基于模糊影响图的差分隐私算法保护效果评估方法

田月池; 李凤华; 周泽峻; 孙哲; 郭守坤; 牛犇

doi:10.11959/j.issn.1000-436x.2024122

您当前的位置：

首页 >

文章列表页 >

基于模糊影响图的差分隐私算法保护效果评估方法

学术论文 | 更新时间：2024-09-10

- 基于模糊影响图的差分隐私算法保护效果评估方法
- Assessment method on protection effectiveness of differential privacy algorithms based on fuzzy influence diagram
- 通信学报 2024年45卷第8期页码：1-19
- 作者机构：
  
  1.中国科学院信息工程研究所,北京 100085
  2.中国科学院大学网络空间安全学院,北京 100049
  3.网络空间安全防御重点实验室,北京 100085
  4.广州大学网络空间安全学院,广东广州 510006
- 作者简介：
  
  [ "田月池（1998- ），女，河北保定人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、隐私保护效果评估。" ]
  [ "李凤华（1966- ），男，湖北浠水人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为网络与系统安全、信息保护、隐私计算。" ]
  [ "周泽峻（2000- ），男，河南洛阳人，中国科学院信息工程研究所博士生，主要研究方向为隐私计算、数据安全。" ]
  [ "孙哲（1987- ），男，安徽安庆人，博士，广州大学副教授，主要研究方向为隐私计算、数据安全。" ]
  [ "郭守坤（1994- ），男，河南周口人，中国科学院信息工程研究所工程师，主要研究方向为隐私计算、数据安全。" ]
  [ "牛犇（1984- ），男，陕西西安人，博士，中国科学院信息工程研究所研究员、博士生导师，主要研究方向为数据安全、隐私计算。" ]
- 基金信息：
  
  国家重点研发计划基金资助项目;The National Key Research and Development Program of China(2021YFB3100300);国家自然科学基金资助项目;The National Natural Science Foundation of China(62332018);国家社科基金重大项目(22&ZD147)
- DOI：10.11959/j.issn.1000-436x.2024122
  中图分类号： TN92
- 收稿：2024-02-23，
  
  修回：2024-06-11，
  
  纸质出版：2024-08-25
- 稿件说明：
移动端阅览
田月池,李凤华,周泽峻等.基于模糊影响图的差分隐私算法保护效果评估方法[J].通信学报,2024,45(08):1-19.

TIAN Yuechi,LI Fenghua,ZHOU Zejun,et al.Assessment method on protection effectiveness of differential privacy algorithms based on fuzzy influence diagram[J].Journal on Communications,2024,45(08):1-19.
田月池,李凤华,周泽峻等.基于模糊影响图的差分隐私算法保护效果评估方法[J].通信学报,2024,45(08):1-19. DOI： 10.11959/j.issn.1000-436x.2024122.

TIAN Yuechi,LI Fenghua,ZHOU Zejun,et al.Assessment method on protection effectiveness of differential privacy algorithms based on fuzzy influence diagram[J].Journal on Communications,2024,45(08):1-19. DOI： 10.11959/j.issn.1000-436x.2024122.

摘要

针对隐私保护算法实际保护效果评估难的问题，提出了一种基于模糊影响图的差分隐私算法保护效果评估方法，实现对差分隐私算法的多维度评估，得出保护效果综合分数和等级。从算法安全性、算法可行性、隐私偏差性、数据可用性和用户体验5个方面出发，建立指标体系。使用模糊理论处理不确定性，通过影响图传递影响关系并计算该模糊影响图，得出保护效果分数和等级，据此反馈调整算法参数，实现迭代评估。提出正向化环节，解决截然相反的算法在某些情况下评估结果一样的问题。电-碳模型中的对比实验表明，所提方法能够对差分隐私算法的保护效果做出有效评价，消融实验进一步表明，正向化环节对算法的区分度起了关键作用。

Abstract

In response to the challenge of comprehensively assessing privacy-preserving algorithms

an assessment method on protection effectiveness of differential privacy algorithms based on fuzzy influence diagram was proposed

achieving a multi-perspective assessment of differential privacy algorithms with a comprehensive score and level as assessment results. Starting from five aspects—algorithm security

feasibility

privacy bias

data utility

and user experience

an indicator system was established. Fuzzy theory was employed to handle uncertainties

while the diagram was used to propagate interactions between factors. The assessment score and level were obtained by calculating the fuzzy influence diagram

and then used as feedback for parameter adjustment to achieve iterative assessment. Formalization link was proposed to solve the problem of completely opposite algorithms with idential evaluation results. Comparative experiments on electricity-carbon analysis model demonstrate the proposed method can assess the protection effectiveness of differential privacy algorithms effectively. Ablation experiments further show that the formalization link plays a key role in the discrimination of the algorithm.

关键词

Keywords

references

李凤华 , 李晖 , 贾焰 , 等 . 隐私计算研究范畴及发展趋势 [J ] . 通信学报 , 2016 , 37 ( 4 ): 1 - 11 .

LI F H , LI H , JIA Y , et al . Privacy computing: concept, connotation and its research trend [J ] . Journal on Communications , 2016 , 37 ( 4 ): 1 - 11 .

张文静 , 刘樵 , 朱辉 . 基于信息论方法的多等级位置隐私度量与保护 [J ] . 通信学报 , 2019 , 40 ( 12 ): 51 - 59 .

ZHANG W J , LIU Q , ZHU H . Evaluation and protection of multi-level location privacy based on an information theoretic approach [J ] . Journal on Communications , 2019 , 40 ( 12 ): 51 - 59 .

ZAMANI A , OECHTERING T J , SKOGLUND M . On the privacy-utility trade-off with and without direct access to the private data [J ] . IEEE Transactions on Information Theory , 2024 , 70 ( 3 ): 2177 - 2200 .

CUFF P , YU L Q . Differential privacy as a mutual information constraint [C ] // Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2016 : 43 - 54 .

JAGIELSKI M , ULLMAN J , OPREA A . Auditing differentially private machine learning: how private is private SGD? [C ] // Advances in Neural Information Processing Systems . Virtual Event : NIPS Foundation , 2020 : 22205 - 22216 .

WANG C X , TAY W P . On the relationship between information-theoretic privacy metrics and probabilistic information privacy [J ] . arXiv Preprint , arXiv: 2301.08401 , 2023 .

ASOODEH S , DIAZ M , ALAJAJI F , et al . Privacy-aware guessing efficiency [C ] // Proceedings of the 2017 IEEE International Symposium on Information Theory (ISIT) . Piscataway : IEEE Press , 2017 : 754 - 758 .

ASOODEH S , DIAZ M , ALAJAJI F , et al . Estimation efficiency under privacy constraints [J ] . IEEE Transactions on Information Theory , 2019 , 65 ( 3 ): 1512 - 1534 .

RASSOULI B , GÜNDÜZ D . Optimal utility-privacy trade-off with total variation distance as a privacy measure [C ] // Proceedings of the 2018 IEEE Information Theory Workshop (ITW) . Piscataway : IEEE Press , 2018 : 1 - 5 .

JAYARAMAN B , EVANS D E . Evaluating differentially private machine learning in practice [C ] // 28th USENIX Security Symposium (USENIX Security) . Berkeley : USENIX Association , 2019 : 1895 - 1912 .

RYU J , ZHENG Y F , GAO Y S , et al . Can differential privacy practically protect collaborative deep learning inference for IoT? [J ] . Wireless Networks , 2024 , 30 : 4713 - 4733 .

DING Z Y , WANG Y X , WANG G H , et al . Detecting violations of differential privacy [C ] // Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2018 : 475 - 489 .

BICHSEL B , GEHR T , DRACHSLER-COHEN D , et al . DP-finder: finding differential privacy violations by sampling and optimization [C ] // Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2018 : 508 - 524 .

BICHSEL B , STEFFEN S , BOGUNOVIC I , et al . DP-sniper: black-box discovery of differential privacy violations using classifiers [C ] // Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2021 : 391 - 409 .

NIU B , ZHOU Z J , CHEN Y H , et al . DP-opt: identify high differential privacy violation by optimization [C ] // International Conference on Wireless Algorithms, Systems, and Applications . Berlin : Springer , 2022 : 406 - 416 .

ASKIN Ö , KUTTA T , DETTE H . Statistical quantification of differential privacy: a local approach [C ] // Proceedings of the 2022 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2022 : 402 - 421 .

SAKIB S K , AMARIUCAI G T , GUAN Y . Variations and extensions of information leakage metrics with applications to privacy problems with imperfect statistical information [C ] // Proceedings of the 2023 IEEE 36th Computer Security Foundations Symposium (CSF) . Piscataway : IEEE Press , 2023 : 407 - 422 .

YE Q Q , HU H B , MENG X F , et al . PrivKV: key-value data collection with local differential privacy [C ] // Proceedings of the 2019 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2019 : 317 - 331 .

OYA S , TRONCOSO C , PÉREZ-GONZÁLEZ F . Back to the drawing board: Revisiting the design of optimal location privacy-preserving mechanisms [C ] // Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS) . New York : ACM Press , 2017 : 1959 - 1972 .

WANG Y X , DING Z Y , KIFER D , et al . CheckDP: an automated and integrated approach for proving differential privacy or finding precise counterexamples [C ] // Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2020 : 919 - 938 .

CHEN J , WANG C H , HE K , et al . Semantics-aware privacy risk assessment using self-learning weight assignment for mobile apps [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 1 ): 15 - 29 .

俞艺涵 , 付钰 , 吴晓平 . 基于多层模糊综合评估的隐私保护效果评估方法 [J ] . 网络与信息安全学报 , 2020 , 6 ( 6 ): 121 - 127 .

YU Y H , FU Y , WU X P . Evaluation method of privacy protection effect based on multi-layer fuzzy comprehensive evaluation [J ] . Chinese Journal of Network and Information Security , 2020 , 6 ( 6 ): 121 - 127 .

刘金兰 , 韩文秀 , 李光泉 . 关于工程项目风险分析的模糊影响图方法 [J ] . 系统工程学报 , 1994 , 9 ( 2 ): 81 - 88 .

LIU J L , HAN W X , LI G Q . A fuzzy influence diagram method for analyzing engineering project risk [J ] . Journal of Systems Engineering , 1994 , 9 ( 2 ): 81 - 88 .

程铁信 , 王平 , 张伟波 . 模糊影响图评价算法的探讨 [J ] . 系统工程学报 , 2004 , 19 ( 2 ): 177 - 182 .

CHENG T X , WANG P , ZHANG W B . Investigation on fuzzy influence diagrams evaluation algorithm [J ] . Journal of Systems Engineering , 2004 , 19 ( 2 ): 177 - 182 .

刘玉梅 , 陈云 , 赵聪聪 , 等 . 高速列车传动系可靠性的外部影响因素评估 [J ] . 西南交通大学学报 , 2019 , 54 ( 3 ): 535 - 541 .

LIU Y M , CHEN Y , ZHAO C C , et al . Assessment for external influence factors of high-speed train transmission reliability [J ] . Journal of Southwest Jiaotong University , 2019 , 54 ( 3 ): 535 - 541 .

门金柱 , 张本辉 , 姚科明 , 等 . 基于模糊影响图的舰载直升机作战环境评估方法 [J ] . 火力与指挥控制 , 2022 , 47 ( 10 ): 46 - 51, 58 .

MEN J Z , ZHANG B H , YAO K M , et al . Evaluation method of operational environment for shipboard helicopter based on fuzzy influence diagram [J ] . Fire Control & Command Control , 2022 , 47 ( 10 ): 46 - 51, 58 .

XIA J Y , PI Z Y , FANG W G . Predicting war outcomes based on a fuzzy influence diagram [J ] . International Journal of Fuzzy Systems , 2021 , 23 ( 4 ): 984 - 1002 .

HOWARD R A , MATHESON J E . Influence diagrams [J ] . Decision Analysis , 2005 , 2 ( 3 ): 127 - 143 .

ZADEH L A . Fuzzy sets [J ] . Elsevier Information and Control , 1965 , 8 ( 3 ): 338 - 353 .

SHANNON C E . A mathematical theory of communication [J ] . The Bell System Technical Journal , 1948 , 27 ( 3 ): 379 - 423 .

浏览量

1029

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于CNN-BiLSTM-Attention融合模型的差分隐私轨迹重构攻击

面向动态算力节点的联邦学习差分隐私重校准方法

DAGUARD：联邦学习下的分布式后门攻击防御方案

基于目标扰动的AdaBoost算法

面向非独立同分布数据的联邦学习数据增强方案