fast data anonymization with low information loss
play

Fast Data Anonymization with Low Information Loss Gabriel Ghinita 1 - PowerPoint PPT Presentation

Mar 30, 2023 •288 likes •618 views

Fast Data Anonymization with Low Information Loss Gabriel Ghinita 1 Panagiotis Karras 2 Panos Kalnis 1 Nikos Mamoulis 2 1 National University of Singapore {ghinitag,kalnis}@comp.nus.edu.sg 2 Hong Kong University {pkarras,nikos}@cs.hku.hk

  1. Fast Data Anonymization with Low Information Loss Gabriel Ghinita 1 Panagiotis Karras 2 Panos Kalnis 1 Nikos Mamoulis 2 1 National University of Singapore {ghinitag,kalnis}@comp.nus.edu.sg 2 Hong Kong University {pkarras,nikos}@cs.hku.hk

  2. Privacy-Preserving Data Publishing ! Large amounts of public data " Research or statistical purposes " e.g. distribution of disease for age, city ! Data may contain sensitive information " Ensure data privacy

  3. Privacy Violation Example Age ZipCode Disease Name Age ZipCode Disease 42 52000 Ulcer Andy 42 52000 Ulcer 47 43000 Pneumonia Bill 47 43000 Pneumonia 51 32000 Flu Ken 51 32000 Flu 55 27000 Gastritis Nash 55 27000 Gastritis 62 41000 Dyspepsia Mike 62 41000 Dyspepsia 67 55000 Dyspepsia Sam 67 55000 Dyspepsia (a) Microdata (b) Voting Registration List (public)

  4. k -anonymity [Sam01] ! QID generalization or suppression Age ZipCode Disease Name Age ZipCode Disease 42-47 43000-52000 Ulcer Andy 42 52000 Ulcer or Pneumonia 42-47 43000-52000 Pneumonia Bill 47 43000 51-55 27000-32000 Flu Ken 51 32000 Flu or Gastritis 51-55 27000-32000 Gastritis Nash 55 27000 62-67 41000-55000 Dyspepsia Mike 62 41000 Dyspepsia 62-67 41000-55000 Dyspepsia Sam 67 55000 (a) 2-anonymous microdata (b) Voting Registration List (public) Privacy Violation! [Sam01] P. Samarati, "Protecting Respondent's Privacy in Microdata Release," in IEEE TKDE, vol. 13, n. 6, November/December 2001, pp. 1010-1027.

  5. ℓ -diversity [MGKV06] ! At least ℓ sensitive attribute (SA) values “well-represented” in each group " e.g. freq. of an SA value in a group < 1/ ℓ [MGKV06] A. Machanavajjhala et al. ℓ -diversity: Privacy Beyond k -anonymity, Proceedings of the 22nd International Conference on Data Engineering (ICDE), 2006

  6. Problem Statement ! Find k -anonymous/ ℓ -diverse transformation ! Minimize information loss ! Incur reduced anonymization overhead

  7. Contributions ! 1D QID " Linear, optimal k -anonymous partitioning " Polynomial, optimal ℓ -diverse partitioning " Linear heuristic for ℓ -diverse partitioning ! Generalization to multi-dimensional QID " Multi-to-1D mapping ! Hilbert Space-Filling Curve ! i-Distance " Apply 1D algorithms

  8. Multi-dimensional QID ! Dimensionality Mapping

  9. State-of-the-art: Mondrian [FWR06] k = 2 ! Generalization-based " data-space partitioning Age " similar to k-d-trees 20 40 60 ! split recursively as long as 40 privacy condition holds Weight 60 80 100 [FWR06] K. LeFevre et al. Mondrian Multidimensional k -anonymity, Proceedings of the 22nd International Conference on Data Engineering (ICDE), 2006

  10. Motivating Example Mondrian Age k-anonymity, k = 4 35 40 45 50 55 60 65 70 22 42 50 24 40 55 30 35 60 31 33 65 Weight 70 55 56 75 63 80 61 85

  11. Motivating Example Our Method Age k-anonymity, k = 4 35 40 45 50 55 60 65 70 22 42 50 24 40 55 30 35 60 31 33 65 Weight 70 55 56 75 63 80 61 85

  12. Motivating Example ℓ -diversity, ℓ = 3 Age 35 40 45 50 55 60 65 70 22 42 50 Mondrian 24 40 55 Performs 30 35 60 NO SPLIT! 31 33 65 Weight 70 55 56 75 63 80 61 85

  13. Motivating Example ℓ -diversity, ℓ = 3 Our Method Age 35 40 45 50 55 60 65 70 22 42 50 24 40 55 30 35 60 31 33 65 Weight 70 55 56 75 63 80 61 85

  14. State-of-the-art: Anatomy [XT06] ! Permutation-based method " discloses exact QID values " vulnerable to presence attacks “Anatomized” table |G|! permutations Age ZipCode Disease Age ZipCode Disease 42 52000 Ulcer(1) 42 52000 Ulcer Pneumonia(1) 47 43000 47 43000 Pneumonia 51 32000 Flu(1) 51 32000 Flu Dyspepsia(1) 62 41000 55 27000 Gastritis 55 27000 62 41000 Dyspepsia Gastritis(1) 67 55000 Dyspepsia(1) 67 55000 Dyspepsia [XT06] X. Xiao and Y. Tao. Anatomy: simple and effective privacy preservation, Proceedings of the 32nd international conference on Very Large Data Bases (VLDB), 2006

  15. Limitation of Anatomy SA: D3 D2 D1 Alzheimer QID: 20 40 60 80 100

  16. Information Loss (Numerical Data) Age 35 40 45 50 55 60 65 70 22 42 50 24 40 55 30 35 60 − 65 55 = IL ( G ) 31 33 G2 65 2 Weight Age − 70 35 − 65 50 70 = IL ( G ) 2 Weight − 55 56 85 50 75 63 80 61 85

  17. Information Loss (Categorical Data) IL = IL({Italy, Spain}) = 3/5

  18. Optimal 1D k -anonymity ! Properties of optimal solution " Groups do not overlap in QID space " Group size bounded by 2 k -1 ! DP Formulation O ( kN ) j : end record of i : end record candidates previous group for current group

  19. Optimal 1D ℓ -diversity ! Properties of optimal solution " Group size bounded by 2 ℓ -1 " But groups MAY overlap in QID space ! SA Domain Representation

  20. Group Order Property Optimal grouping violation of group order Order of groups in each domain is THE SAME

  21. Border Order Property Optimal grouping violation of border order “begin” and “end” records in each group follow the same order

  22. Cover Property Optimal grouping violation of cover order record r that can be added to two groups should belong to the “closest” group to r

  23. 1D ℓ -diversity Heuristic ! Optimal algorithm is polynomial " But may be costly in practice ! Linear heuristic algorithm " Considers single “frontier of search” " Frontier consists of first non-assigned record in each domain

  24. 1D ℓ -diversity Heuristic ! use “frontier” of search ! check “eligibility condition” (for termination) G 1 G 2 G 3 G 4 ℓ = 3

  25. Experimental Setting ! Census dataset " Data about 500,000 individuals ! General purpose information loss metric " Based on group extent in QID space ! OLAP query accuracy " KL-divergence pdf distance

  26. k -anonymity

  27. ℓ -diversity: General Info. Loss

  28. ℓ -diversity: General Info. Loss

  29. OLAP Queries ! Distance between actual and approximate OLAP cubes SELECT QT1, QT2,..., QTi, COUNT(*) FROM Data WHERE SA = val GROUP BY QT1, QT2,..., QTi

  30. OLAP Query Accuracy

  31. OLAP Query Accuracy

  32. Conclusions ! Framework for k -anonymity and ℓ -diversity " Transform the multi-D QID problem to 1-D " Apply linear optimal/heuristic 1D algorithms ! Results " Clearly superior utility to Mondrian, with comparable execution time " Similar (or better) utility as Anatomy for aggregate queries, where Anatomy excels

Recommend

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Recap/Taxonomy of Anonymization Microdata anonymization Microaggregation based anonymization Taxonomy of Anonymization Problem

620 views • 59 slides
Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference control Anonymization problem Anonymization notions and approaches (and how they fail to work!) k-anonymity l-diversity t-closeness

741 views • 51 slides
Booster Fast Loss Monitoring PIP Booster Workshop R.J. Tesarek 11/23/15 1 Fast Loss Monitor

Booster Fast Loss Monitoring PIP Booster Workshop R.J. Tesarek 11/23/15 1 Fast Loss Monitor

Booster Fast Loss Monitoring PIP Booster Workshop R.J. Tesarek 11/23/15 1 Fast Loss Monitor Module Fast Loss Monitors: Module Schematic sensitive to losses in single RF bucket (time resolved) 2nd Generation Module Design: 2 PMTs and

637 views • 26 slides
Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies

Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies

Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies PostgreSQL Anonymizer The Future 2 3 My Story 4 LETS DO THIS ! jailer pgantomizer ARX pgsync anomyze-it anonymizer mat2 Talend open

1.12k views • 77 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Clustering based anonymization (cont) Permutation based anonymization Other privacy principles Microaggregation/Clustering Two steps:

879 views • 52 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Permutation based anonymization methods (cont.) Other privacy principles for microdata publishing publishing Statistical databases

986 views • 51 slides
Data Anonymization Introduction Li Xiong CS573 Data Privacy and Security Outline

Data Anonymization Introduction Li Xiong CS573 Data Privacy and Security Outline

Data Anonymization Introduction Li Xiong CS573 Data Privacy and Security Outline Problem definition Principles Disclosure Control Methods Inference Control Access control: protecting information and information systems from

703 views • 52 slides
CS573 Data Privacy and Security Data Anonymization (cont.) Li Xiong Department of Mathematics

CS573 Data Privacy and Security Data Anonymization (cont.) Li Xiong Department of Mathematics

CS573 Data Privacy and Security Data Anonymization (cont.) Li Xiong Department of Mathematics and Computer Science Emory University Today Cont. Anonymization notions and approaches l-diversity t-closeness Takeaways Attacks on

192 views • 15 slides
Introduction to Anonymization (I) Claire McKay Bowen Postdoctoral Researcher, Los Alamos

Introduction to Anonymization (I) Claire McKay Bowen Postdoctoral Researcher, Los Alamos

DataCamp Data Privacy and Anonymization in R DATA PRIVACY AND ANONYMIZATION IN R Introduction to Anonymization (I) Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory DataCamp Data Privacy and Anonymization in R

609 views • 26 slides
Big Data and the application of anonymization techniques Annual Privacy Forum 2015 7-8 October,

Big Data and the application of anonymization techniques Annual Privacy Forum 2015 7-8 October,

Big Data and the application of anonymization techniques Annual Privacy Forum 2015 7-8 October, Luxembourg Giuseppe DAcquisto Garante per la protezione dei dati personali 1 The concept of anonymization My data 1 D.O.F Any person Empty

334 views • 12 slides
Quantifying the Risk of Re-identification in Data Anonymization Competition Takao Murakami

Quantifying the Risk of Re-identification in Data Anonymization Competition Takao Murakami

1 Quantifying the Risk of Re-identification in Data Anonymization Competition Takao Murakami (AIST*, Japan) *AIST: National Institute of Advanced Industrial Science &amp; Technology 2 Outline Data Anonymization Mechanism Plays an

543 views • 27 slides
Anonymization Algorithms - Microaggregation and Clustering Li Xiong CS573 Data Privacy and

Anonymization Algorithms - Microaggregation and Clustering Li Xiong CS573 Data Privacy and

Anonymization Algorithms - Microaggregation and Clustering Li Xiong CS573 Data Privacy and Anonymity Anonymization using Microaggregation or Clustering Practical Data-Oriented Microaggregation for Statistical Disclosure Control,

902 views • 55 slides
An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2

An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2

An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2 November 3, 2014 Workshop on Privacy in the Electronic Society, Scottsdale, Arizona, USA This Talk 1 The Art of Data Anonymization 2 The D4D Challenge 3

527 views • 51 slides
Data Anonymization Graham Cormode Graham Cormode graham@research.att.com 1 Why Anonymize?

Data Anonymization Graham Cormode Graham Cormode graham@research.att.com 1 Why Anonymize?

Data Anonymization Graham Cormode Graham Cormode graham@research.att.com 1 Why Anonymize? For Data Sharing Give real(istic) data to others to study without compromising privacy of individuals in the data Allows third-parties to try

728 views • 28 slides
Issues of Data Mining Kyle Borah OutLine Background Data Anonymization Encryption

Issues of Data Mining Kyle Borah OutLine Background Data Anonymization Encryption

Social &amp; Privacy Issues of Data Mining Kyle Borah OutLine Background Data Anonymization Encryption with demo OutLine Background Data Anonymization Encryption with demo Background Companies have your data

468 views • 12 slides
Data Anonymization that Towards Optimal . . . Leads to the Most Accurate First Result: . . . We

Data Anonymization that Towards Optimal . . . Leads to the Most Accurate First Result: . . . We

Need to Preserve Privacy How to Preserve . . . In Statistical Data . . . Estimating Accuracy . . . Data Anonymization that Towards Optimal . . . Leads to the Most Accurate First Result: . . . We Need to Dismiss . . . Estimates of

700 views • 22 slides
Towards Data Anonymization in Data Mining via Meta-Heuristic Approaches Fatemeh Amiri, Gerald

Towards Data Anonymization in Data Mining via Meta-Heuristic Approaches Fatemeh Amiri, Gerald

Towards Data Anonymization in Data Mining via Meta-Heuristic Approaches Fatemeh Amiri, Gerald Quirchmayr, Peter Kieseberg, Edgar Weippl, and Alessio Bertone University of Vienna, Faculty of Computer Science, Vienna, Austria SBA Research GmbH,

205 views • 17 slides
Tail Loss Probe (TLP) Converting RTOs to fast recoveries draft-dukkipati-tcpm-tcp-loss-probe-00

Tail Loss Probe (TLP) Converting RTOs to fast recoveries draft-dukkipati-tcpm-tcp-loss-probe-00

Tail Loss Probe (TLP) Converting RTOs to fast recoveries draft-dukkipati-tcpm-tcp-loss-probe-00 Nandita Dukkipati, Neal Cardwell, Yuchung Cheng, Matt Mathis {nanditad, ncardwell, ycheng, mattmathis}@google.com Losses hurt Web latency

206 views • 10 slides
Using Loss Data to Win Over Clients Webinar: June 29 th @ 11am EDT How can you use loss data to

Using Loss Data to Win Over Clients Webinar: June 29 th @ 11am EDT How can you use loss data to

Using Loss Data to Win Over Clients Webinar: June 29 th @ 11am EDT How can you use loss data to justify your coverage recommendations and help determine appropriate limits? When clients ask you for relevant loss examples, how do you respond and

341 views • 18 slides
Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573

Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573

Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573 Data Privacy and Anonymity So far k-anonymity (protect identity disclosure) Anonymization algorithms Generalization and suppression

549 views • 34 slides
De-anonymization of Insurance Applicants' Sensitive Information Team 3: Jay Lee, Maxim Castaneda,

De-anonymization of Insurance Applicants' Sensitive Information Team 3: Jay Lee, Maxim Castaneda,

De-anonymization of Insurance Applicants' Sensitive Information Team 3: Jay Lee, Maxim Castaneda, Rosalie Dolor To enhance insurance Goal companies best practices Benefits to Stakeholders by ensuring the clients privacy rights in the

136 views • 10 slides
Time Distortion Anonymization for the Publication of Mobility Data with High Utility Vincent

Time Distortion Anonymization for the Publication of Mobility Data with High Utility Vincent

Time Distortion Anonymization for the Publication of Mobility Data with High Utility Vincent Primault, Sonia Ben Mokhtar, Cdric Lauradoux and Lionel Brunie Mobility data usefulness Real-time traffic, traffic prediction Companies

619 views • 26 slides
Redis for Fast Data Ingest Agenda Fast Data Ingest and its challenges Redis for Fast

Redis for Fast Data Ingest Agenda Fast Data Ingest and its challenges Redis for Fast

Home of Redis Redis for Fast Data Ingest Agenda Fast Data Ingest and its challenges Redis for Fast Data Ingest Pub/Sub List Sorted Sets as a Time Series Database The Demo Scaling with Redis e Flash 2

435 views • 42 slides
Safely Sharing Data Between CSIRTs: The SCRUB* Security Anonymization Tool Infrastructure William

Safely Sharing Data Between CSIRTs: The SCRUB* Security Anonymization Tool Infrastructure William

Safely Sharing Data Between CSIRTs: The SCRUB* Security Anonymization Tool Infrastructure William Yurcik* &lt;byurcik@gmail.com&gt; Clay Woolam, Greg Hellings, Latifur Khan, Bhavani Thuraisingham University of Texas at Dallas 20 th Annual FIRST

172 views • 15 slides

More recommend