04-09-2014, 10:10 AM
Enabling Multilevel Trust in Privacy
Preserving Data Mining
Enabling Multilevel.pdf (Size: 1.22 MB / Downloads: 12)
INTRODUCTION
DATA perturbation, a widely employed and accepted
Privacy Preserving Data Mining (PPDM) approach,
tacitly assumes single-level trust on data miners. This
approach introduces uncertainty about individual values
before data are published or released to third parties for data
mining purposes [1], [2], [3], [4], [5], [6], [7]. Under the single
trust level assumption, a data owner generates only one
perturbed copy of its data with a fixed amount of uncertainty.
This assumption is limited in various applications where a
data owner trusts the data miners at different levels.
We present below a two trust level scenario as a
motivating example
Threat Model
We assume malicious data miners who always attempt to
reconstruct a more accurate estimate of the original data
given perturbed copies. We hence use the terms data miners
and adversaries interchangeably throughout this paper. In
MLT-PPDM, adversaries may have access to a subset of the
perturbed copies of the data. The adversaries’ goal is to
reconstruct the original data as accurately as possible based
on all available perturbed copies.
The reconstruction accuracy depends heavily on the
adversaries’ knowledge. We make the same assumption as
the one in [4] that adversaries have the knowledge of the
statistics of the original data X and the noise ZZ, i.e., mean
X, and covariance matrices KX and KZZ. Note that the
adversaries with less knowledge are weaker than the ones
we study in this paper.
4 CASE STUDY
In this section, we study a basic case corresponding to the
motivating example we described at the beginning of
Section 1. In the case, a data miner has access to two
differently perturbed copies of the same data, each for a
different trust level. We present the challenges in achieving
the privacy goal in (10) with two false starts. As we develop
a solution to this basic base, we show the key ideas in
solving the more general case of arbitrarily fine granularity
of trust levels.
CONCLUSION AND FUTURE WORK
In this work, we expand the scope of additive perturbation
based PPDM to multilevel trust (MLT), by relaxing an
implicit assumption of single-level trust in exiting work.
MLT-PPDM allows data owners to generate differently
perturbed copies of its data for different trust levels.
The key challenge lies in preventing the data miners
from combining copies at different trust levels to jointly
reconstruct the original data more accurate than what is
allowed by the data owner