KR102648905B1 - Method and device for privacy-constrained data perturbation - Google Patents

Abstract

A data modification method and device capable of setting a privacy protection level are disclosed. The data modification method capable of setting the privacy protection level is a data modification method performed by a computing device including at least a processor, and includes the steps of obtaining data including a plurality of records each having a plurality of attribute values. , generating a modified record by adding noise to one of the plurality of records, and determining whether the modified record satisfies a predetermined privacy protection level.

Description

Data tampering method and device capable of setting a privacy protection level {METHOD AND DEVICE FOR PRIVACY-CONSTRAINED DATA PERTURBATION}

The present invention relates to a data modification method that can set a privacy protection level.

Data privacy is very important because databases contain sensitive personal information that should not be disclosed during analysis or disclosure. Data perturbation means creating usable data while ensuring anonymity by changing the original data. Data modification is efficient when distributing data that requires privacy protection. The data modulation method used to date is a method in which the data processor adds random noise to the original data according to the subjectivity, and there is no quantitative indicator for the degree of privacy protection.

Therefore, the present invention proposes quantitative privacy protection standards for falsifying relational data and proposes a new data falsification technique that satisfies these standards.

Republic of Korea Patent Publication No. 2019-0010091 (published on January 30, 2019) Republic of Korea Patent No. 1652328 (announced on August 31, 2016) Republic of Korea Patent Publication No. 2022-0003380 (published on January 10, 2022) Republic of Korea Patent No. 2035796 (announced on October 24, 2019)

The technical problem to be achieved by the present invention is to provide a data modification method that can set a privacy protection level.

A data modulation method according to an embodiment of the present invention is a data modulation method performed by a computing device including at least a processor, and includes the steps of obtaining data including a plurality of records each having a plurality of attribute values. , generating a modified record by adding noise to one of the plurality of records, and determining whether the modified record satisfies a predetermined privacy protection level.

In the case of using a data modification method and device that can set a privacy protection level according to an embodiment of the present invention, it is possible to obtain a modified data set that satisfies the set protection level.

In order to more fully understand the drawings cited in the detailed description of the present invention, a detailed description of each drawing is provided.
Figure 1 shows Algorithm 1, representing the ρ-RDP framework.
Figure 2 shows query results according to an embodiment of the present invention.
Figure 3 is a flowchart for explaining a data modulation method according to an embodiment of the present invention.

Specific structural or functional descriptions of the embodiments according to the concept of the present invention disclosed in this specification are merely illustrative for the purpose of explaining the embodiments according to the concept of the present invention. They may be implemented in various forms and are not limited to the embodiments described herein.

Since the embodiments according to the concept of the present invention can make various changes and have various forms, the embodiments will be illustrated in the drawings and described in detail in this specification. However, this is not intended to limit the embodiments according to the concept of the present invention to specific disclosed forms, and includes all changes, equivalents, or substitutes included in the spirit and technical scope of the present invention.

Terms such as first or second may be used to describe various components, but the components should not be limited by the terms. The above terms are used only for the purpose of distinguishing one component from another component, for example, without departing from the scope of rights according to the concept of the present invention, a first component may be named a second component and similarly a second component The component may also be named a first component.

When a component is said to be “connected” or “connected” to another component, it is understood that it may be directly connected to or connected to that other component, but that other components may also exist in between. It should be. On the other hand, when it is mentioned that a component is “directly connected” or “directly connected” to another component, it should be understood that there are no other components in between. Other expressions that describe the relationship between components, such as "between" and "immediately between" or "neighboring" and "directly adjacent to" should be interpreted similarly.

The terms used in this specification are only used to describe specific embodiments and are not intended to limit the invention. Singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, terms such as “comprise” or “have” are intended to designate the presence of features, numbers, steps, operations, components, parts, or combinations thereof described in this specification, but are not intended to indicate the presence of one or more other features. It should be understood that this does not exclude in advance the possibility of the existence or addition of elements, numbers, steps, operations, components, parts, or combinations thereof.

Unless otherwise defined, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by a person of ordinary skill in the technical field to which the present invention pertains. Terms as defined in commonly used dictionaries should be interpreted as having meanings consistent with the meanings they have in the context of the related technology, and unless clearly defined in this specification, should not be interpreted in an idealized or overly formal sense. No.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings attached to this specification. However, the scope of the patent application is not limited or limited by these examples. The same reference numerals in each drawing indicate the same members.

Data privacy is very important in the fields of data analysis and data mining. However, traditional de-identification techniques are not sufficient to protect individual privacy. There have been real cases of re-identification from de-identified datasets, such as in the case of AOL or Netflix. Additionally, various privacy breach scenarios are known, such as membership inference or model inversion attacks. In order to solve this problem, the present invention proposes a data modification method that can set the privacy protection level.

Relationship R consists of N records r _i (i=1~N, N is any natural number). Here, record r _i consists of M independent attribute values r _ij (j=1~M, 0≤r _ij ≤1, M is any natural number). All properties are continuous and have the range [0,1]. In fact, any number can be used, with appropriate scaling and transforming. Categorical attributes can also be used, provided the associated scoring functions and distance measures are specified. In the present invention, it is assumed that the relationship does not contain any identifying attributes.

Definition 1 (RDP): For a relationship R of N records with M attributes, the problem of relational data perturbation is the problem of relational data perturbation of N data records from R. The goal is to create a relationship R′ containing . here, (i=1~N,j=1~M), and X is random noise within [-1,1].

RDP randomizes attribute values of original data records. Due to randomness, privacy leaks are limited to probabilities. However, there is no standard for the degree of protection, making it difficult to use. Therefore, a privacy protection standard that can serve as a standard is needed.

Definition 2 (ρ-safeness, ρ-safety) : r _i and If the dissimilarity between them is greater than ρ(0≤ρ≤1), the tampered record can be said to be 'ρ-safe' compared to the original record r _i . Here, r _i and The dissimilarity between am.

The dissimilarity is between two records r _i in M-dimensional space. It represents the ratio of the distance between them. In the present invention, Manhattan (L ₁ ) distance is used to measure dissimilarity. The privacy safety between r(0.3) and r′(0.7) is 0.4. Record r′(0.1,0.4) is 0.45 privacy-secure compared to the original record r(0.4,0.1).

Definition 3 (ρ-RDP) : For a relation R with N records and M attributes, the problem of relational data tampering with a level of privacy protection with privacy stability ρ is the problem of tampering with N data records from R. ; is to create a relationship R′ with . Here, X is the noise in [-1,1], and the dissimilarity (ri, )>ρ.

ρ-RDP randomizes the attribute values of original data records so that all records are 'ρ-safe'.

Data modification methods that can set the level of privacy protection

Algorithm 1 shown in Figure 1 illustrates the ρ-RDP framework. The algorithm adds noise X to each r _ij (Line 4) and checks the privacy protection procedure (Lines 6-7). If the modulated value does not meet the privacy protection level, the modulation is performed again. For noise generation, the following two methods can be considered.

1. Uniform noise: |X| ~U(0,1)

2. Laplace noise: |X| ~ Lap (ρ,0.1)

In the case of uniform noise, values within [0,1] are randomly selected and added (or subtracted) to the original attribute value r _ij . However, although noise is necessary for ρ-safety, too much noise is undesirable. This is because it can reduce data utility. The required ρ-safety (i.e. ), the error, that is, the difference between the original value and the modulated value, can be minimized. To provide an appropriate amount of noise, Laplace noise may be chosen. However, the scope of the present invention is not limited thereto. In the case of Laplace noise, noise can be generated from the Laplace distribution with a mean ρ. At this time, for simplicity, the scale parameter '0.1' can be used.

performance evaluation

Below, we will focus on data usability when using the present invention.

[Table 1]

First, statistics of the original relationship and the modulated relationship were calculated using synthetic data with various settings (N=1,000 and 10,000; M=10 and 20; ρ=0.01 and 0.1; uniform/normal distributions of source data). Compare. Table 1 shows the average results for over 20 trials. Here, MAE (Mean Absolute Error), VAE (Variance of Absolute Errors), and JSD (Jensen-Shannon distance) were used. When calculating JSD, the modulated value was included in [0,1].

Next, we compared the performance of linear queries. Linear query is one of the widely used queries in the field of data analysis. Four queries L ₁ to L ₄ were used as shown below, and the results are shown in Figure 2.

Lastly, data usefulness was evaluated by comparing the results of an aggregation query using the actual data set (UCI adult data) (Table 2). In this experiment, only numeric attributes were modulated. SQL queries A ₁ to A ₄ were used as shown below.

[Table 2]

In all experiments, the performance of the Laplace noise method was higher than that of the uniform noise method. This is because the amount of noise through the Laplace noise technique is appropriate to satisfy the given privacy protection level. Additionally, the distribution of the source data was better preserved when using the Laplace noise technique. Clearly, modulation with small ρ values gave more accurate results.

Figure 3 is a flowchart for explaining a data modulation method according to an embodiment of the present invention. The data modulation method described with reference to FIG. 3 may be performed by a computing device including at least a processor and/or memory. Accordingly, at least some of the steps of the data modulation method may be understood as operations of the processor of the computing device. Additionally, computing devices include personal computers (PCs), laptop computers, tablet PCs, servers, etc., and may be referred to as data modulation devices.

First, data to be modulated is obtained (S110). Data includes multiple records, and each record may have multiple attribute values. Additionally, data may refer to relational data. Data may be received through a certain wired or wireless communication network or from a storage device such as a USB memory device.

Data modulation may be performed on each record included in the data (S120). Data modulation can be performed by adding (or subtracting) arbitrary noise to the original record. At this time, noise may mean Laplace noise.

With respect to the modified record to which noise has been added, a determination may be made as to whether or not it satisfies a predetermined privacy protection level (which may also be named stability, etc.) (S130). At this time, if the tampered record does not satisfy the predetermined protection level, step S120 is performed again to perform a tampering operation on the record.

To determine whether a predetermined level of protection is satisfied, the dissimilarity between the tampered record and the original record (record before tampering) can be calculated. At this time, if the dissimilarity is greater than a predetermined threshold (which may mean a protection level) (which may include the same case depending on the embodiment), safety may be determined to be satisfied, and the dissimilarity may be greater than the predetermined threshold. If it is small (the same case may be included depending on the embodiment), it may be determined that safety is not satisfied.

Afterwards, it is determined whether the alteration of all records included in the data has been completed (S140). If there are records in the data that have not yet been tampered with, the process can be performed again from step S120. Through this, all records included in the data can be altered to satisfy predetermined privacy protection procedures.

The device described above may be implemented as a hardware component, a software component, and/or a set of hardware components and software components. For example, devices and components described in the embodiments include, for example, a processor, a controller, an Arithmetic Logic Unit (ALU), a Digital Signal Processor, a microcomputer, a Field Programmable Array (FPA), It may be implemented using one or more general-purpose or special-purpose computers, such as a Programmable Logic Unit (PLU), microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. Additionally, a processing device may access, store, manipulate, process, and generate data in response to the execution of software. For ease of understanding, a single processing device may be described as being used; however, those skilled in the art will understand that a processing device may include multiple processing elements and/or multiple types of processing elements. It can be seen that it may include. For example, a processing device may include a plurality of processors or one processor and one controller. Additionally, other processing configurations, such as parallel processors, are also possible.

Software may include a computer program, code, instructions, or a combination of one or more of these, and may configure a processing unit to operate as desired, or may be processed independently or collectively. You can command the device. Software and/or data may be used on any type of machine, component, physical device, virtual equipment, computer storage medium or device to be interpreted by or to provide instructions or data to a processing device. , or may be permanently or temporarily embodied in a transmitted signal wave. Software may be distributed over networked computer systems and stored or executed in a distributed manner. Software and data may be stored on one or more computer-readable recording media.

The method according to the embodiment may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, etc., singly or in combination. Program instructions recorded on the medium may be specially designed and configured for the embodiment or may be known and available to those skilled in the art of computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks, and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. -Includes specially configured hardware devices to store and execute program instructions, such as magneto-optical media, ROM, RAM, flash memory, etc. Examples of program instructions include machine language code, such as that produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter, etc. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

The present invention has been described with reference to the embodiments shown in the drawings, but these are merely illustrative, and those skilled in the art will understand that various modifications and other equivalent embodiments are possible therefrom. For example, the described techniques are performed in a different order than the described method, and/or components of the described system, structure, device, circuit, etc. are combined or combined in a different form than the described method, or other components are used. Alternatively, appropriate results may be achieved even if substituted or substituted by an equivalent. Therefore, the true scope of technical protection of the present invention should be determined by the technical spirit of the attached registration claims.

Claims (6)

In a data modulation method performed by a computing device including at least a processor,
Obtaining data including a plurality of records each having a plurality of attribute values;
generating a modulated record by adding noise to one of the plurality of records; and
A step of determining whether the altered record satisfies a predetermined level of privacy protection,
The above judgment step is,
calculating dissimilarity between the modulated data and the one record;
comparing the dissimilarity to a predetermined threshold; and
If the dissimilarity exceeds the predetermined threshold, determining that the privacy protection level is satisfied, and if the dissimilarity is less than the predetermined threshold, determining that the privacy protection level is not satisfied. do,
The dissimilarity is calculated by the equation,
The above equation is ego,
The r _i is the one record,
remind is the modified record,
The r _ij is the jth attribute value of the r _i ,
remind above is the jth attribute value of
Where M is the number of attributes,
Methods of data tampering. delete According to paragraph 1,
If it is determined that the level of privacy protection is not satisfied in the above determination step,
Performing the step of adding noise to the one record to create a modulated record again,
Methods of data tampering. According to paragraph 3,
Further comprising determining whether modulation has been performed on all of the plurality of records,
Methods of data tampering. delete According to paragraph 1,
The noise is randomly selected noise with a Laplace distribution,
Methods of data tampering.

Images