Multiple Sensitive Attributes Research Articles

Semantic Tree Based PPDP Technique for Multiple Sensitive Attributes in Inter Cloud

Digital devices and information systems have made data privacy essential. The collected data contains sensitive attributes such as salary, marital status and health history that need to be protected. Such data is exchanged or published to a third party using cloud infrastructure to perform various analyses, conduct research, and make critical decisions. Unauthorized users of the published data may violate privacy, notwithstanding the benefits. Data anonymization is one of the technique for achieving data privacy. Existing techniques consider single sensitive attribute and data is anonymized using generalization or suppression approaches. On observation, it is found that these techniques are less efficient since the collected data contains multiple sensitive attributes when anonymized using the same approaches leads to higher information loss and residue records. In this paper, multiple sensitive attributes are considered and the dataset is anonymized by constructing a semantic hierarchical tree it is further partitioned using the anatomy approach. Later, the partitions are stored in interclouds to achieve better privacy protection. Experiments are conducted to observe and analyze the computational performance, residue records and diversity percentage. The results obtained prove that the proposed technique is efficient when compared to the existing ones.

A Utility-Aware Anonymization Model for Multiple Sensitive Attributes Based on Association Concealment

A Utility-Aware Anonymization Model for Multiple Sensitive Attributes Based on Association Concealment

Achieve fairness without demographics for dermatological disease diagnosis

In medical image diagnosis, fairness has become increasingly crucial. Without bias mitigation, deploying unfair AI would harm the interests of the underprivileged population and potentially tear society apart. Recent research addresses prediction biases in deep learning models concerning demographic groups (e.g., gender, age, and race) by utilizing demographic (sensitive attribute) information during training. However, many sensitive attributes naturally exist in dermatological disease images. If the trained model only targets fairness for a specific attribute, it remains unfair for other attributes. Moreover, training a model that can accommodate multiple sensitive attributes is impractical due to privacy concerns. To overcome this, we propose a method enabling fair predictions for sensitive attributes during the testing phase without using such information during training. Inspired by prior work highlighting the impact of feature entanglement on fairness, we enhance the model features by capturing the features related to the sensitive and target attributes and regularizing the feature entanglement between corresponding classes. This ensures that the model can only classify based on the features related to the target attribute without relying on features associated with sensitive attributes, thereby improving fairness and accuracy. Additionally, we use disease masks from the Segment Anything Model (SAM) to enhance the quality of the learned feature. Experimental results demonstrate that the proposed method can improve fairness in classification compared to state-of-the-art methods in two dermatological disease datasets.

A Sequentially Fair Mechanism for Multiple Sensitive Attributes

In the standard use case of Algorithmic Fairness, the goal is to eliminate the relationship between a sensitive variable and a corresponding score. Throughout recent years, the scientific community has developed a host of definitions and tools to solve this task, which work well in many practical applications. However, the applicability and effectivity of these tools and definitions becomes less straightfoward in the case of multiple sensitive attributes. To tackle this issue, we propose a sequential framework, which allows to progressively achieve fairness across a set of sensitive features. We accomplish this by leveraging multi-marginal Wasserstein barycenters, which extends the standard notion of Strong Demographic Parity to the case with multiple sensitive characteristics. This method also provides a closed-form solution for the optimal, sequentially fair predictor, permitting a clear interpretation of inter-sensitive feature correlations. Our approach seamlessly extends to approximate fairness, enveloping a framework accommodating the trade-off between risk and unfairness. This extension permits a targeted prioritization of fairness improvements for a specific attribute within a set of sensitive attributes, allowing for a case specific adaptation. A data-driven estimation procedure for the derived solution is developed, and comprehensive numerical experiments are conducted on both synthetic and real datasets. Our empirical findings decisively underscore the practical efficacy of our post-processing approach in fostering fair decision-making.

F3KM: Federated, Fair, and Fast k-means

This paper proposes a federated, fair, and fast k-means algorithm (F3KM) to solve the fair clustering problem efficiently in scenarios where data cannot be shared among different parties. The proposed algorithm decomposes the fair k-means problem into multiple subproblems and assigns each subproblem to a client for local computation. Our algorithm allows each client to possess multiple sensitive attributes (or have no sensitive attributes). We propose an in-processing method that employs the alternating direction method of multipliers (ADMM) to solve each subproblem. During the procedure of solving subproblems, only the computation results are exchanged between the server and the clients, without exchanging the raw data. Our theoretical analysis shows that F3KM is efficient in terms of both communication and computation complexities. Specifically, it achieves a better trade-off between utility and communication complexity, and reduces the computation complexity to linear with respect to the dataset size. Our experiments show that F3KM achieves a better trade-off between utility and fairness than other methods. Moreover, F3KM is able to cluster five million points in one hour, highlighting its impressive efficiency.

Fair tree classifier using strong demographic parity

When dealing with sensitive data in automated data-driven decision-making, an important concern is to learn predictors with high performance towards a class label, whilst minimising for the discrimination towards any sensitive attribute, like gender or race, induced from biased data. Hybrid tree optimisation criteria have been proposed which combine classification performance and fairness. Although the threshold-free ROC-AUC is the standard for measuring classification model performance, current fair tree classification methods mainly optimise for a fixed threshold on the fairness metric. In this paper, we propose SCAFF—splitting criterion AUC for Fairness—a compound decision tree splitting criterion which combines the threshold-free strong demographic parity with ROC-AUC termed, easily applicable as an ensemble. Our method simultaneously leverages multiple sensitive attributes of which the values may be multicategorical, and is tunable with respect to the unavoidable performance-fairness trade-off. In our experiments, we demonstrate how SCAFF generates effective models with competitive performance and fairness with respect to binary, multicategorical, and multiple sensitive attributes.

Active learning with fairness-aware clustering for fair classification considering multiple sensitive attributes

Fairness concerns have recently been gaining increasing attention in machine learning (ML) research and applications. ML models typically require massive data, which can be costly and challenging for collecting and labeling. To address these concerns, active learning has been proposed as a promising approach to build accurate and fair ML models by interactively querying an oracle within a labeling budget. However, current research on fair active learning only focuses on single sensitive attribute, where the model often show unfairness on subgroups defined by the intersections of different protected attribute values. In this article, a novel active learning approach with a fairness-aware clustering technique is proposed for fair classification that can simultaneously ensure the equality of fairness metrics across multiple sensitive attributes. The fair clustering method enables to control the trade-off levels between the clustering and fairness objectives with multiple sensitive attributes, which mitigates bias and protects the unprivileged classes by balancing their representativeness in all clusters. A tight upper bound is theoretically derived for our fairness objective based on its concave-convex decomposition, which can be jointly optimized with the clustering objective through Majorize-Minimize technique and enable parallel computing. The active learning sampler aims to select highly informative and representative samples from fair clusters to enhance the model classification accuracy and fairness. The effectiveness of our proposed approach is demonstrated by comparing with state-of-the-art methods on real-world datasets. The experimental results are accordant with theoretic analysis, and show that (i) our approach significantly improves the fairness while maintaining model classification accuracy; (ii) our approach outperforms state-of-the-art fair active learning methods across fairness metrics on both single and multiple sensitive attributes for fair classification tasks.

A multiple sensitive attributes data publishing method with guaranteed information utility

AbstractData publishing methods can provide available information for analysis while preserving privacy. The multiple sensitive attributes data publishing, which preserves the relationship between sensitive attributes, may keep many records from being grouped and bring in a high record suppression ratio. Another category of multiple sensitive attributes data publishing, which reduces the possibility of record suppression by breaking the relationship between sensitive attributes, cannot provide the sensitive attributes association for analysis. Hence, the existing multiple sensitive attributes data publishing fails to fully account for the comprehensive information utility. To acquire a guaranteed information utility, this article defines comprehensive information loss that considers both the suppression of records and the relationship between sensitive attributes. A heuristic method is leveraged to discover the optimal anonymity scheme that has the lowest comprehensive information loss. The experimental results verify the practice of the proposed data publishing method with multiple sensitive attributes. The proposed method can guarantee information utility when compared with previous ones.

A privacy‐preserving method for publishing data with multiple sensitive attributes

AbstractThe overgeneralisation may happen because most studies on data publishing for multiple sensitive attributes (SAs) have not considered the personalised privacy requirement. Furthermore, sensitive information disclosure may also be caused by these personalised requirements. To address the matter, this article develops a personalised data publishing method for multiple SAs. According to the requirements of individuals, the new method partitions SAs values into two categories: private values and public values, and breaks the association between them for privacy guarantees. For the private values, this paper takes the process of anonymisation, while the public values are released without this process. An algorithm is designed to achieve the privacy mode, where the selectivity is determined by the sensitive value frequency and undesirable objects. The experimental results show that the proposed method can provide more information utility when compared with previous methods. The theoretic analyses and experiments also indicate that the privacy can be guaranteed even though the public values are known to an adversary. The overgeneralisation and privacy breach caused by the personalised requirement can be avoided by the new method.

K-Anonymity Privacy Protection Algorithm for Multi-Dimensional Data against Skewness and Similarity Attacks.

Currently, a significant focus has been established on the privacy protection of multi-dimensional data publishing in various application scenarios, such as scientific research and policy-making. The K-anonymity mechanism based on clustering is the main method of shared-data desensitization, but it will cause problems of inconsistent clustering results and low clustering accuracy. It also cannot defend against several common attacks, such as skewness and similarity attacks at the same time. To defend against these attacks, we propose a K-anonymity privacy protection algorithm for multi-dimensional data against skewness and similarity attacks (KAPP) combined with t-closeness. Firstly, we propose a multi-dimensional sensitive data clustering algorithm based on improved African vultures optimization. More specifically, we improve the initialization, fitness calculation, and solution update strategy of the clustering center. The improved African vultures optimization can provide the optimal solution with various dimensions and achieve highly accurate clustering of the multi-dimensional dataset based on multiple sensitive attributes. It ensures that multi-dimensional data of different clusters are different in sensitive data. After the dataset anonymization, similar sensitive data of the same equivalence class will become less, and it eventually does not satisfy the premise of being theft by skewness and similarity attacks. We also propose an equivalence class partition method based on the sensitive data distribution difference value measurement and t-closeness. Namely, we calculate the sensitive data distribution's difference value of each equivalence class and then combine the equivalence classes with larger difference values. Each equivalence class satisfies t-closeness. This method can ensure that multi-dimensional data of the same equivalence class are different in multiple sensitive attributes, and thus can effectively defend against skewness and similarity attacks. Moreover, we generalize sensitive attributes with significant weight and all quasi-identifier attributes to achieve anonymous protection of the dataset. The experimental results show that KAPP improves clustering accuracy, diversity, and anonymity compared to other similar methods under skewness and similarity attacks.

Incremental Diversity: An Efficient Anonymization Technique for PPDP of Multiple Sensitive Attributes

Data collected at the organizations such as schools, offices, healthcare centers and e-commerce websites contain multiple sensitive attributes. The sensitive information from these organisations such as marks obtained, salary, disease, treatment and traveling history are personal information that an individual dislikes to disclose to the public as it may lead to privacy threats. Therefore, it is necessary to preserve privacy of the data before publishing. Privacy Preserving Data Publishing(PPDP) algorithms aim to publish the data without compromising the privacy of individuals. In the recent years several algorithms have been designed for PPDP multiple sensitive attributes. The major limitations are, firstly among several sensitive attributes these algorithms consider one of them as primary sensitive attribute and anonymize the data, however there may be other dominant sensitive attributes that need to be preserved. Secondly, there is no consistent way to categorize multiple sensitive attributes. Lastly, increased proportion of records are generated due to usage of generalization and suppression techniques. Hence, to overcome these limitations the current work proposes an efficient approach to categorize the sensitive attributes based their semantics and anonymize the data using an anatomy technique. This reduces the residual records as well as categorizes the attributes. The results are compared with popular techniques like Simple Distribution of Sensitive Values (SDSV) and (l, e) diversity. Experiments prove that our method outperforms the existing methods in terms of categorization of multiple sensitive attributes, reducing the percentage of residual records and preventing the existing privacy threats.

Fuzz-classification (p, l)-Angel: An enhanced hybrid artificial intelligence based fuzzy logic for multiple sensitive attributes against privacy breaches

The inability of traditional privacy-preserving models to protect multiple datasets based on sensitive attributes has prompted researchers to propose models such as SLOMS, SLAMSA, (p, k)-Angelization, and (p, l)-Angelization, but these were found to be insufficient in terms of robust privacy and performance. (p, l)-Angelization was successful against different privacy disclosures, but it was not efficient. To the best of our knowledge, no robust privacy model based on fuzzy logic has been proposed to protect the privacy of sensitive attributes with multiple records. In this paper, we suggest an improved version of (p, l)-Angelization based on a hybrid AI approach and privacy-preserving approach like Generalization. Fuzz-classification (p, l)-Angel uses artificial intelligence based fuzzy logic for classification, a high-dimensional segmentation technique for segmenting quasi-identifiers and multiple sensitive attributes. We demonstrate the feasibility of the proposed solution by modelling and analyzing privacy violations using High-Level Petri Nets. The results of the experiment demonstrate that the proposed approach produces better results in terms of efficiency and utility.

Learning fair representations by separating the relevance of potential information

Representation learning has recently been used to remove sensitive information from data and improve the fairness of machine learning algorithms in social applications. However, previous works that used neural networks are opaque and poorly interpretable, as it is difficult to intuitively determine the independence between representations and sensitive information. The internal correlation among data features has not been fully discussed, and it may be the key to improving the interpretability of neural networks. A novel fair representation algorithm referred to as FRC is proposed from this conjecture. It indicates how representations independent of multiple sensitive attributes can be learned by applying specific correlation constraints on representation dimensions. Specifically, dimensions of the representation and sensitive attributes are treated as statistical variables. The representation variables are divided into two parts related to and unrelated to the sensitive variables by adjusting their absolute correlation coefficient with sensitive variables. The potential impact of sensitive information on representations is concentrated in the related part. The unrelated part of the representation can be used in downstream tasks to yield fair results. FRC takes the correlation between dimensions as the key to solving the problem of fair representation. Empirical results show that our representations enhance the ability of neural networks to show fairness and achieve better fairness-accuracy tradeoffs than state-of-the-art works.

Robust reputation independence in ranking systems for multiple sensitive attributes

Ranking systems have an unprecedented influence on how and what information people access, and their impact on our society is being analyzed from different perspectives, such as users’ discrimination. A notable example is represented by reputation-based ranking systems, a class of systems that rely on users’ reputation to generate a non-personalized item-ranking, proved to be biased against certain demographic classes. To safeguard that a given sensitive user’s attribute does not systematically affect the reputation of that user, prior work has operationalized a reputation independence constraint on this class of systems. In this paper, we uncover that guaranteeing reputation independence for a single sensitive attribute is not enough. When mitigating biases based on one sensitive attribute (e.g., gender), the final ranking might still be biased against certain demographic groups formed based on another attribute (e.g., age). Hence, we propose a novel approach to introduce reputation independence for multiple sensitive attributes simultaneously. We then analyze the extent to which our approach impacts on discrimination and other important properties of the ranking system, such as its quality and robustness against attacks. Experiments on two real-world datasets show that our approach leads to less biased rankings with respect to multiple users’ sensitive attributes, without affecting the system’s quality and robustness.

Dynamic distributed KCi‐slice data publishing model with multiple sensitive attributes

SUMMARYPrivacy‐preserving data publishing (PPDP) provides scope for performing various types of analytics by the researcher on the published data without revealing the individuals' privacy. However, it is necessary to consider the data from all the available locations to obtain accurate results from the published data. Then only the derived associations from the published data are helpful to make new decisions by an organization. Existing PPDP models on multiple sensitive attributes like KC‐slice (K stands for bucket size, C stands for constant threshold), KCi‐slice (K–bucket size, Ci–variable threshold), Novel KCi‐slice, and Optimal KCi‐slice models are concentrated only when data is located at a single location. This research work introduces a new model called “distributed KCi‐slice,” which considers the data with multiple sensitive attributes from various locations to obtain accurate results. Initially, this model proposes a novel technique called a distributed algorithm to merge the different data sets into a single data set. It combines the data differently, so that it is not possible to identify any record of a specific data set from the merged data. The proposed model also uses a new bucketization algorithm named (l,m,d)*‐anonymity (l stands for distinct semantic categories of the sensitive values of a sensitive attribute in a specific bucket, m stands for the number of sensitive attributes, and d stands for different sensitive categories for the sensitive values of a sensitive attribute in each sensitive bucket) for the bucketization of the tuples into the buckets. It imposes the privacy constraints only on high sensitive values of each sensitive attribute by considering the semantic and sensitive levels of sensitive values. The distributed KCi‐slice model finally publishes the data in the form of multiple sensitive tables and one quasi table. This model is implemented based on attribute sensitiveness to enhance the utility and privacy levels of the published data.

Fuzzy-Logic-Based Privacy-Aware Dynamic Release of IoT-Enabled Healthcare Data

The recent evolution of the Internet of Things in the healthcare sector has attained substantial recognition from the government and industry. Healthcare data accumulated from diverse sources are stored by health service providers which is useful for patient diagnosis as well as for research for pivotal analysis. However, healthcare data contains sensitive information of an individual that needs to be protected. The sensitive health information of an individual contains multiple attributes and the correlation of this information may lead to a privacy breach. In more complex scenarios, such type of data is expected to be released periodically and dynamically, the privacy breach of individuals becomes imminent due to the presence of personal data. In this article, a fuzzy logic-based intelligent privacy-aware algorithm is proposed to protect the individual’s privacy with multiple sensitive attributes in a dynamic data release scenario. Our formal modeling and analysis show that the proposed approach offers a robust privacy guarantee while releasing health-related data. Furthermore, the empirical evaluation exhibits that the proposed model outperforms the state-of-the-art approaches in terms of information loss and query accuracy.

Heap Bucketization Anonymity—An Efficient Privacy-Preserving Data Publishing Model for Multiple Sensitive Attributes

The publication of a patient’s dataset is essential for various medical investigations and decision-making. Currently, significant focus has been established to protect privacy during data publishing. The existing privacy models for multiple sensitive attributes do not concentrate on the correlation among the attributes, which in turn leads to much utility loss. An efficient model Heap Bucketization-anonymity (HBA) has been proposed to balance privacy and utility with multiple sensitive attributes. The Heap Bucketization-anonymity model used anatomization to vertically partition the dataset into 1. Quasi-identifier table and 2. Sensitive attribute table. The quasi-identifier is anonymized by implementing k-anonymity and slicing and the sensitive attributes are anonymized by applying slicing and Heap Bucketization. The metrics Normalized Certainty Penalty and KL-divergence have been used to compute the utility loss in the patient dataset. The experimental results show that the HB-anonymity can significantly achieve high privacy with less utility loss than other existing models. The HB-anonymity model not only balances the utility and privacy also eradicates the i) background knowledge attack, ii) quasi-identifier attack iii) membership attack, iv) non-membership attack and v) fingerprint correlation attack.

Learning Flexible and Fair Data Representations

In this paper, we consider the problem of learning fair data representations that can be used for some downstream utility task in the vendor-user setting. We propose splitting the latent space between sensitive and non-sensitive latent variables where maximum mean discrepancy (MMD) is used to induce statistical independence between sensitive and non-sensitive latent variables. The non-sensitive latent representations can then be used for utility task by the user and achieve group and sub-group fairness with respect to multiple sensitive attributes. We perform extensive experiments and compare the proposed method against various representation learning methods proposed earlier in the literature. Our quantitative results and visualizations show that the proposed method produces representations that are able to achieve better or comparable performance at the utility task while simultaneously achieving sub-group and group fairness.

FairLOF: Fairness in Outlier Detection

An outlier detection method may be considered fair over specified sensitive attributes if the results of outlier detection are not skewed toward particular groups defined on such sensitive attributes. In this paper, we consider the task of fair outlier detection. Our focus is on the task of fair outlier detection over multiple multi-valued sensitive attributes (e.g., gender, race, religion, nationality and marital status, among others), one that has broad applications across modern data scenarios. We propose a fair outlier detection method, FairLOF, that is inspired by the popular LOF formulation for neighborhood-based outlier detection. We outline ways in which unfairness could be induced within LOF and develop three heuristic principles to enhance fairness, which form the basis of the FairLOF method. Being a novel task, we develop an evaluation framework for fair outlier detection, and use that to benchmark FairLOF on quality and fairness of results. Through an extensive empirical evaluation over real-world datasets, we illustrate that FairLOF is able to achieve significant improvements in fairness at sometimes marginal degradations on result quality as measured against the fairness-agnostic LOF method. We also show that a generalization of our method, named FairLOF-Flex, is able to open possibilities of further deepening fairness in outlier detection beyond what is offered by FairLOF.

F-Classify: Fuzzy Rule Based Classification Method for Privacy Preservation of Multiple Sensitive Attributes.

With the advent of smart health, smart cities, and smart grids, the amount of data has grown swiftly. When the collected data is published for valuable information mining, privacy turns out to be a key matter due to the presence of sensitive information. Such sensitive information comprises either a single sensitive attribute (an individual has only one sensitive attribute) or multiple sensitive attributes (an individual can have multiple sensitive attributes). Anonymization of data sets with multiple sensitive attributes presents some unique problems due to the correlation among these attributes. Artificial intelligence techniques can help the data publishers in anonymizing such data. To the best of our knowledge, no fuzzy logic-based privacy model has been proposed until now for privacy preservation of multiple sensitive attributes. In this paper, we propose a novel privacy preserving model F-Classify that uses fuzzy logic for the classification of quasi-identifier and multiple sensitive attributes. Classes are defined based on defined rules, and every tuple is assigned to its class according to attribute value. The working of the F-Classify Algorithm is also verified using HLPN. A wide range of experiments on healthcare data sets acknowledged that F-Classify surpasses its counterparts in terms of privacy and utility. Being based on artificial intelligence, it has a lower execution time than other approaches.