Privacy Preserving Data Mining. Danushka Bollegala COMP 527

Transcription

1 Privacy Preserving ata Mining anushka Bollegala COMP 527

2 Privacy Issues ata mining attempts to ind mine) interesting patterns rom large datasets However, some o those patterns might reveal inormation that users would not like to be disclosed diseases/medical records o patients credit worthiness past conviction records exam marks? It is like that an organization X and Y possess mutually useul data, and would like to use each other s data or data mining, but do not want to share the actual data. Can data mining and privacy co-exist? Privacy Preserving ata Mining PPM) 2

3 Privacy Preserving ata Mining PPM) PPM is a sub-ield in M that studies methods that can be used to perorm various data mining tasks e.g. decision tree learning, k-means clustering etc.) at the same time preserving the privacy o the users. Two main approaches exist Anonymization perturb with noise, abstract) Add some noise to the data points so that it is not possible to uniquely determine a user We would like to add the least amount o noise such that it is easier to perorm data mining tasks on the anonymized data. Encryption perorm M tasks on encrypted data) Each party that possess some data encrypts their data using their private keys. We will perorm M operations directly on the encrypted data Secure but is time consuming encryption/decryption) 3

4 inning Cryptographers A group o cryptographers go out or dinner. Ater the dinner the waiter brings the bill and says it has already been paid or. However, the cryptographers are uneasy about this and would like to know whether any one o them paid the bill or was it an outsider. The cryptographer who paid the bill i some one rom this group did so) would like to keep this act a secret. Conditions waiter is honest and cannot be bribed. How can we ind out whether some one in this group paid the bill or was it an outsider NSA paid the bill!)? 4

5 Two Millionaires Problem Two millionaires want to know who has more money. But they do not want to disclose their wealth. c. Yao s millionaires problem 5

6 Secure istributed Sum s 1 = v 1 + R s 6 = s 5 + v s 2 = s 1 + v s 3 = s 2 + v 3 s 5 = s 4 + v 5 4 s 4 = s 3 + v 4 Can we compute the sum without revealing the individual numbers? v 1 + v 2 + v 3 + v 4 + v 5 + v 6 6

7 Link Attack Although we might have anonymized two databases, by combining linking) the two we might be able to identiy the users. Can identiy the medical record o the MA mayor by linking the voting database and medical record database. 87% o the people can be identiied by combining zipcode, sex, and date o birth according to 1990 US census. 6 people have the date o birth same as the mayor s. 3 males 1 matches the zip code! 7

8 Explicit identiiers Anonymization Can uniquely identiy a person. Needs to be deleted or anonymized Quasi identiiers QI) By combining with external resources can be used to identiy a person name date o birth sex zip disease Mark Taylor 21/1/70 M inluenza Ann Silvia 10/1/81 F AIS Lindsay Smith 1/10/44 F tooth ache Michael Jordon 21/2/84 M bronchitis Steve Jobs 19/4/72 M cancer 8

9 k-anonymity Proposed by Sweeney and Samarati [2001, 2002] By modiying the quasi identiiers anonymize an individual with k-1) others in the database. In a k-anonymized database, we will have at least k dierent individuals with the same combination o values or the quasi identiiers. The probability o uniquely identiying an individual via a link attack reduces to 1/k. Techniques or implementing k-anonymity Generalization Suppression 9

10 original data Example date o birth sex zipcode 21/1/79 Male /1/79 Female /10/44 Female /2/83 Male /4/82 Male 2237 k-anonymized data group 1 date o birth sex zipcode */1/79 Human 5**** */1/79 Human 5**** suppress 1/10/44 Female group 2 */*/8* Male 22** */*/8* Male 22** 10

11 Generalization/Abstraction Given a hierarchy ontology) o concepts/attributes, various generalization methods exist. We must select the generalization method with the least compromise with the anonymization. proessions proessionals artists engineer medic actor musician 11

12 Minimal distortion metric M) The number o data points entries/records/rows) lost due to anonymization. e.g. I we anonymize 5 males/emales as human then M = 5. Anonymization has a trade-o between the distortion and the level o privacy achieved. IGPLs) = Inormation Gain IG) Privacy Loss PL) 12

13 Issues o k-anonymity Ater anonymization we can still make some inerences about a particular individual because there is no noise in the data. When the dimensionality o the data increases, the probability o uniquely identiying an individual increases or a ixed k value. I John is rom Keral and is 19 years ol then we know that he has cancer, heart diseases, or viral inection. slide credit: Wikipedia 13

14 ierential Privacy Let us assume that we have two databases 1 and 2 that are diering in only one record. External users must not be able to identiy this record by issuing any queries to 1 and 2. We must answer to the queries issues to 1 and 2 such that the answer contains suicient noise to avoid revealing the diering record. 1 2 α 14

15 Example atabase o a hospital H beore and ater John has been admitted No o patients with lu = 10 No o patients with lu = 11 getflupatients) = getflupatients) = 11-2 We answer the query asked via a unction ) using some noise shown in red so that an attacker will not be able to ind out that John has lu. 15

16 ierential Privacy 16 t = X)+Y pt 1)) apple e pt 2)) log pt 1)) pt 2)) apple Laplace )= 1 2 exp t p t t t t t p t p exp 2) 1) exp 2) 1) exp 2) 1) exp / 2) exp / 1) exp 2)) 1)) Laplace X t Y Laplace X t p Y p ~ ) ) 2 1 max ,

17 Privacy using Encryption A and B would like to perorm data mining using both their databases. But they do not want to share their raw data. Solution Encrypt the data using their public keys and perorm statistical operation on the encrypted data. An important property o the homomorphic encryption I we denote the encryption o a message x using a public key pk as Epkx), then the ollowing holds Epkx + y) = Epkx) x Epky) In RSA or example Epkx) = xe mod m, where m is the public key and e is an exponent. 17

18 Applications k-means clustering over a distributed database. Each party has a subset o non-overlapping) attributes. We would like to cluster the data using k-means but do not want the parties to share their attributes. vertical partitioning o a database Clustering data points based on each partition might lead to incorrect results. 18

19 Vertical partitioning o a database age sex height weight proession location 19

20 Issues o cryptography-based PPM Slow in practice Multiple encryption-decryption steps required, which can be slow or large databases. k-means or a database with 1000 records taking as much as one hour! Tend to be complicated algorithms see Vaidya+Cliton K 03 or the details o the vertical partitioned k-means algorithm 20