计算机科学与探索 ›› 2019, Vol. 13 ›› Issue (2): 251-262.DOI: 10.3778/j.issn.1673-9418.1711017

• 网络与信息安全 • 上一篇    下一篇

局部差分隐私约束的链接攻击保护

杨高明,方贤进+,肖亚飞   

  1. 安徽理工大学 计算机科学与工程学院,安徽 淮南 232001
  • 出版日期:2019-02-01 发布日期:2019-01-25

Local Differential Privacy Against Link Attack

YANG Gaoming, FANG Xianjin+, XIAO Yafei   

  1. School of Computer Science and Engineering, Anhui University of Science and Technology, Huainan, Anhui 232001, China
  • Online:2019-02-01 Published:2019-01-25

摘要: 传统意义的交互式差分隐私保护模型对数据查询结果进行扰动,不能满足用户对数据的多样化需求。为有效使用数据并满足隐私保护要求,用局部差分隐私的思想,在随机响应的基础上实现数据集的链接攻击保护。首先,针对原始数据的分布情况,研究如何更好地选择随机转换矩阵[P,]在数据效用和隐私保护的基础上更好地实现链接隐私保护,从而避免身份披露和属性披露;其次,针对敏感、准标识符属性以及它们之间的组合讨论相应的隐私保护方法和数据效用的最大化,并给出数据扰动算法;最后,在已知数据分布均值和方差的基础上实验验证原始数据和扰动数据之间的KL-散度、卡方。实验结果表明所用随机化可以带来较小的效用损失。

关键词: 局部差分隐私, 随机响应, 链接攻击, 隐私保护

Abstract: The traditional interactive differential privacy model perturbs the data query results, which cannot satisfy the users?? diverse needs for data. In order to effectively use the data and meet the privacy protection requirements, this paper uses the idea of local differential privacy to realize the link attack protection for the data set on the basis of random response. Firstly, this paper studies how to choose the random conversion matrix P better according to the distribution of the original data, to better realize the link privacy protection and to achieve the balance between data utility and privacy protection, so as to avoid the identity disclosure and attribute disclosure. Secondly, for sensitive attribute, quasi-identifier (QI) attributes and their combination between them, this paper discusses the corresponding privacy protection and data utility maximization methods, and gives a data perturbation algorithm. Finally, on the basis of the mean and variance of the known data distributions, experiments are used to verify the KL-divergence and the chi-square between the original and the disturbance data. The experimental results show that the randomization in this paper can lead to less utility loss.

Key words: local differential privacy, randomized response, linking attack, privacy protection