data anonymization generalization algorithms
play

Data Anonymization - Generalization Algorithms Li Xiong CS573 Data - PowerPoint PPT Presentation

Jan 23, 2024 •329 likes •790 views

Data Anonymization - Generalization Algorithms Li Xiong CS573 Data Privacy and Anonymity Generalization and Suppression Generalization Suppression Replace the value with a less Do not release a Z2 = {410**} value at all

  1. Data Anonymization - Generalization Algorithms Li Xiong CS573 Data Privacy and Anonymity

  2. Generalization and Suppression  • Generalization  Suppression  Replace the value with a less  Do not release a Z2 = {410**} value at all specific but semantically consistent value Z1 = {4107*. 4109*} Z0 = {41075, 41076, 41095, 41099} # Zip Age Nationality Condition 1 41076 < 40 * Heart Disease 2 48202 < 40 * Heart Disease S1 = {Person} 3 41076 < 40 * Cancer S0 = {Male, Female} 4 48202 < 40 * Cancer

  3. Complexity Search Space: • Number of generalizations =  (Max level of generalization for attribute i + 1) attrib i If we allow generalization to a different level for each value of an attribute: • Number of generalizations =  (Max level of generalization for attribute i + 1) #tuples attrib i 3

  4. Hardness result  Given some data set R and a QI Q , does R satisfy k-anonymity over Q ?  Easy to tell in polynomial time, NP!  Finding an optimal anonymization is not easy  NP-hard: reduction from k-dimensional perfect matching  A polynomial solution implies P = NP A. Meyerson and R. Williams. On the complexity of optimal k-anonymity. In PODS’04.

  5. Taxonomy of Generalization Algorithms  Top-down specialization vs. bottom-up generalization  Global (single dimensional) vs. local (multi- dimensional)  Complete (optimal) vs. greedy (approximate)  Hierarchy-based (user defined) vs. partition- based (automatic) K. LeFerve, D. J. DeWitt, and R. Ramakrishnan. Incognito: Efficient Full-Domain K-Anonymity. In SIGMOD 05

  6. Generalization algorithms  Early systems  µ-Argus, Hundpool, 1996 - Global, bottom-up, greedy  Datafly, Sweeney, 1997 - Global, bottom-up, greedy  k-anonymity algorithms  AllMin, Samarati, 2001 - Global, bottom-up, complete, impractical  MinGen, Sweeney, 2002 - Global, bottom-up, complete, impractical  Bottom-up generalization, Wang, 2004 – Global, bottom-up, greedy  TDS (Top-Down Specialization), Fung, 2005 - Global, top-down, greedy  K-OPTIMIZE, Bayardo, 2005 – Global, top-down, partition-based, complete  Incognito, LeFevre, 2005 – Global, bottom-up, hierarchy-based, complete  Mondrian, LeFevre, 2006 – Local, top-down, partition-based, greedy

  7. µ-Argus  Hundpool and Willenborg, 1996  Greedy approach  Global generalization with tuple suppression  Not guaranteeing k-anonymity

  8. µ -Argus µ -Argus algorithm

  9. µ-Argus

  10. Problems With µ-Argus 1. Only 2- and 3- combinations are examined, there may exist 4 combinations that are unique – may not always satisfy k-anonymity 2. Enforce generalization at the attribute level (global) – may over generalize

  11. The Datafly System  Sweeney, 1997  Greedy approach  Global generalization with tuple suppression

  12. Core Datafly Algorithm Datafly Algorithm

  13. Datafly MGT resulting from Datafly, k =2, QI={ Race , Birthdate , Gender , ZIP }

  14. Problems With Datafly 1. Generalizing all values associated with an attribute (global) 2. Suppressing all values within a tuple (global) 3. Selecting the attribute with the greatest number of distinct values as the one to generalize first – computationally efficient but may over generalize

  15. Generalization algorithms Early systems  µ-Argus, Hundpool, 1996 - Global, bottom-up, greedy  Datafly, Sweeney, 1997 - Global, bottom-up, greedy   k-anonymity algorithms AllMin, Samarati, 2001 - Global, bottom-up, complete, impractical  MinGen, Sweeney, 2002 - Global, bottom-up, complete, impractical  Bottom-up generalization, Wang, 2004 – Global, bottom-up, greedy  TDS (Top-Down Specialization), Fung, 2005 - Global, top-down, greedy  K-OPTIMIZE, Bayardo, 2005 – Global, top-down, partition-based, complete  Incognito, LeFevre, 2005 – Global, bottom-up, hierarchy-based, complete  Mondrian, LeFevre, 2006 – Local, top-down, partition-based, greedy 

  16. K-OPTIMIZE  Practical solution to guarantee optimality  Main techniques  Framing the problem into a set-enumeration search problem  Tree-search strategy with cost-based pruning and dynamic search rearrangement  Data management strategies 1/22/2009 16

  17. Anonymization Strategies  Local suppression  Delete individual attribute values  E.g. <Age=50, Gender=M, State=CA>  Global attribute generalization  Replace specific values with more general ones for an attribute  Numeric data: partitioning of the attribute domain into intervals. E.g. Age={[1-10],...,[91- 100]}  Categorical data: generalization hierarchy supplied by users. E.g. Gender = [M or F] 1/22/2009 17

  18. K-Anonymization with Suppression  K-anonymization with suppression  Global attribute a 1 a m generalization with local suppression of outlier v 1,1 … v 1,m tuples. … E {  Terminologies  Dataset: D v 1,n v n,m  Anonymization: {a 1 , …, a m }  Equivalent classes: E 1/22/2009 18

  19. Finding Optimal Anonymization  Optimal anonymization determined by a cost metric  Cost metrics  Discernibility metric: penalty for non- suppressed tuples and suppressed tuples  Classification metric 1/22/2009 19

  20. Modeling Anonymizations  Assume a total order over the set of all attribute domain  Set representation for anonymization  E.g. Age: <[10-29], [30-49]>, Gender: <[M or F]>, Marital Status: <[Married], [Widowed or Divorced], [Never Married]>  {1, 2, 4, 6, 7, 9} -> {2, 7, 9}  Power set representation for entire anonymization space  Power set of {2, 3, 5, 7, 8, 9} - order of 2 n !  {} – most general anonymization  {2,3,5,7,8,9} – most specific anonymization 1/22/2009 20

  21. Optimal Anonymization Problem  Goal  Find the best anonymization in the powerset with lowest cost  Algorithm  set enumeration search through tree expansion - size 2 n Set enumeration tree over  Top-down depth first search powerset of {1,2,3,4}  Heuristics  Cost-based pruning  Dynamic tree rearrangement 1/22/2009 21

  22. Node Pruning through Cost Bounding  Intuitive idea  prune a node H if none of its descendents can be optimal  Cost lower-bound of H subtree of H  Cost of suppressed tuples bounded by H A  Cost of non-suppressed tuples bounded by A 1/22/2009 22

  23. Useless Value Pruning  Intuitive idea  Prune useless values that have no hope of improving cost  Useless values  Only split equivalence classes into suppressed equivalence classes (size < k) 1/22/2009 23

  24. Tree Rearrangement  Intuitive idea  Dynamically reorder tree to increase pruning opportunities  Heuristics  sort the values based on the number of equivalence classes induced 1/22/2009 24

  25. Experiments  Adult census dataset  30k records and 9 attributes  Fine: powerset of size 2 160  Evaluations of performance and optimal cost  Comparison with greedy/stochastic method  2-phase greedy generalization/specialization  Repeated process 1/22/2009 25

  26. Results – Comparison  None of the other optimal algorithms can handle the census data  Greedy approaches, while executing quickly, produce highly sub- optimal anonymizations  Comparison with 2-phase method (greedy + stochastic) 1/22/2009 26

  27. Comments  Interesting things to think about  Domains without hierarchy or total order restrictions  Other cost metrics  Global generalization vs. local generalization 1/22/2009 27

  28. Generalization algorithms Early systems  µ-Argus, Hundpool, 1996 - Global, bottom-up, greedy  Datafly, Sweeney, 1997 - Global, bottom-up, greedy   k-anonymity algorithms AllMin, Samarati, 2001 - Global, bottom-up, complete, impractical  MinGen, Sweeney, 2002 - Global, bottom-up, complete, impractical  Bottom-up generalization, Wang, 2004 – Global, bottom-up, greedy  TDS (Top-Down Specialization), Fung, 2005 - Global, top-down, greedy  K-OPTIMIZE, Bayardo, 2005 – Global, top-down, partition-based, complete  Incognito, LeFevre, 2005 – Global, bottom-up, hierarchy-based, complete  Mondrian, LeFevre, 2006 – Local, top-down, partition-based, greedy 

  29. Mondrian  Top-down partitioning  Greedy  Local (multidimensional) – tuple/cell level

  30. Global Recoding  Mapping domains of quasi-identifiers to generalized or altered values using a single function  Notation  D x is the domain of attribute X i in table T  Single Dimensional  φ i : D xi  D’ for each attribute X i of the quasi- id  φ i applied to values of X i in tuple of T

  31. Local Recoding  Multi-Dimensional  Recode domain of value vectors from a set of quasi-identifier attributes  φ : D x1 x … x D xn  D’  φ applied to vector of quasi-identifier attributes in each tuple in T

  32. Partitioning  Single Dimensional  For each X i , define non-overlapping single dimensional intervals that covers D xi  Use φ i to map x ε D x to a summary stat  Strict Multi-Dimensional  Define non-overlapping multi-dimensional intervals that covers D x1 … D xd  Use φ to map (x x1 …x xd ) ε D x1 … D xd to a summary stat for its region

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Data Anonymization - Generalization Algorithms Li Xiong, Slawek Goryczka CS573 Data Privacy and

Data Anonymization - Generalization Algorithms Li Xiong, Slawek Goryczka CS573 Data Privacy and

Data Anonymization - Generalization Algorithms Li Xiong, Slawek Goryczka CS573 Data Privacy and Anonymity Generalization and Suppression Generalization Suppression Replace the value with a less Do not release a Z2 = {410**}

1.27k views • 52 slides
Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573

Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573

Anonymization Algorithms - Other techniques, metrics, and extended scenarios Li Xiong CS573 Data Privacy and Anonymity So far k-anonymity (protect identity disclosure) Anonymization algorithms Generalization and suppression

549 views • 34 slides
Anonymization Algorithms - Microaggregation and Clustering Li Xiong CS573 Data Privacy and

Anonymization Algorithms - Microaggregation and Clustering Li Xiong CS573 Data Privacy and

Anonymization Algorithms - Microaggregation and Clustering Li Xiong CS573 Data Privacy and Anonymity Anonymization using Microaggregation or Clustering Practical Data-Oriented Microaggregation for Statistical Disclosure Control,

902 views • 55 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Recap/Taxonomy of Anonymization Microdata anonymization Microaggregation based anonymization Taxonomy of Anonymization Problem

620 views • 59 slides
Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference

Data Privacy Anonymization Li Xiong CS573 Data Privacy and Security Outline Inference control Anonymization problem Anonymization notions and approaches (and how they fail to work!) k-anonymity l-diversity t-closeness

741 views • 51 slides
Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies

Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies

Data Masking and Anonymization for PostgreSQL 1 The Anonymization Challenge 8 Strategies PostgreSQL Anonymizer The Future 2 3 My Story 4 LETS DO THIS ! jailer pgantomizer ARX pgsync anomyze-it anonymizer mat2 Talend open

1.12k views • 77 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Clustering based anonymization (cont) Permutation based anonymization Other privacy principles Microaggregation/Clustering Two steps:

879 views • 52 slides
CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today

CS573 Data Privacy and Security Anonymization methods Anonymization methods Li Xiong Today Permutation based anonymization methods (cont.) Other privacy principles for microdata publishing publishing Statistical databases

986 views • 51 slides
CS573 Data Privacy and Security Data Anonymization (cont.) Li Xiong Department of Mathematics

CS573 Data Privacy and Security Data Anonymization (cont.) Li Xiong Department of Mathematics

CS573 Data Privacy and Security Data Anonymization (cont.) Li Xiong Department of Mathematics and Computer Science Emory University Today Cont. Anonymization notions and approaches l-diversity t-closeness Takeaways Attacks on

192 views • 15 slides
Introduction to Anonymization (I) Claire McKay Bowen Postdoctoral Researcher, Los Alamos

Introduction to Anonymization (I) Claire McKay Bowen Postdoctoral Researcher, Los Alamos

DataCamp Data Privacy and Anonymization in R DATA PRIVACY AND ANONYMIZATION IN R Introduction to Anonymization (I) Claire McKay Bowen Postdoctoral Researcher, Los Alamos National Laboratory DataCamp Data Privacy and Anonymization in R

609 views • 26 slides
Big Data and the application of anonymization techniques Annual Privacy Forum 2015 7-8 October,

Big Data and the application of anonymization techniques Annual Privacy Forum 2015 7-8 October,

Big Data and the application of anonymization techniques Annual Privacy Forum 2015 7-8 October, Luxembourg Giuseppe DAcquisto Garante per la protezione dei dati personali 1 The concept of anonymization My data 1 D.O.F Any person Empty

334 views • 12 slides
Quantifying the Risk of Re-identification in Data Anonymization Competition Takao Murakami

Quantifying the Risk of Re-identification in Data Anonymization Competition Takao Murakami

1 Quantifying the Risk of Re-identification in Data Anonymization Competition Takao Murakami (AIST*, Japan) *AIST: National Institute of Advanced Industrial Science &amp; Technology 2 Outline Data Anonymization Mechanism Plays an

543 views • 27 slides
An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2

An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2

An Automated Social Graph De-anonymization Technique Kumar Sharad 1 George Danezis 2 1 2 November 3, 2014 Workshop on Privacy in the Electronic Society, Scottsdale, Arizona, USA This Talk 1 The Art of Data Anonymization 2 The D4D Challenge 3

527 views • 51 slides
Data Anonymization Graham Cormode Graham Cormode graham@research.att.com 1 Why Anonymize?

Data Anonymization Graham Cormode Graham Cormode graham@research.att.com 1 Why Anonymize?

Data Anonymization Graham Cormode Graham Cormode graham@research.att.com 1 Why Anonymize? For Data Sharing Give real(istic) data to others to study without compromising privacy of individuals in the data Allows third-parties to try

728 views • 28 slides
Issues of Data Mining Kyle Borah OutLine Background Data Anonymization Encryption

Issues of Data Mining Kyle Borah OutLine Background Data Anonymization Encryption

Social &amp; Privacy Issues of Data Mining Kyle Borah OutLine Background Data Anonymization Encryption with demo OutLine Background Data Anonymization Encryption with demo Background Companies have your data

468 views • 12 slides
Data Anonymization that Towards Optimal . . . Leads to the Most Accurate First Result: . . . We

Data Anonymization that Towards Optimal . . . Leads to the Most Accurate First Result: . . . We

Need to Preserve Privacy How to Preserve . . . In Statistical Data . . . Estimating Accuracy . . . Data Anonymization that Towards Optimal . . . Leads to the Most Accurate First Result: . . . We Need to Dismiss . . . Estimates of

700 views • 22 slides
SEPTEMBER 23 24, 2019 | WASHINGTON, DC 1 TARA SWEENEY ASSISTANT SECRETARY INDIAN AFFAIRS

SEPTEMBER 23 24, 2019 | WASHINGTON, DC 1 TARA SWEENEY ASSISTANT SECRETARY INDIAN AFFAIRS

SEPTEMBER 23 24, 2019 | WASHINGTON, DC 1 TARA SWEENEY ASSISTANT SECRETARY INDIAN AFFAIRS SEPTEMBER 23 24, 2019 | WASHINGTON, DC 3

311 views • 3 slides
Ionospheric Research Perspectives 1975-2015 John M. Goodman JMG Associates May 12, 2015

Ionospheric Research Perspectives 1975-2015 John M. Goodman JMG Associates May 12, 2015

Ionospheric Research Perspectives 1975-2015 John M. Goodman JMG Associates May 12, 2015 Contents Some Introductory Remarks Where were we then? (circa 1970-1980) Where are we now? (2015) Challenges NRL Randle Cliff Radar at

856 views • 60 slides
International Implications of Social Security for Workers in the U.S. TUES DA Y , DECEMBER 5,

International Implications of Social Security for Workers in the U.S. TUES DA Y , DECEMBER 5,

FOR LIVE PROGRAM ONLY International Implications of Social Security for Workers in the U.S. TUES DA Y , DECEMBER 5, 2017, 1:00-2:50 pm East ern IMPORTANT INFORMATION FOR THE LIVE PROGRAM This program is approved for 2 CPE credit hours . To

1.51k views • 121 slides
Introduction to Prolog 20070524 Prolog 1 History of Prolog PROgramming in LOGic - based

Introduction to Prolog 20070524 Prolog 1 History of Prolog PROgramming in LOGic - based

Introduction to Prolog 20070524 Prolog 1 History of Prolog PROgramming in LOGic - based on logic - a popular artificial intelligence language - Horn subset of first-order Predicate Logic Developed by Robert A. Kowalski (Univ. of

940 views • 16 slides
Privacy as a Service (slides) Ashish Dandekar, Debabrota Basu, Poh Geong Sen, Jia Xu, St

Privacy as a Service (slides) Ashish Dandekar, Debabrota Basu, Poh Geong Sen, Jia Xu, St

Introduction Li anch eng Demo References Privacy as a Service (slides) Ashish Dandekar, Debabrota Basu, Poh Geong Sen, Jia Xu, St ephane Bressan July 18, 2019 1 / 8 Introduction Li anch eng Demo References Motivation

232 views • 9 slides
Leading Student-Centered Coaching Diane Sweeney @ Literacy for All @SweeneyDiane |

Leading Student-Centered Coaching Diane Sweeney @ Literacy for All @SweeneyDiane |

Leading Student-Centered Coaching Diane Sweeney @ Literacy for All @SweeneyDiane | info@dianesweeney.com #SCCoaching TURN/TALK How would you describe a school that has a culture for coaching? #SCCoaching @SweeneyDiane Student-Centered

721 views • 33 slides
fluorochemicals in New Hanover drinking water Nadine Kotlarz, PhD nkotlar@ncsu.edu Wilmington,

fluorochemicals in New Hanover drinking water Nadine Kotlarz, PhD nkotlar@ncsu.edu Wilmington,

Update on GenX and other fluorochemicals in New Hanover drinking water Nadine Kotlarz, PhD nkotlar@ncsu.edu Wilmington, April 17, 2018 Preliminary Information Subject to Revision. Not for Citation or Distribution. 1 Preliminary Information

618 views • 29 slides
October 2 - Golden Gate Park on the National Stage Golden Gate Park in the news. Uninvited Guests

October 2 - Golden Gate Park on the National Stage Golden Gate Park in the news. Uninvited Guests

t o r y o f A H i s Golden Gate Park Fromm Institute - Fall 2019 - John Freeman October 2 - Golden Gate Park on the National Stage Golden Gate Park in the news. Uninvited Guests at Golden Gate Park Wedding Photo Shoot! Ferries

862 views • 21 slides

More recommend