree algorithm is utilized, a Laplace noise mechanism is cited for protecting the data, so that the safety in the track data release process is improved, and the data loss rate caused by global inhibition is reduced; the method specifically comprises the following steps:
step 1, calculating newly generated minimum violation sequences (NewMVS): finding out the MVS set in the track data set, finding out the maximum frequent sequence set according to a given frequent threshold E, then constructing an MFS tree, determining the inhibition sequence according to an inhibition priority Score (p) of a position point p, wherein the inhibition priority Score = the number of MVSs (Eliminate (p)) which can be eliminated by the inhibition point p/the Loss of usefulness (Loss (p)) caused by the inhibition point p:
selecting a point p with the highest score each time, suppressing the sequence of the point p, updating the MFS (maximum frequent sequence), then recalculating the suppression priority scores of the rest position points, and updating the Minimum Violation Sequence (MVS) set;
step 2, verifying whether the track data set meets the LKC-privacy model to further judge whether the minimum violation sequence set needs to be continuously updated, if the sequence in the track data set does not meet the step 2, the minimum violation sequence set needs to be updated until all the sequences meet the step 2, judging whether a new minimum violation sequence is generated, if the new minimum violation sequence is generated, discarding the violation sequence, and if the new minimum violation sequence is not generated, building a classification tree according to sensitive information in the track data set;
wherein L is the maximum track length value mastered by an attacker, T is a track data set of all users, S is a sensitive attribute value in the data set T, K is the number of hidden names in the sequence, and the track data set T meets LKC-privacy and the following conditions only when any subsequence P in T is within |P| < L:
t (p) is not less than K, and T (p) is a user containing p in the track;
conf (s|T (P) is less than or equal to C, conf (s|T (P))= |T (P.u.s) |/|T (P) |, wherein Conf is an abbreviation of confidence, represents a confidence threshold (confidence threshold) calculated under different conditions, is used for being compared with a given confidence threshold C, 0 is less than or equal to C is less than or equal to 1, S epsilon S, C is the confidence threshold of an anonymity set, and the anonymity degree can be flexibly adjusted according to requirements;
step 3, building a classification tree: firstly, initializing a data set T, and selecting two groups of frequent sequences from a track data set to construct a classification tree; selecting a track sequence corresponding to the largest number of times as a first group according to the number of times of occurrence of any two position points in each track record, selecting the sequence with the smallest number of times from all sequences occurring at the position points, selecting the most frequent position point from the tracks where the sequence is located as a second group, and iteratively selecting other tracks to be placed in the two groups until all the tracks are placed in a classification tree, thereby constructing a classification tree
Step 4, reassigning privacy budget: the privacy budget epsilon used in the iterative segmentation process of the classification tree is subjected to a refinement segmentation scheme by a Laplacian mechanism, and epsilon is firstly averagely distributed to each increment update data set epsilon' m Then epsilon 'is added' m Is divided into two partsRespectively using Laplace mechanism in the data iteration process and adding Laplace noise into the leaf nodes;
step 5, adding noise: T.fwdarw.R for any function f d If the output result of algorithm a satisfies inequality a (T) =f (T) + with<Lap 1 (Δf/ε),Lap 2 (Δf/ε),…,Lap i (Δf/ε)>A satisfies epsilon-differential privacy; wherein T represents the trace dataset, R represents the real number threshold of the mapping, d represents f: T→R d A (T) represents the output result of algorithm A on track data set T, and f (T) represents the function f: T→R d Output results on track dataset T, lap i (Δf/. Epsilon.) (1.ltoreq.i.ltoreq.d) is a Laplace variable, noise level, independent of each otherThe magnitude is proportional to Δf and inversely proportional to ε.
Examples
In order to prove the effectiveness of the invention, the invention operates in a Python environment, and is realized by an algorithm implemented by Myeclipse integrated development software, and the invention is in an experimental hardware environment: the processor is an Intel (R) Core (TM) i7-5500U CPU 2.40GH and the RAM is an 8.0G, lnuix operating system, the invention adopts an open source data set provided by a Geolife project of Microsoft Asian institute to carry out experimental verification, and the data set comprises 18670 real user tracks and is widely applied to track data related research experiments.
As shown in fig. 2 to 5, the data loss is an important reference for measuring the availability of track data, and the present invention measures both the frequent sequence (MFS) and the track sequence:
(1) MFS data loss mfslass depends on the number of MFSs in the original trajectory data set and the number of MFSs remaining in the data set after the local suppression process:
wherein M (T) is the MFS number in the original track data set, and M (T) is the MFS number in the data set after the local inhibition processing;
(2) Track sequence loss TLoss depends on the number of sequences in the original track dataset and the number of sequences after data processing:
wherein L (T) is the number of tracks in the original track data set, and L (T) is the number of tracks in the data set after the local suppression processing.
As shown in fig. 6 and 7, the average relative error of the data is calculated by using the count query as a measure of data loss, and the count query R:
wherein R (T) represents a count query of the original dataset,the count query representing the processed dataset, b, is a rational constraint set to prevent denominator from being too small.
Experimental results
As shown in fig. 2 and 3, MFS loss and sequence loss increase with increasing K value, and data loss increases because increasing K value results in increasing Minimum Violation Sequences (MVSs) and thus increasing sequences that need to be suppressed. While another TP-NSA algorithm has some effect on reducing data loss compared to the figure, it represents that the KTP algorithm herein causes less loss of data.
As can be seen from fig. 4 and 5, as the C value increases, the MFS loss and the sequence loss decrease, and the increase in the C value decreases the number of Minimum Violating Sequences (MVSs) that need to be suppressed, so that both the MFS loss and the sequence loss decrease gradually. The data result shows that compared with another TP-NSA algorithm in the figure, the loss rate of data processing in the KTP algorithm representing the invention is lower.
As can be seen from fig. 6 and 7, the average relative error of the data gradually increases with the length of the trace data set, but the average relative error of the data decreases in both experiments under the condition that the privacy budget value is larger. Compared with another HDMPM algorithm in the figure, the CTL algorithm representing the invention is more effective, reduces average relative error, effectively protects the user track privacy and improves the usability of data.
Although embodiments of the present invention have been disclosed above, it is not limited to the details and embodiments shown and described, it is well suited to various fields of use for which the invention would be readily apparent to those skilled in the art, and accordingly, the invention is not limited to the specific details and illustrations shown and described herein, without departing from the general concepts defined in the claims and their equivalents.
Claims (2)
1. A classification tree differential privacy protection method meeting an LKC model is characterized by comprising the following steps:
step 1, determining a sequence set needing global inhibition according to data to be distributed;
step 2, calculating a newly generated minimum violation sequence according to the track data in the sequence set;
wherein when a new minimum violation sequence is generated, the minimum violation sequence is discarded;
step 3, when a new minimum violation sequence is not generated, establishing a classification tree according to track data in the sequence set, and adding noise to the data through a Laplace mechanism to obtain release data;
in said step 2, calculating the newly generated minimum violation sequence comprises:
step 2.1, finding out a minimum violation sequence set in the track data set from the sequence set, and determining a maximum frequent sequence set according to a given frequent threshold;
step 2.2, constructing an MFS tree, and determining the suppression sequence according to the suppression priority scores of the position points;
step 2.3, updating the MFS according to the suppression sequence;
step 2.4, recalculating suppression priority scores of other position points, and obtaining the minimum violation sequence after updating the minimum violation sequence set;
in the step 2.2, the suppression priority score is
Wherein elimate (p) is the minimum number of violations that can be eliminated by position point p, and Loss (p) is the Loss of usefulness of position point p;
in the step 2.2, selecting the point with the highest priority score for each inhibition to implement inhibition, and determining the order of inhibition;
in the step 2, further includes: when a new minimum violation sequence is generated, verifying whether a track data set of the track data meets an LKC-privacy model or not, and if the data sequence existing in the track data set cannot meet the LKC-privacy model, updating the minimum violation sequence until all the data sequences meet the LKC-privacy model;
wherein the trace data set of trace data satisfies an LKC-privacy model when:
|p|<L;
t (p) is not less than K; and
Conf(s|T(p))≤C;
in the formula, conf (s|T (P))= |T (P ∈s) |T (P) |, conf is a confidence threshold value calculated under different conditions, L is a maximum track length value mastered by an attacker, T is a track data set of all users, S is a sensitive attribute value in the data set T, P is any subsequence in the data set T, C is more than or equal to 0 and less than or equal to 1, S is epsilon S, C is a confidence threshold value of an anonymous set, and K is a hidden name number in the sequence;
in the step 3, the process of building the classification tree includes the following steps:
step 3.1, initializing a track data set of all users, and selecting two groups of frequent sequences from the track data set of all users to construct a classification tree;
step 3.2, selecting a track sequence corresponding to the position point with the largest frequency as a first group according to the frequency of occurrence of any two position points in each track record;
step 3.3, selecting the sequence with the least frequency from all the sequences with the most frequency position points, and selecting the most frequent position point as a second group on the track where the sequence is positioned;
and 3.4, repeating the step 3.2 and the step 3.3, selecting other tracks to be placed in the first group and the second group until all tracks are placed in the classification tree, and obtaining the finally constructed classification tree.
2. The classification tree differential privacy protection method according to claim 1, wherein the adding noise to the data by the laplace mechanism in the step 3 comprises:
the privacy budget epsilon used in the iterative segmentation process of the classification tree is subjected to refinement segmentation by a Laplacian mechanism, and epsilon is evenly distributed to each increment update data set epsilon m ' will epsilon m ' average divided into two partsRespectively used for a Laplace mechanism in the data iteration process and adding Laplace noise into leaf nodes;
T.fwdarw.R for any function f d If the output result of algorithm a satisfies inequality a (T) =f (T) + the algorithm a is applied to the image data<Lap 1 (Δf/ε),Lap 2 (Δf/ε),…,Lap i (Δf/ε)>A satisfies epsilon differential privacy;
wherein T is the track data set, R is the real number threshold of the mapping, d is f:T.fwdarw.R d A (T) is the output result of algorithm A on track data set T, f (T) is the function f: T→R d Output results on track dataset T, lap i (Δf/ε); wherein i is more than or equal to 1 and less than or equal to d; are independent laplace variables.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2020107667717 | 2020-08-03 | ||
CN202010766771.7A CN111859460A (en) | 2020-08-03 | 2020-08-03 | Classification tree difference privacy protection method meeting LKC model |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112131608A CN112131608A (en) | 2020-12-25 |
CN112131608B true CN112131608B (en) | 2024-01-26 |
Family
ID=72952899
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010766771.7A Pending CN111859460A (en) | 2020-08-03 | 2020-08-03 | Classification tree difference privacy protection method meeting LKC model |
CN202011227876.1A Active CN112131608B (en) | 2020-08-03 | 2020-11-06 | Classification tree differential privacy protection method meeting LKC model |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010766771.7A Pending CN111859460A (en) | 2020-08-03 | 2020-08-03 | Classification tree difference privacy protection method meeting LKC model |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN111859460A (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112560984B (en) * | 2020-12-25 | 2022-04-05 | 广西师范大学 | Differential privacy protection method for self-adaptive K-Nets clustering |
CN113032399B (en) * | 2021-03-30 | 2022-08-30 | 北京邮电大学 | Data processing method and device |
CN113722752B (en) * | 2021-08-19 | 2024-04-09 | 国网电力科学研究院有限公司 | Track privacy data publishing method, device and system based on LFP tree and proxy vector |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107526975A (en) * | 2017-08-10 | 2017-12-29 | 中国人民大学 | A kind of method based on difference secret protection decision tree |
CN109145633A (en) * | 2018-06-08 | 2019-01-04 | 浙江捷尚人工智能研究发展有限公司 | Track data method for secret protection, electronic equipment, storage medium and system |
CN109726594A (en) * | 2019-01-09 | 2019-05-07 | 南京航空航天大学 | A kind of novel track data dissemination method based on difference privacy |
CN109726758A (en) * | 2018-12-28 | 2019-05-07 | 辽宁工业大学 | A kind of data fusion publication algorithm based on difference privacy |
CN110750806A (en) * | 2019-07-16 | 2020-02-04 | 黑龙江省科学院自动化研究所 | TP-MFSA (TP-Multi-function document analysis) inhibition release-based high-dimensional position track data privacy protection release system and method |
CN116611101A (en) * | 2023-03-03 | 2023-08-18 | 广州大学 | Differential privacy track data protection method based on interactive query |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10936750B2 (en) * | 2018-03-01 | 2021-03-02 | International Business Machines Corporation | Data de-identification across different data sources using a common data model |
-
2020
- 2020-08-03 CN CN202010766771.7A patent/CN111859460A/en active Pending
- 2020-11-06 CN CN202011227876.1A patent/CN112131608B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107526975A (en) * | 2017-08-10 | 2017-12-29 | 中国人民大学 | A kind of method based on difference secret protection decision tree |
CN109145633A (en) * | 2018-06-08 | 2019-01-04 | 浙江捷尚人工智能研究发展有限公司 | Track data method for secret protection, electronic equipment, storage medium and system |
CN109726758A (en) * | 2018-12-28 | 2019-05-07 | 辽宁工业大学 | A kind of data fusion publication algorithm based on difference privacy |
CN109726594A (en) * | 2019-01-09 | 2019-05-07 | 南京航空航天大学 | A kind of novel track data dissemination method based on difference privacy |
CN110750806A (en) * | 2019-07-16 | 2020-02-04 | 黑龙江省科学院自动化研究所 | TP-MFSA (TP-Multi-function document analysis) inhibition release-based high-dimensional position track data privacy protection release system and method |
CN116611101A (en) * | 2023-03-03 | 2023-08-18 | 广州大学 | Differential privacy track data protection method based on interactive query |
Non-Patent Citations (6)
Title |
---|
A trajectory data publishing algorithm satisfying local suppression;Xiaohui Li等;International Journal of Distributed Sensor Networks;1-9 * |
位置轨迹隐私保护综述;马春光;张磊;杨松涛;;信息网络安全(第10期);24-31 * |
基于非敏感信息分析的轨迹数据隐私保护发布;邓劲松;罗永龙;俞庆英;陈付龙;;计算机应用(第02期);支持局部抑制和序列重构的轨迹隐私保护方法 * |
支持局部抑制和序列重构的轨迹隐私保护方法;邓劲松;罗永龙;俞庆英;陈付龙;;小型微型计算机系统(第03期);478-482 * |
面向数据发布的位置服务隐私保护研究;白雨靓;中国优秀硕士学位论文全文数据库 信息科技辑(第3期);I138-26 * |
面向轨迹数据发布的优化抑制差分隐私保护研究;白雨靓等;小型微型计算机系统;第42卷(第8期);1787-1792 * |
Also Published As
Publication number | Publication date |
---|---|
CN111859460A (en) | 2020-10-30 |
CN112131608A (en) | 2020-12-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112131608B (en) | Classification tree differential privacy protection method meeting LKC model | |
CN108363928B (en) | Adaptive differential privacy protection method in associated medical data | |
Fung et al. | Privacy-preserving data publishing: A survey of recent developments | |
US11893133B2 (en) | Budget tracking in a differentially private database system | |
Hajian et al. | A methodology for direct and indirect discrimination prevention in data mining | |
US8738636B2 (en) | Ontology alignment with semantic validation | |
Du et al. | Privacy-maxent: integrating background knowledge in privacy quantification | |
Rafiei et al. | Group-based privacy preservation techniques for process mining | |
Wang et al. | Generalized bucketization scheme for flexible privacy settings | |
Gkountouna et al. | Anonymizing collections of tree-structured data | |
Aggarwal et al. | Privacy-preserving data mining: a survey | |
US8775364B2 (en) | Model-theoretic approach to data anonymity and inference control | |
Orooji et al. | A novel microdata privacy disclosure risk measure | |
Moqurrab et al. | UtilityAware: A framework for data privacy protection in e-health | |
CN116186757A (en) | Method for publishing condition feature selection differential privacy data with enhanced utility | |
Kassem et al. | Differential inference testing: A practical approach to evaluate sanitizations of datasets | |
US20230274004A1 (en) | Subject Level Privacy Attack Analysis for Federated Learning | |
CN112822004B (en) | Belief network-based targeted privacy protection data publishing method | |
Hua et al. | A survey of utility-based privacy-preserving data transformation methods | |
CN114817977B (en) | Anonymous protection method based on sensitive attribute value constraint | |
Hu et al. | IceBerg: Deep Generative Modeling for Constraint Discovery and Anomaly Detection | |
Wang et al. | HighPU: a high privacy-utility approach to mining frequent itemset with differential privacy | |
CN113722752B (en) | Track privacy data publishing method, device and system based on LFP tree and proxy vector | |
Yu et al. | Trajectory personalization privacy preservation method based on multi-sensitivity attribute generalization and local suppression | |
Fukuchi et al. | Locally Differentially Private Minimum Finding |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |