Protecting Individual Information Against Inference Attacks in Data Publishing

In many data-publishing applications, the data owner needs to protect sensitive information pertaining to individuals. Meanwhile, certain information is required to be published. The sensitive information could be considered as leaked, if an adversary can infer the real value of a sensitive entry with a high confidence. In this paper we study how to protect sensitive data when an adversary can do inference attacks using association rules derived from the data. We formulate the inference attack model, and develop complexity results on computing a safe partial table. We classify the general problem into subcases based on the requirements of publishing information, and propose the corresponding algorithms for finding a safe partial table to publish. We have conducted an empirical study to evaluate these algorithms on real data.

[1]  Chris Clifton,et al.  Using unknowns to prevent discovery of association rules , 2001, SGMD.

[2]  Elisa Bertino,et al.  A Secure Publishing Service for Digital Libraries of XML Documents , 2001, ISC.

[3]  Vassilios S. Verykios,et al.  Disclosure limitation of sensitive rules , 1999, Proceedings 1999 Workshop on Knowledge and Data Engineering Exchange (KDEX'99) (Cat. No.PR00453).

[4]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[5]  Ronald L. Graham,et al.  Concrete mathematics - a foundation for computer science , 1991 .

[6]  Charu C. Aggarwal,et al.  On privacy preservation against adversarial data mining , 2006, KDD '06.

[7]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[8]  Vijay V. Vazirani,et al.  Primal-Dual RNC Approximation Algorithms for Set Cover and Covering Integer Programs , 1999, SIAM J. Comput..

[9]  Chen Li,et al.  Secure XML Publishing without Information Leakage in the Presence of Data Inference , 2004, VLDB.

[10]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[11]  Elisa Bertino,et al.  State-of-the-art in privacy preserving data mining , 2004, SGMD.

[12]  Alexandre V. Evfimievski,et al.  Privacy preserving mining of association rules , 2002, Inf. Syst..

[13]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[14]  Sushil Jajodia,et al.  Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures , 2000, IEEE Trans. Knowl. Data Eng..