基于密度的分布式隐私保护异常检测算法

现有的隐私保护异常检测算法大多是基于距离的,针对垂直划分的数据库提出一种隐私保护密度异常检测算法VPPDBOM.该算法基于密度异常检测算法(DBOM)的思想实现异常检测,利用垂直划分数据库中对象的邻域是其局部邻域交集的子集的特征,提高了DBOM算法中对象邻域的计算效率.同时基于半诚实模型,应用安全多方计算技术的安全和协议,安全交集协议实现隐私保护.理论分析和实验结果表明,该算法既保护了隐私信息又保证了性能.     

恶意模型下隐私保护点积的研究

由于现存的隐私保护方法大多是在半诚实模型下或针对某一算法,且基于安全多方计算的算法效率较低,因此使用随机正交变换扰乱技术实现恶意模型下垂直分布数据隐私保护点积的计算,该方法能抵制恶意方的共谋,有较好的伸缩性,实现了数据的有效保护。理论证明和实验分析表明该方法的安全性和经过扰乱后数据的有效性。     

高效隐私保护频繁模式挖掘算法研究

阐述了隐私保护数据挖掘的目标,即在获取有效的数据挖掘结果的同时,满足用户对隐私保护的要求.针对个体用户及组织用户的隐私保护,论述了不同的方法,并归纳出隐私保护数据挖掘中所采用的两种主流算法.改进了高效隐私保护关联规则挖掘算法(EMASK)中需要完全的数据库扫描并且进行多次比较操作的弊端,提出了基于粒度计算的高效隐私保护频繁模式挖掘算法(BEMASK).该算法将关系数据表转换成面向机器的关系模型,数据处理被转换成粒度计算的方式,计算频繁项集变成了计算基本颗粒的交集.特别是数据的垂直Bitmap表示,在保证准确性不降低的情况下,一方面减少了I/O操作的次数,另一方面较大地提高了效率.     

大数据环境中交互式查询差分隐私保护模型

随着大数据时代的到来,数据挖掘技术被广泛应用,而线性查询作为该技术中最基础和最频繁的操作,其隐私保护在数据分析和数据发布隐私保护中占有极其重要的位置。交互式线性查询的交互增加了数据的处理量,运用传统的隐私保护模型效率较低。为了解决大数据环境中交互式查询差分隐私保护问题,模型针对大规模数据集中交互式线性查询差分隐私保护的特点,通过数据关联性分析减少冗余信息,采用交替方向乘子法对查询负载矩阵进行分解,利用自适应加噪技术产生差分隐私保护所需要的合理数量的噪声,设计并行处理方法实现该模型的计算。实验将提出的模型与以往模型进行对比。结果表明,所提出的模型在提升隐私保护精度的同时,也极大地提高了算法性能,因此模型切实可行。     

基于小波变换的分布式隐私保护聚类算法

针对现有隐私保护聚类算法无法满足效率与隐私之间较好折中的问题,提出一种基于安全多方计算(SMC)与数据扰动相结合的分布式隐私保护聚类算法。各数据方用小波变换实现数据压缩和信息隐藏,并用属性列的随机重排来防止数据重构可能产生的信息泄露。该算法仅使用压缩重排后的数据参与分布聚类计算,因此计算量和通信量小,算法效率高,而多重保护措施有效保护了隐私数据。因小波变换具有高保真性,所以聚类精度受小波变换的影响较小。理论分析和实验结果表明,所提算法安全高效,在处理高维数据时全局F测量值和执行效率优于基于Haar小波的离散余弦变换(DCT-H)算法,解决了效率与隐私之间的折中问题。     

物联网空间内LBS隐私安全保护模型研究

为解决物联网空间内LBS服务的隐私安全问题,在分析物联网环境中的LBS服务框架的基础上,针对其面临的各种隐私安全威胁及安全需求,基于匿名通信原理和可计算加密思想设计了一种支持真实身份、实体位置和服务内容等LBS隐私保护的安全模型,提出采用Onion Routing算法和全同态加密算法实现该模型。模型实现算法的分析表明,该模型可实现身份匿名、位置保护、服务加密等,对物联网空间内LBS隐私具有很好的安全保护。     

支持差分隐私保护及离群点消除的并行K-means算法

针对大数据环境下聚类分析的隐私保护问题,基于MapReduce计算框架,提出了一种并行化的支持差分隐私保护和离群点消除的K-means算法。算法并行地计算数据集中各点间的欧氏距离矩阵与最近邻超球半径以导出离群点的判定阈值,并在此基础上完成差分隐私保护下的初始聚类中心选取和并行聚类过程。理论分析证明整个算法满足ε-差分隐私保护,实验结果说明该算法在隐私保护的有效性,聚类结果的可用性以及执行效率等方面取得了很好的平衡,相比于同类算法有较优的表现。     

移动社交网络实时缺席隐私保护

针对移动社交网络中的缺席隐私保护问题,建立用户自定义隐私保护参数模型。设计用户个性化设置隐私参数的方法,给出运动情况下缺席隐私保护的必要条件,并采用泛化方法实现缺席隐私保护及资源的实时发布。在人造数据集上与WYSE算法进行对比,实验结果表明,在计算时间相当的情况下,该算法的发布延时较少。     

基于安全两方计算的隐私保护线性回归算法

随着数据安全与隐私泄露事件频发,泄露规模连年加剧,如何保证机器学习中数据和模型参数的隐私引发科学界和工业界的广泛关注。针对本地存储计算资源的有限性及云平台的不可信性所带来的数据隐私问题,基于秘密共享技术提出了一种安全两方计算的隐私保护线性回归算法。利用加法同态加密和加法掩码实现了秘密共享值的乘法计算协议,结合小批量梯度下降算法,最终实现了在两个非共谋的云服务器上的安全线性回归算法。实验结果表明,该方案同时保护了线性回归算法训练及预测阶段中的数据及模型参数,且模型预测性能与在明文域中进行训练的模型相近。     

位置隐私的群智感知报价方案

在群智感知中，隐私保护的申请者选择是关系到任务有效分配的重要一环。本文针对隐私保护的任务申请者选择问题，首先分析了一种潜在的攻击模型，然后针对该模型以及一些潜在攻击手段，提出了一种支持位置隐私保护的群智感知报价方案。该方案利用安全多方排序，在群智感知各方不泄漏彼此报价的同时选定最优报价申请者。为进一步说明所提出方案的安全性，通过安全性分析在理论上证明该方案的有效性和安全性。同时，通过实验验证与同类隐私保护算法进行比较，从算法的隐私性和执行效率两个主要方面加以对比和成因分析，进一步明确所提算法的优越性。     

智能计算几种经典算法解析

随着计算机技术的飞速发展,智能计算方法的应用领域也越来越广泛。本文介绍了当前存在的一些智能计算方法,阐述了其工作原理和特点,同时对智能计算方法的发展进行了展望。     

Embedding differential privacy in decision tree algorithm with different depths

Differential privacy (DP) has become one of the most important solutions for privacy protection in recent years. Previous studies have shown that prediction accuracy usually increases as more data mining (DM) logic is considered in the DP implementation. However, although one-step DM computation for decision tree (DT) model has been investigated, existing research has not studied the scenarios when the DP is embedded in two-step DM computation, three-step DM computation until the whole model DM computation. It is very challenging to embed DP in more than two steps of DM computation since the solution space exponentially increases with the increase of computational complexity. In this work, we propose algorithms by making use of Markov Chain Monte Carlo (MCMC) method, which can efficiently search a computationally infeasible space to embed DP into DT generation algorithm. We compare the performance when embedding DP in DT with different depths, i.e., one-step DM computation (previous work), two-step, three-step and the whole model. We find that the deep combination of DP and DT does help to increase the prediction accuracy. However, when the privacy budget is very large (e.g., ? = 10), this may overwhelm the complexity of DT model, and the increasing trend is not obvious. We also find that the prediction accuracy decreases with the increase of model complexity.     

智能计算几种经典算法解析

随着计算机技术的飞速发展,智能计算方法的应用领域也越来越广泛。本文介绍了当前存在的一些智能计算方法,阐述了其工作原理和特点,同时对智能计算方法的发展进行了展望。     

隐私保护整数点和区间关系判定问题

隐私保护地判断整数点和整数区间的属于关系是一类重要的安全多方计算问题,但该问题的现有解决方案存在效率不高、隐私泄露、甚至可能判断错误等缺陷,针对此类不足,构建解决该判定问题的一个安全双方计算协议。首先,分析已有的解决方案并指出不足之处;其次,定义了整数点和整数区间的一种新的0-1编码规则,在此基础上证明了整数点属于整数区间的一个充分必要条件;最后,以此充分必要条件为判定准则,基于Goldwasser-Micali加密体制构建了判断整数点是否属于整数区间的一个安全双方计算协议,并证明了协议的正确性和半诚实模型下的安全性。分析表明,与已有的解决方案相比,所提协议具有更好的隐私保护特性且不会输出错误结果,且在轮复杂度不变的情况下,其计算复杂度和通信复杂度降低了约一半。     

VCFL: A verifiable and collusion attack resistant privacy preserving framework for cross-silo federated learning

To prevent privacy information leakage through model parameters in federated learning, many works use homomorphic encryption to protect clients’ updates. However, most of them result in significant computation and communication overhead. Even worse, few of them have considered the correctness of the aggregated results and collusion attack between internal curious clients and the server. In this paper, we propose VCFL, an efficient verifiable and collusion attack resistant privacy preserving framework for cross-silo federated learning. Firstly, we design a homomorphic signcryption mechanism to sign and encrypt model parameters in one go. Secondly, we employ the blinding technique to resist collusion attack between clients and the server. Moreover, we leverage the batching approach to further reduce its computation and communication overhead. Finally, we simulate VCFL in FedML on real world datasets and models. Extensive experimental results show that VCFL can guarantee model performance while protecting privacy, and it is more efficient in both computation and communication than similar frameworks.     

多云存储中保护隐私的数据完整性验证方案

随着云存储的应用,越来越多的用户选择将数据分散地存储在多个云服务器上,但是这种远程存储方式给用户数据的完整性带来了挑战。同时,代替用户校验数据完整性的第三方审计（TPA）近来也被指出存在泄露用户数据隐私的风险。针对现有的远程数据安全性、隐私性及高效验证的问题,提出一种多用户多服务器环境下支持隐私保护的批处理数据完整性验证方案。方案在一般群模型和随机谕言机模型下是可证明安全的。性能分析和实验表明,与其他在多用户多服务器环境下拓展并保护隐私的方案相比,该方案具有较低的通信复杂度和计算复杂度。     

A conditional purpose-based access control model with dynamic roles

This paper presents a model for privacy preserving access control which is based on variety of purposes. Conditional purpose is applied along with allowed purpose and prohibited purpose in the model. It allows users using some data for certain purpose with conditions. The structure of conditional purpose-based access control model is defined and investigated through dynamic roles. Access purpose is verified in a dynamic behavior, based on subject attributes, context attributes and authorization policies. Intended purposes are dynamically associated with the requested data object during the access decision. An algorithm is developed to achieve the compliance computation between access purposes and intended purposes and is illustrated with Role-based access control (RBAC) in a dynamic manner to support conditional purpose-based access control. According to this model, more information from data providers can be extracted while at the same time assuring privacy that maximizes the usability of consumers’ data. It extends traditional access control models to a further coverage of privacy preserving in data mining atmosphere. The structure helps enterprises to circulate clear privacy promise, to collect and manage user preferences and consent.     

Peer-to-peer secure multi-party numerical computation facing malicious adversaries

We propose an efficient framework for enabling secure multi-party numerical computations in a Peer-to-Peer network. This problem arises in a range of applications such as collaborative filtering, distributed computation of trust and reputation, monitoring and other tasks, where the computing nodes are expected to preserve the privacy of their inputs while performing a joint computation of a certain function. Although there is a rich literature in the field of distributed systems security concerning secure multi-party computation, in practice it is hard to deploy those methods in very large scale Peer-to-Peer networks. In this work, we try to bridge the gap between theoretical algorithms in the security domain, and a practical Peer-to-Peer deployment. We consider two security models. The first is the semi-honest model where peers correctly follow the protocol, but try to reveal private information. We provide three possible schemes for secure multi-party numerical computation for this model and identify a single light-weight scheme which outperforms the others. Using extensive simulation results over real Internet topologies, we demonstrate that our scheme is scalable to very large networks, with up to millions of nodes. The second model we consider is the malicious peers model, where peers can behave arbitrarily, deliberately trying to affect the results of the computation as well as compromising the privacy of other peers. For this model we provide a fourth scheme to defend the execution of the computation against the malicious peers. The proposed scheme has a higher complexity relative to the semi-honest model. Overall, we provide the Peer-to-Peer network designer a set of tools to choose from, based on the desired level of security.     

多次推理中的BP算法优化

使用BP算法求解效用最大化问题时,容易产生大量冗余计算。为此,对标准BP算法进行优化,在推理过程中,对一些受限定条件影响较小的结点,直接利用前次推理结果,无需重新计算其边缘概率,并证明这种优化不会显著影响推理结果。将该算法应用于组合竞拍模型进行测试。仿真结果表明,相对于标准BP算法,该优化算法能提升求解效用最大化问题时的收敛效率。     

辅助量子比特驱动型通用盲量子计算

应用量子隐形传态将Broadbent等人提出的通用盲量子计算(universal blind quantum computation)模型和辅助量子比特驱动型量子计算(ancilla-driven universal quantum computation)模型进行结合, 构造一个新的混合模型来进行计算。此外, 用计算寄存器对量子纠缠的操作来代替量子比特测量操作。因为后者仅限于两个量子比特, 所以代替后的计算优势十分明显。基于上述改进, 设计了实现辅助驱动型通用盲量子计算的协议。协议的实现, 能够使Anders等人的辅助驱动型量子计算增强计算能力, 并保证量子计算的正确性, 从而使得参与计算的任何一方都不能获得另一方的保密信息。