Evaluating privacy threats in released database views by symmetric indistinguishability

Yao, Chao; Wang, Lingyu; Wang, X. Sean; Bettini, Cláudio; Jajodia, Sushil

doi:10.3233/jcs-2009-0317

Cited by 2 publications

(3 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Two important aspects of any privacy technique are uncertainty and indistinuishability [38,37]. Indistinuishability is defined as the inability of telling the difference among individuals in a group.…”

Section: Uncertainty and Indistinguishabilitymentioning

confidence: 99%

“…Indistinguishability. More strict notions (such as polynomial indistinguishability) are often used in cryptography, but in the database literature more practical metrics are usually applied, such as symmetric indistinguishability [38,37], defined next. Note that we do not publish T but publish both M () and its result on T , namely M (T ).…”

Section: Uncertainty and Indistinguishabilitymentioning

confidence: 99%

See 1 more Smart Citation

Publishing naive Bayesian classifiers

Mozafari

Zaniolo

2009

Proc. VLDB Endow.

View full text Add to dashboard Cite

We address the problem of publishing a Naïve Bayesian Classifier (NBC) or, equivalently, publishing the necessary views for building an NBC, while protecting privacy of the individuals who provided the training data. Our approach completely preserves the accuracy of the original classifier, and thus significantly improves on current approaches, such as randomization or anonymization, which typically degrade accuracy to preserve privacy. Current query-view security checkers address the question of 'Is the view safe to publish?' and are computationally expensive (often Π p 2 -complete). Here instead, we tackle the question of 'How to make a view safe to publish?' and propose a linear-time algorithm to publish safe NBCenabling views.We first show that a simple measure that restricts the ratios between the published NBC statistics is sufficient to prevent any breach of privacy. Then, we propose a linear-time algorithm to enforce this measure by producing perturbed statistics that assure both (i) individuals' privacy, and (ii) a classifier that behaves in the same way as the NBC trained on the original data. By carefully expressing the derived statistics using rational numbers, we can easily produce synthetic (sanitized) datasets. Thus, for any given dataset, we produce another dataset that is secure to publish (w.r.t. a uniform prior) and achieves the same classification accuracy. Finally, we extend our results by providing sufficient conditions to cope with arbitrary (non-uniform prior) distributions, and we validate their effectiveness in practice through experiments on real-world data.

show abstract

Section: Uncertainty and Indistinguishabilitymentioning

confidence: 99%

Section: Uncertainty and Indistinguishabilitymentioning

confidence: 99%

Publishing naive Bayesian classifiers

Mozafari

Zaniolo

2009

Proc. VLDB Endow.

View full text Add to dashboard Cite

show abstract

“…For example, Yao et al [23] introduce a method to determine if views from a database violate the k-anonymity principle, thus disclosing sensitive associations that originally exist in the database. In [24], methods for validating the uncertainty and indistinguishability of a set of releasing views over a private table are proposed. In addition, privacy leakage in a multi-party environment has been investigated [25].…”

Section: Related Workmentioning

confidence: 99%

Privacy Disclosure and Preservation in Learning with Multi-Relational Databases

Guo¹,

Viktor²,

Paquet³

2011

Journal of Computing Science and Engineering

View full text Add to dashboard Cite

There has recently been a surge of interest in relational database mining that aims to discover useful patterns across multiple interlinked database relations. It is crucial for a learning algorithm to explore the multiple inter-connected relations so that important attributes are not excluded when mining such relational repositories. However, from a data privacy perspective, it becomes difficult to identify all possible relationships between attributes from the different relations, considering a complex database schema. That is, seemingly harmless attributes may be linked to confidential information, leading to data leaks when building a model. Thus, we are at risk of disclosing unwanted knowledge when publishing the results of a data mining exercise. For instance, consider a financial database classification task to determine whether a loan is considered high risk. Suppose that we are aware that the database contains another confidential attribute, such as income level, that should not be divulged. One may thus choose to eliminate, or distort, the income level from the database to prevent potential privacy leakage. However, even after distortion, a learning model against the modified database may accurately determine the income level values. It follows that the database is still unsafe and may be compromised. This paper demonstrates this potential for privacy leakage in multi-relational classification and illustrates how such potential leaks may be detected. We propose a method to generate a ranked list of subschemas that maintains the predictive performance on the class attribute, while limiting the disclosure risk, and predictive accuracy, of confidential attributes. We illustrate and demonstrate the effectiveness of our method against a financial database and an insurance database. Category: Smart and intelligent computing

show abstract

Evaluating privacy threats in released database views by symmetric indistinguishability

Cited by 2 publications

References 38 publications

Publishing naive Bayesian classifiers

Publishing naive Bayesian classifiers

Privacy Disclosure and Preservation in Learning with Multi-Relational Databases

Contact Info

Product

Resources

About