Degree Of Privacy Protection Research Articles

Privacy-Preserving Data Analytics in Internet of Medical Things

The healthcare sector has changed dramatically in recent years due to depending more and more on big data to improve patient care, enhance or improve operational effectiveness, and forward medical research. Protecting patient privacy in the era of digital health records is a major challenge, as there could be a chance of privacy leakage during the process of collecting patient data. To overcome this issue, we propose a secure, privacy-preserving scheme for healthcare data to ensure maximum privacy of an individual while also maintaining their utility and allowing for the performance of queries based on sensitive attributes under differential privacy. We implemented differential privacy on two publicly available healthcare datasets, the Breast Cancer Prediction Dataset and the Nursing Home COVID-19 Dataset. Moreover, we examined the impact of varying privacy parameter (ε) values on both the privacy and utility of the data. A significant part of this study involved the selection of ε, which determines the degree of privacy protection. We also conducted a computational time comparison by performing multiple complex queries on these datasets to analyse the computational overhead introduced by differential privacy. The outcomes demonstrate that, despite a slight increase in query processing time, it remains within reasonable bounds, ensuring the practicality of differential privacy for real-time applications.

A novel randomized scrambling technique for mean estimation of a finite population

In recent decades, the randomized response technique has attracted researchers due to its usefulness in sensitive surveys. The randomized response procedure is used for the collection of responses on sensitive issues such as cheating in examination, income earned through illegal sources, expenditure on luxury items, and amount of tax paid, etc. This study introduces a new variant of quantitative randomized response models for use with sample surveys where the variable of interest is quantitative. The properties of a mean estimator based on the new technique have been studied. Further, the combined and separate evaluation metrics for efficiency and privacy level have also been derived and compared with those of the existing methods. Further, a simulation study has been conducted to prove the improvement in the degree of privacy protection and efficiency. The findings reveal that the suggested randomized response technique is not only more efficient than the existing techniques, but also improves the joint measure of efficiency and respondents’ privacy, making it preferable over the existing techniques. A real-world example of a sample survey through the suggested model is also presented which illustrates its usefulness in practical surveys on sensitive issues.

Minimizing Noise in Location Privacy Protection Through Equipment Error Consideration

In recent years, systems that collect location information and publish statistics, such as those that publish congestion information, have been extensively employed. Because it is possible to infer an individual’s identity even if the information is not directly disclosed, it is essential to disclose data with privacy protection. Therefore, privacy protection methods based on differential privacy are attracting attention. Geo-indistinguishability is the most famous extension theorem of differential privacy for location information. Geo-indistinguishability can be achieved by adding noise to a target value that must be protected. However, noise addition reduces the usefulness of the data. Thus, it is desirable to add minimal noise to your privacy budget. Therefore, we focus on the fact that the values obtained using measurement devices contain errors. We introduced a novel concept of differential privacy tailored for location information, termed true-value-based geo-indistinguishability (T-Geo-I), which accounts for equipment noise. We also proposed a location information privacy protection method that considers T-Geo-I and reduces the amount of added noise. The object of privacy protection should be the “true value” not the “measured value” that includes measurement errors. According to the experimental results, in the case wherein the measurement error is the normal distribution, our method reduced the noise average and mean square error (MSE) by up to 41% and 63%, respectively, compared with conventional methods while maintaining a prespecified level of privacy in 108 samples of numerical data. In the case wherein the measurement error is the lognormal distribution, the proposed method based on T-Geo-I succeeded in reducing the noise average and MSE by up to 60% and 67%, respectively, compared with methods based on Geo-I, while maintaining a prespecified level of privacy. These findings indicate that the proposed method can improve the usefulness of data while maintaining a prespecified degree of privacy protection.

A Self-adaptive and Secure Approach to Share Network Trace Data

A large volume of network trace data are collected by the government and public and private organizations and can be analyzed for various purposes such as resolving network problems, improving network performance, and understanding user behavior. However, most organizations are reluctant to share their data with any external experts for analysis, because they contain sensitive information deemed proprietary to the organization, thus raising privacy concerns. Even if the payload of network packets is not shared, header data may disclose sensitive information that adversaries can exploit to perform unauthorized actions. So network trace data need to be anonymized before being shared. Most of the existing anonymization tools have two major shortcomings: (1) they cannot provide provable protection, and (2) their performance relies on setting the right parameter values such as the degree of privacy protection and the features that should be anonymized, but there is little assistance for a user to optimally set these parameters. This article proposes a self-adaptive and secure approach to anonymize network trace data and provides provable protection and automatic optimal settings of parameters. A comparison of the proposed approach with existing anonymization tools via experimentation demonstrated that the proposed method outperforms the existing anonymization techniques.

Evaluation of Open-Source Tools for Differential Privacy

Differential privacy (DP) defines privacy protection by promising quantified indistinguishability between individuals who consent to share their privacy-sensitive information and those who do not. DP aims to deliver this promise by including well-crafted elements of random noise in the published data, and thus there is an inherent tradeoff between the degree of privacy protection and the ability to utilize the protected data. Currently, several open-source tools have been proposed for DP provision. To the best of our knowledge, there is no comprehensive study for comparing these open-source tools with respect to their ability to balance DP’s inherent tradeoff as well as the use of system resources. This work proposes an open-source evaluation framework for privacy protection solutions and offers evaluation for OpenDP Smartnoise, Google DP, PyTorch Opacus, Tensorflow Privacy, and Diffprivlib. In addition to studying their ability to balance the above tradeoff, we consider discrete and continuous attributes by quantifying their performance under different data sizes. Our results reveal several patterns that developers should have in mind when selecting tools under different application needs and criteria. This evaluation survey can be the basis for an improved selection of open-source DP tools and quicker adaptation of DP.

Research on Financial Fraud Identification System Based on Differential Privacy

Data sharing among financial institutions is often not possible, resulting in a "data silo" situation. In this paper, we train an efficient financial fraud detection model under the framework of privacy protection from the perspective of facilitating the collaboration of multiple financial institutions to train a fraud identification system. This paper first used traditional oversampling and under sampling methods to balance the data and train models such as logistic regression, support vector machines and random forests, but did not obtain the desired results. In contrast, the optimal subsampling method based on logistic regression performs well in terms of training results and program runtime. To protect data security, differential privacy is introduced on this basis to find the classification accuracy of the model under different privacy budgets. It is concluded that a certain balance between the degree of privacy protection and model effectiveness should be achieved according to privacy requirements.

Combined CNN/RNN video privacy protection evaluation method for monitoring home scene violence

Rapid developments in technology have led to increasing numbers of video surveillance devices in the home environment. The importance of video privacy protection has spurred the development of various video privacy protection methods. This paper proposes a method for evaluating the degree of privacy protection for multilayer compressed sensing video. The combination of CNN convolutional neural network and RNN convolutional network was used to extract video spatial-temporal feature mapping visual privacy protection scores, and the same model was used to map video practicality scores through classifiers. Compared with previous methods, the proposed approach achieves a better prediction effect and generalization performance for videos. Finally, an association model is established between visual privacy protection score and practicability score. This model quantifies the relationship between these aspects, providing suggestions for practical application and enabling the evaluation of other video privacy protection methods.

Allocation of carbon quotas with local differential privacy

As a policy tool to limit greenhouse gas emissions using market-based instruments, carbon emissions trading is being adopted by an increasing number of countries and regions. By 2021, a total of 33 carbon trading systems have been put into operation worldwide, covering a wide range of industries such as power, industry, aviation, and construction. And by analyzing the data generated by the exchange, carbon quotas can be allocated more rationally, so that companies can use their quotas more fully, unfortunately, the analysis of the data may result in the leakage of company data. For example, since there is more than one carbon exchange, the analysis will be done after aggregating the transaction data of all exchanges, which may cause data leakage and create the problem of malicious competition between companies. Therefore, we searched for an efficient way to perform carbon allowance allocation analysis so that the data of trading companies are protected and do not lose their usability. We propose the locally differential privacy-carbon allocation model, which perturbs the data locally in the exchange to a certain extent, and the data center removes the impact of the perturbation as much as possible for data estimation, finally, uses it for carbon quota allocation share prediction. This allows for better protection of the trading data while still allowing for a reasonable allocation of carbon quotas. The final experimental results show that the allocation results are effective and reasonable under the premise of satisfying a certain degree of privacy protection.

Novel trajectory privacy protection method against prediction attacks

When the public uses Location-based Services (LBSs), their location information is constantly exposed. Owing to the spatiotemporal correlation of trajectories, it is easy for attackers to use historical trajectories and background knowledge to predict future locations of target users. We refer to this type of inference attack as a trajectory prediction attack. To address such potential but threatening attacks in a continuous location query, we propose a novel trajectory privacy protection method. The proposed algorithm aims to generate an indistinguishable perturbed location that is robust to the prediction attack, wherein the user’s real location can be replaced by a perturbed location when submitted to an untrusted server. First, a hidden Markov model-based trajectory prediction mechanism is proposed to simulate predictive attacks and compute the predictability of positions before the trajectory is released. Second, the w sliding window mechanism is designed to dynamically adjust the privacy protection degree of each location point in the trajectory according to the predictability of the location and privacy needs of users. Finally, we propose a bounded noise-adding algorithm based on the Laplace mechanism to improve the usability of data. In our experiments, mutual information, trajectory root-mean-square error, query error, and root-mean-square predictability were used as evaluation criteria, and the performance of the proposed method was comprehensively evaluated. The results show that our algorithm can reduce the trajectory predictability to 0.21 without reducing data availability, which is effective against prediction attacks.

5GMEC-DP: Differentially private protection of trajectory data based on 5G-based mobile edge computing

Machine learning has become a core technology in areas such as big data, Internet of Things, and cloud computing. Training machine learning models requires a large amount of data, How to protect these data with low cost and high efficiency is an important issue. This paper proposes a trajectory data collection model based on the 5G-based mobile edge computing, and uses the service characteristics of the MEC server to propose a differentially private protection scheme of trajectory data based on 5G-based mobile edge computing (5GMEC-DP). If the encrypted location information does not belong to the service range of the current MEC server, it will be projected to the service edge of the MEC server, thereby limiting the amount of noise of the Geo-Indistinguishability algorithm, making it suitable for the protection of trajectory data, and it also proves that the 5GMEC-DP algorithm still satisfies the definition of ε-Geo-Indistinguishability. Finally, experiments on the real data set prove that 5GMEC-DP can maintain the high practicability of the data when the degree of privacy protection is high. At ε=0.001 and ε=0.0005, Average Qloss of each coordinate in the trajectory decreases by 64% and 81%, respectively, compared with Geo-Indistinguishability algorithm. The overall database availability loss decreases by 64% and 82%, respectively.

Support Personalized Weighted Local Differential Privacy Skyline Query

The potential privacy risks in certain situations are of concern because of the frequent sharing of data during skyline queries, leading to leakage of users’ private information. The most common privacy-preserving technique is to anonymize data by removing or changing certain information, for which an attack with specific background knowledge would render the privacy protection ineffective. To overcome these difficulties, this study proposes a personalized weighted local differential privacy method (PWLDP) to protect data privacy during skyline querying. Compared with existing studies of skyline queries under privacy protection, the degree of privacy protection can be quantitatively analyzed, and the processing of data privacy lies with the user, who quantitatively perturbs the processing according to the sensitivity of the weights of different attributes to avoid substantial information loss. The performance of the proposed PWLDP is verified by comparing PWLDP and LDP on different datasets, the average privacy leakage reduction of 62.22% and 51.67% is obtained for experiments conducted on different datasets relative to the iDP-SC algorithm, and the experimental results demonstrate the efficiency and advantages of the proposed method.

Radial Neural Network Processing Applied to Athlete's Personalized Psychological Regulation Detection System.

Radial neural network is based in the world with the characteristics of active adaptation, active learning, active recognition, low error rate, and thought mapping and plays an important role in personalized regulation. However, in practical applications, due to the existence of pattern recognition, motion control, and a large amount of combined knowledge, the traditional methods are difficult to solve, even powerless, and cannot be effectively solved. Although the traditional BP network is more widely used, the BP neural network is easy to enter the regional minimum value during the training process, which leads to a lower training learning speed and low efficiency. The RBF network (radial neural network) is in a certain sense, and it can detect both known intrusions and unpredictable intrusions. At the same time, it is superior to BP neural network in data collection, pattern recognition, and personality customization. Through detection and comparison, it is found that the radial network has improved the analysis speed by about 20%, and the degree of privacy protection of athletes is as high as 99%, which is close to the full value, and the accuracy of the psychological control scheme is also improved by about 15% on the basis of the classic network. Athletes can be adjusted as soon as possible to achieve the best state; so, it will be an ideal choice to use a radial neural network for the psychological adjustment detection system.

Private Federated Learning With Misaligned Power Allocation via Over-the-Air Computation

To further preserve the data privacy of federated learning (FL), we propose a differentially private FL (DPFL) scheme with misaligned power allocation (MPA-DPFL). Unlike most existing over-the-air FL studies, in MPA-DPFL, the gradients are aggregated through over-the-air computation (Aircomp) but do not need to be aligned in the transmission. Therefore, MPA-DPFL can avoid the problem that the signal-to-noise ratio (SNR) of the system is limited by the device with the worst channel condition. We formulate an optimization problem to minimize the optimality gap of MPA-DPFL while guaranteeing a certain degree of privacy protection. Additionally, we demonstrate that the MPA-DPFL is more suitable than the DPFL with aligned power allocation (APA-DPFL) when the channel condition of a device in the system is lower than a threshold. The analytical results are validated through simulation.

LBS user location privacy protection scheme based on trajectory similarity

During the data set input or output, or the data set itself adds noise to enable data distortion to effectively reduce the risk of user privacy leakage. However, in the conventional method, the added noise may cause data distortion, thereby appealed against it. However, the amount of noise is too small and cannot meet the effect of privacy protection. Therefore, we propose a LBS user location privacy protection scheme based on trajectory similarity (DPTS). With double privacy protection without reducing the efficiency of algorithms, it does not cause data distortion to provide more reliable privacy protection. The main contributions of this article include: (1) In the process of collecting and publishing the location data, introduce into the privacy protection method, (2) The differential privacy algorithm based on the trajectory prefix tree is superimposed on the basis of the false position replacement algorithm based on the trajectory similarity, (3) Propose LBS-based Difference Privacy Protection Algorithm. In the algorithm, We reach the purpose of protecting user personal privacy by replace the original trajectory into a fake track trace that is the lowest degree of similarity in the interval. Then establish a prefix tree and add noise to the positional frequency. It is in order to further protect the sensitive location information, double protection in the trajectory data set, and the degree of privacy protection is improved. Simulation experiment results show that the proposed algorithm is effective. The algorithm can suppress the distortion rate of data while improving the amount of noise, and in improving the algorithm operation efficiency, it reduces the risk of leakage of sensitive position information.

Optimized setting of privacy budget in a recommendation system with local differential privacy

Recommendation system can help users find the data they need from the massive amounts of data. At the same time, uploading original user data to the server may reveal user privacy. We utilize local differential privacy techniques to provide privacy protection for users in the recommendation system. In the local differential privacy model, the degree of privacy protection is measured by the privacy budget, and a high privacy budget usually means high analysis accuracy. To help users minimize privacy loss and maximize recommendation accuracy, we model the privacy budget setting problem as a multiarmed bandit problem and propose the upper confidence bound learning policy to help each user choose the privacy budget. Considering that users have different sensitivity levels to different data, we modify the above policy. Experimental results reveal that the proposed policy can help users choose an appropriate privacy budget, which can effectively increase the total user payoff.

Privacy in blockchain systems

Privacy of blockchains has been a matter of discussion since the inception of Bitcoin. Various techniques with a varying degree of privacy protection and complexity have been proposed over the past decade. In this survey, we present a systematic analysis of these proposals in four categories: (i) identity, (ii) transaction, (iii) consensus, and (iv) smart contract privacy. Each of these categories have privacy requirements of its own, and various solutions have been proposed to meet these requirements. Almost every technique in the literature of privacy enhancing technologies have been applied to blockchains: mix networks, zero-knowledge proofs, blind signatures, ring signatures, secure MPC, homomorphic encryption, to name just a few. We analyze each category separately in the paper. We first define the related privacy issues, and then review the proposed solutions. The limitations of each solution and the attacks discovered are also discussed along with the proposals. For each category, we first define the relevant privacy issues, and then review the proposed solutions along with their features and limitations

Privacy-preserving data sharing infrastructures for medical research: systematization and comparison

BackgroundData sharing is considered a crucial part of modern medical research. Unfortunately, despite its advantages, it often faces obstacles, especially data privacy challenges. As a result, various approaches and infrastructures have been developed that aim to ensure that patients and research participants remain anonymous when data is shared. However, privacy protection typically comes at a cost, e.g. restrictions regarding the types of analyses that can be performed on shared data. What is lacking is a systematization making the trade-offs taken by different approaches transparent. The aim of the work described in this paper was to develop a systematization for the degree of privacy protection provided and the trade-offs taken by different data sharing methods. Based on this contribution, we categorized popular data sharing approaches and identified research gaps by analyzing combinations of promising properties and features that are not yet supported by existing approaches.MethodsThe systematization consists of different axes. Three axes relate to privacy protection aspects and were adopted from the popular Five Safes Framework: (1) safe data, addressing privacy at the input level, (2) safe settings, addressing privacy during shared processing, and (3) safe outputs, addressing privacy protection of analysis results. Three additional axes address the usefulness of approaches: (4) support for de-duplication, to enable the reconciliation of data belonging to the same individuals, (5) flexibility, to be able to adapt to different data analysis requirements, and (6) scalability, to maintain performance with increasing complexity of shared data or common analysis processes.ResultsUsing the systematization, we identified three different categories of approaches: distributed data analyses, which exchange anonymous aggregated data, secure multi-party computation protocols, which exchange encrypted data, and data enclaves, which store pooled individual-level data in secure environments for access for analysis purposes. We identified important research gaps, including a lack of approaches enabling the de-duplication of horizontally distributed data or providing a high degree of flexibility.ConclusionsThere are fundamental differences between different data sharing approaches and several gaps in their functionality that may be interesting to investigate in future work. Our systematization can make the properties of privacy-preserving data sharing infrastructures more transparent and support decision makers and regulatory authorities with a better understanding of the trade-offs taken.

Differential Privacy Location Protection Scheme Based on Hilbert Curve

Location-based services (LBS) applications provide convenience for people’s life and work, but the collection of location information may expose users’ privacy. Since these collected data contain much private information about users, a privacy protection scheme for location information is an impending need. In this paper, a protection scheme DPL-Hc is proposed. Firstly, the users’ location on the map is mapped into one-dimensional space by using Hilbert curve mapping technology. Then, the Laplace noise is added to the location information of one-dimensional space for perturbation, which considers more than 70% of the nonlocation information of users; meanwhile, the disturbance effect is achieved by adding noise. Finally, the disturbed location is submitted to the service provider as the users’ real location to protect the users’ location privacy. Theoretical analysis and simulation results show that the proposed scheme can protect the users’ location privacy without the trusted third party effectively. It has advantages in data availability, the degree of privacy protection, and the generation time of anonymous data sets, basically achieving the balance between privacy protection and service quality.

Study to Alter the Nuisance Effect of Non-Response Using Scrambled Mechanism.

IntroductionIn biometric sample surveys, our objective is to get ready-made information for future planning and policy implementations related to the subject matters of highly sensitive issues. In such situations, we apply randomized response/scrambled response techniques. There are many highly sensitive issues which need to be examined over time as they may have a tendency to change. To get rid of these types of practical cases we need a scrambled response technique on successive occasions.MethodsUsing an additive and multiplicative technique, we proposed new effective scrambled response models to estimate the population mean of quantitative sensitive characteristics. Degree of privacy protection and unified measure approaches are used to examine the efficacy of the proposed models. Efficiency of the proposed models has been checked using MATLAB software. The utility of the proposed models under two occasions of successive sampling has been also explored using exponential-type estimators. Empirical and simulation studies are carried out to justify the proposition of the proposed estimators using MATLAB software.ResultsThe percent relative efficiencies of the proposed models are always greater than 100 with respect to the well-known Bar-Lev et al model. In terms of degree of privacy protection, most of the values are greater than 0.5 and closer to 1. Similarly, the values of the proposed models are smaller with respect to the Bar-Lev et al model in terms of a unified measure approach. When the proposed scrambled response models are used on successive occasions, the percent relative efficiency is always found greater than 100 for all cases over its competitors.DiscussionIn this study, after deeply examining the properties of the proposed models, we found that the proposed models performed better over the well-known existing model. The proposed models may be used in human survey when we deal with highly sensitive issues. The proposed models also performed better when we utilized them in successive sampling. Hence, if sensitive characteristics change with time, the proposed estimators may be the best alternative to deal with these types of situations.Mathematics Subject Classification62D05.

Privacy as a New Component of “The Best Interests of the Child” in the New Digital Environment

Abstract Legal regulations codifying the privacy rights of children in digital contexts, both at national and international levels, are fragmentary. Existing norms primarily address issues related to child safety as well as data processing, but not the protection of his/her dignity and reputation. At the same time, the Internet Communications and Technology-related (ict) activities of parents, who are traditionally considered to be the primary defenders of their children’s rights but presently are the main contributors to the public image of their child, may endanger child privacy. To address the threat that “sharenting” creates, the privacy of the child should be considered not only as a right, but also in “the best interests of the child”. This conceptualisation of rights as argued, would allow for a greater degree of privacy protection as it requires authorities to take it into consideration, ‘in all actions concerning children’, and will guarantee that they allocate to it the proper weight, while balancing it with the rights of others.