CN110866263B - User privacy information protection method and system capable of resisting longitudinal attack - Google Patents

User privacy information protection method and system capable of resisting longitudinal attack Download PDF

Info

Publication number
CN110866263B
CN110866263B CN201911113169.7A CN201911113169A CN110866263B CN 110866263 B CN110866263 B CN 110866263B CN 201911113169 A CN201911113169 A CN 201911113169A CN 110866263 B CN110866263 B CN 110866263B
Authority
CN
China
Prior art keywords
data
information
privacy
user
bit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911113169.7A
Other languages
Chinese (zh)
Other versions
CN110866263A (en
Inventor
李敏
彭佳
张佳程
高能
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN201911113169.7A priority Critical patent/CN110866263B/en
Publication of CN110866263A publication Critical patent/CN110866263A/en
Application granted granted Critical
Publication of CN110866263B publication Critical patent/CN110866263B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention provides a user privacy information protection method and a user privacy information protection system capable of resisting longitudinal attack, which are suitable for a network system consisting of an information collection end and a plurality of information providing ends. According to the invention, when the integral data frequency information is counted, a collector can not directly obtain the privacy information of a user through a data report sent by a single information provider, and can not obtain the privacy of the user through repeatedly collecting the data report of a certain user by adopting a longitudinal attack method; after all data reports are aggregated, user privacy information is counted through methods such as denoising and regression analysis, so that both privacy protection and data usability are considered, the privacy protection degree is improved, and the data usability is increased.

Description

User privacy information protection method and system capable of resisting longitudinal attack
Technical Field
The invention relates to the field of privacy protection, in particular to a user privacy information protection method and system capable of resisting longitudinal attacks.
Background
The local differential privacy protection technology is based on a data collection framework proposed by a centralized differential privacy protection technology, and is different from the assumption of centralized differential privacy on a trusted data collector, which is aimed at an untrusted data collector. The local differential privacy protection technology fully considers the possibility that a data collector steals or reveals the privacy of a user in the data collection process. In the local differential privacy, each user firstly carries out privacy processing on data, then the processed data are sent to a data collector, and the data collector carries out statistics on the collected data to obtain an effective analysis result. The local differential privacy protects individual privacy information from being revealed while performing statistical analysis on data.
The local differential privacy technology is widely applied due to the consideration of data availability and privacy protection, but the local differential privacy technology still has room for improvement in method and effect. Although the local differential privacy technology represented by the RAPPOR algorithm better solves the horizontal comparison attack between the background knowledge attack and different users, the problem of vertical attack brought by long-term tracking or collection is not fully solved.
With the rise and development of big data and artificial intelligence, the demands of various internet applications and services on user private data are continuously increasing. While the collection of private data tends to cause user aversion and worry, the collection of such data is essential. The relevant data such as privacy and the like can help Internet application and service providers to know users, a recommendation system and an analysis model are built, better use experience is brought to the users, rich benefits are brought to enterprises, and the information safety of the users is greatly benefited.
But it is worried that various forms of private data leakage and abuse events are frequent, with rising trends year by year. Especially, the situation of the data collector who guards against the self-theft is more serious, and the hypothesis of the credible data collector that various centralized privacy data protection and release technologies depend on is no longer true. Meanwhile, after various serious privacy disclosure accidents, various high-tech companies change attitude, do not capture interests in user privacy data, and pay attention to and emphasize the protection on user privacy. In addition, at the level of laws and regulations, in the last two years, the european union and china have introduced General Data Protection Regulations (GDPR) and data security management methods, respectively, which have never existed before, and the importance of protecting personal information has been increased to a new level. In order to cope with the change of laws and regulations, internet applications and service providers need to take corresponding measures to meet the requirements of compliance.
The invention focuses on the field of personal privacy information collection, takes the privacy data of a personal user as an object, takes a privacy data desensitization technology as a research focus, and provides a method for collecting the personal privacy information capable of resisting longitudinal attacks based on a local differential privacy framework from the perspective of a non-dependent trusted data collector.
Disclosure of Invention
In view of the above, the invention discloses a user privacy information protection method and system capable of resisting longitudinal attack, which are used for processing user privacy data by adopting local differential privacy and data exchange recombination, giving consideration to privacy protection and data availability, and fully solving the privacy disclosure risk caused by longitudinal tracking attack. The method can effectively prevent longitudinal tracking attack, does not depend on the hypothesis of a trusted data collector, and simultaneously ensures that the data has better statistical availability.
In order to achieve the purpose, the invention adopts the following technical scheme:
a user privacy information protection method capable of resisting longitudinal attack is suitable for a network system consisting of an information collection end and a plurality of information providing ends, and comprises the following steps:
the information collection end sends information collection requests to all information providing ends, a first information providing end maps information provided by the information providing end into bit strings and randomly perturbs the bit strings to obtain first noise information which is randomly sent to other information providing ends, and the first noise information and second noise information of a second information providing end randomly received by the first information providing end are sent to the information collection end after being segmented and recombined;
and the information collection end receives the segmented recombined information, and the information provided by the information providing end is obtained after denoising.
Further, the information collecting end provides the public key of the second information providing end for each information providing end, the public key is used for encrypting the noise-added information, and the first information providing end decrypts the received encrypted noise-added information by using a private key.
Further, the information is mapped into a bit string by a bloom filter.
Further, the random disturbance is to turn over the bit string according to a set probability; the random disturbance is two times, including permanent random disturbance and temporary random disturbance.
Further, the permanent random disturbance means that the bit string is turned bit by bit according to a first probability to obtain a permanent turning bit string.
Further, the temporary random disturbance refers to that the permanent upset bit string is turned over bit by bit according to a second probability to obtain a temporary upset bit string.
Further, the process of segment reassembly comprises:
1) uniformly dividing the first noise adding information and the second noise adding information into n sections according to the length of each temporary turning bit string;
2) and randomly recombining each segment data of the first noise information and the second noise information, and keeping the relative position of each segment data unchanged to obtain the segment recombination information.
Further, the information collection end counts the number of times of 1 occurrence of each bit in each piece of segmental reorganization information, and the true number of times is estimated according to the first probability and the second probability to finish denoising.
A storage medium having a computer program stored therein, wherein the computer program is arranged to perform the above-mentioned method when executed.
An electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer to perform the method as described above.
Compared with the prior art, the invention has the following advantages:
the invention mainly protects the information related to the user privacy sent by the client to the information collector, and can fully solve the problem of longitudinal attack. After the private information character string is mapped through a bloom filter, 0/1 bit strings with a certain length are obtained, on the basis, disturbance is carried out through a random response mechanism, and noise is added. The random response disturbance comprises permanent disturbance and temporary disturbance, and the privacy protection degree can be improved by adding the disturbance twice. After the data added with the noise is encrypted, the data is randomly exchanged with the noise-added data generated by other users by the same method, the exchanged bit string data is segmented and recombined, the recombined data is sent to a data collector, a data report does not contain complete personal information any more, an identifier of privacy information is confused, an adversary cannot carry out longitudinal tracking attack, and the privacy protection degree is further improved. Meanwhile, the privacy protection level is improved while the data availability is not influenced in the data exchange process, and after random exchange is adopted, noise added by a random response mechanism can be correspondingly reduced, so that the data availability is further improved. After summarizing the noise-added recombined data sent by the user, the data collector can perform noise removal processing and regression analysis, and restore the statistical characteristics such as frequency of the whole user data, so that the collector aiming at counting the frequency information of the whole data can not directly obtain the privacy information of the user through a data report sent by a single information provider, and can not obtain the privacy of the user through repeatedly collecting the data report of a certain user by adopting a longitudinal attack method; after all data reports are aggregated, frequency information is counted by methods such as denoising and regression analysis, so that both privacy protection and data availability are considered, the privacy protection degree is improved, and the data availability is increased.
Drawings
FIG. 1 is a general process flow overview diagram of an embodiment of the present invention;
FIG. 2 is a diagram illustrating a random response mechanism according to an embodiment of the present invention;
FIG. 3 is a diagram of a segment order random reassembly method according to an embodiment of the present invention;
fig. 4 is a schematic diagram of frequency analysis according to an embodiment of the present invention.
Detailed Description
In order to make the objects, aspects and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings by way of examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention discloses a user privacy information protection method and system capable of resisting longitudinal attack, wherein a client firstly maps a certain privacy data subjected to frequency statistics analysis through a bloom filter to obtain a specific 0/1 bit string of the data, and then the data is subjected to the mappingPerforming random disturbance on the bit string twice according to a certain probability through a random response mechanism to obtain noisy data meeting the definition of local differential privacy; using a randomly selected user U for the noisy dataiPublic key PKiEncrypting and sending the encrypted data to UiRepeating the process until all the private data to be counted are sent; using the private key SK for reporting data obtained from other usersiAfter decryption, a group of 0/1 bit strings is obtained, each bit string is divided into a front section and a rear section, the group of bit strings is randomly recombined under the condition that the front and rear relative sequences are not changed, and then the group of bit strings is sent to a server; at the server side, a data collector collects the recombined data report of the user, counts the number of times of 1 occurrence on each bit and carries out denoising correction, and then frequency statistics corresponding to different items of privacy data is completed through regression analysis according to the mapping matrix.
The bloom filter mapping method can map the private data of which the data collector needs to perform frequency statistics through the bloom filter, so that any type of private data can be converted into 0/1 bit strings corresponding to the original data one by one. The bloom filter consists of a long 0/1 bit string and a series of random mapping functions, wherein h hash functions map a certain item of private data into h points in the bit string, the h points are set to be 1, and the rest points are kept to be 0. The length k of the bit string and the number h of hash functions can be set according to specific use scenes and application scales.
The random response method of the present invention is described as follows: firstly, bit string B generated by the bloom filter is inverted bit by bit according to the following probability to obtain B', namely the original value is kept unchanged by the probability of 1-0.5f, and the original value is inverted by the probability of 0.5 f. Where 0< f <1, f can be set to determine the noise level according to the specific use case. It can be shown that the bit string obtained by flipping according to the following probability strictly satisfies the local differential privacy definition.
Figure BDA0002273333650000041
B' is a permanent random disturbance, each user generates only once for each private data value, and then the transmitted data is generated by a second random response based on the generated private data values. And randomly inverting B' again according to the following probability to obtain a temporary random response, namely keeping 1 by using the probability q, and inverting 0 to 1 by using the probability p, wherein q + p is not necessarily equal to 1. The temporary random response will then be exchanged with the data report of the other user after encryption as data report S. The data report S needs to be regenerated every time it is sent. It can be shown that the bit string obtained by flipping according to the following probability strictly satisfies the local differential privacy definition.
Figure BDA0002273333650000042
Further illustrating two random perturbation flips. The random disturbance adopted by the method is permanent random disturbance for the first time, and the method aims to fix the result of random response to the mapping result of a certain bloom filter and avoid the leakage of a true value caused by tracking and counting the changed random response result. The second time is temporary random disturbance, and the main purpose is to avoid permanent random response caused by tracking statistics to become feature identification, so that privacy disclosure risk is increased. Through the second temporary random disturbance, the noise is increased, the privacy protection level is improved, and the difficulty of longitudinal tracking attack of an enemy is increased. The local differential privacy protection level after the second disturbance belongs to the calculation formula as follows:
Figure BDA0002273333650000051
Figure BDA0002273333650000052
Figure BDA0002273333650000053
the method for exchanging and recombining the encrypted data ensures that the client can fully solve the problem of longitudinal tracking of the adversary through the turnover probability determined by the server. The data report S obtained by two times of random disturbance passes through the public key PK of the randomly selected target useriThe encryption is carried out and then the data report S is sent to the target user, so that the situation that an attacker can collect the data report of a certain user according to the data report S directly sent to the target user or a server can be avoided, and the privacy disclosure risk caused by long-time longitudinal tracking attack is increased. After receiving the encrypted data report sent by other users, a certain user uses the private key SK of the useriDecrypting to obtain the original data report
Figure BDA0002273333650000054
And then segmenting it. According to
Figure BDA0002273333650000055
The length of the bit string is divided into 2 sections
Figure BDA0002273333650000056
And
Figure BDA0002273333650000057
is shown as
Figure BDA0002273333650000058
After all data reports are segmented, all data segments are randomly recombined and the relative positions of all data segments are kept unchanged, namely
Figure BDA0002273333650000059
The first segment still in the new data report after the reorganization,
Figure BDA00022733336500000510
and accordingly remains in the second segment. Obtaining new data report after recombination
Figure BDA00022733336500000511
Sending S' to data receiverAnd (4) collecting. S' does not represent any specific user privacy information, the relation between the data report and the personal privacy information is removed, the random selection user sends the data report, the relation between the identifier and the privacy information is removed, and the problem of longitudinal tracking attack can be fully solved.
The server side frequency counting method is realized by the following processes: firstly, a data collector collects N recombined data reports S' sent by a user at a server end, and counts the number C of times of 1 appearing in each bit in a bit string of the N recombined data reports SiAnd estimating the real times according to the two-time turnover probability used for generating the data report S, thereby completing denoising. The true number t of occurrences of a bit of 1iThe estimation is performed according to the following formula:
Figure BDA00022733336500000512
and then, constructing a mapping matrix with the size of k multiplied by M, wherein k is the length of a bit string obtained after the bloom filter is mapped, M is the number of the candidate privacy data values to be counted, and a column vector in the matrix is a bloom filter mapping result corresponding to each candidate privacy data value. Will tiAnd forming a vector Y, calculating a correlation coefficient between Y and X by using a Lasso regression method, and completing frequency statistics of corresponding privacy data values.
In this embodiment, taking the age information of the user related to privacy and the frequently used functions of the user in a certain system as examples, the data collection system respectively takes these two kinds of information as targets of frequency statistics analysis, but is not limited to the above information. For age information, the candidate private data values range from integers within 1-100; for the function information, the candidate privacy data category range is a system function category list, such as functions of taking pictures, playing music, receiving and sending messages and the like. This example collects above two kinds of privacy information to when protecting user's privacy, carry out frequency statistics analysis. The invention is not limited to the above two kinds of information, and any kind of user information can be collected according to the system requirements.
In this embodiment, any one of the pieces of privacy information to be statistically analyzed of each user is uniformly processed, as shown in fig. 1, the system performs bloom filter mapping conversion on the to-be-collected privacy data, then performs random disturbance twice on the conversion result through a random response mechanism, adds noise, then randomly selects a user from a user list, encrypts the noise-added data by using a public key of the user, and sends the encrypted noise-added data to the user. After receiving the encrypted data, the user decrypts the encrypted data by using a private key to obtain original noise-added data, randomly recombines the data in a segmentation sequence, and sends the recombined data to the server. And the server side performs denoising and regression analysis on the summarized data to obtain a frequency distribution result.
The random response mechanism in this embodiment is shown in fig. 2. For each type of private data, the system maps it through a bloom filter into an 0/1 bit string. Hash functions such as MurmurHash, FNVHash, etc. may be used as the random mapping function in the bloom filter. The bit string length k and the hash function number h can be set according to specific application conditions, the bit string length k is irrelevant to the local differential privacy protection level and is only relevant to the collision possibility of the mapping result, and the hash function number h is in a negative correlation with the local differential privacy protection level. In this embodiment, the bit string length k is 128, and the hash function number h is 2. And randomly overturning the mapping result of the bloom filter twice bit by bit according to a set probability. In this embodiment, a probability combination of f ═ 0.5, p ═ 0.5, and q ═ 0.75 is adopted, and the local differential privacy protection level ∈ ═ 1.5499 can be obtained.
The privacy data is randomly turned over through a random response mechanism, and after a data report S is obtained, a user UiSends the encrypted data to a certain target user U selected randomlyj. The target user UjFrom user UiRandomly selecting the data report from the whole locally maintained user list, and randomly selecting each data report again. After the target user is selected, the user UiRequesting target user U from serverjPublic key PKjAnd using the public key to encrypt the data report S, and sending the encrypted report S to the user Uj
Repeating the above process until the user UiAnd finishing sending all data reports. At the same time, user UiAccepting encrypted data reports sent to the user, using the private key SKiDecryption is performed to obtain a set of unencrypted data reports of 128 bits in length. As shown in fig. 3, each share of the set of data reports is uniformly segmented, with the first 64 bits of each share being the first segment and the last 64 bits being the second segment. And then randomly recombining all the data segments, combining the two data segments into a new data report S', and keeping the relative positions of the data segments unchanged, wherein the data report originally belonging to the first segment is still in the first segment of the new data report after recombination, and the data report originally belonging to the second segment is still in the second segment correspondingly. And after recombination, obtaining a new data report S 'which is formed by combining data segments with different privacy data values, and sending the recombined data report S' to a data collector. The asymmetric encryption algorithm used for encryption and decryption is realized by an ECC algorithm.
As shown in FIG. 4, for the collected regrouped data report S', the data collector counts the number of 1 occurrences C on each bit of 128 bitsiTo CiCalculating the de-noised real value t according to the turnover probability and the number N of the data reportsiIn the present example ti=-8(Ci-0.5625N). Will tiThe values of (a) constitute a vector Y, which is 128 in length and the mapping matrix X is constructed to be 128 × 100 in size, taking age information collection as an example in this example. And then completing the frequency statistics corresponding to each age value by a Lasso regression method.
The above embodiments are only intended to illustrate the technical solution of the present invention and not to limit the same, and a person skilled in the art can modify the technical solution of the present invention or substitute the same without departing from the spirit and scope of the present invention, and the scope of the present invention should be determined by the claims.

Claims (5)

1. A user privacy information protection method capable of resisting longitudinal attack is suitable for a network system consisting of an information collection end and a plurality of information providing ends, and comprises the following steps:
the information collecting side sends an information collecting request to each information providing side, so that,
the first information providing terminal maps the information provided by the first information providing terminal into a bit string B; bit-by-bit probability for the bit string B
Figure FDA0003418391370000011
Turning over to obtain permanent random disturbance B', wherein f is a permanent turning parameter; bit-by-bit probability of permanent random disturbance B
Figure FDA0003418391370000012
Obtaining a data report S, wherein q is a first temporary turning parameter, and p is a second temporary turning parameter; randomly sending the data report S to another information providing terminal;
after the second information providing end uniformly divides each received data report S into n sections, randomly recombining each section of data, and keeping the relative position of each section of data unchanged to obtain a data report S';
the information collection end receives each data report S', and the times C of 1 occurrence of each bit in the bit string based on the data report SiObtaining the real times of 1 appearing in a bit of all information
Figure FDA0003418391370000013
And the real times tiForming a vector Y, where N is the number of data reports S';
constructing a mapping matrix X with the size of k multiplied by M, wherein k is the length of a bit string B, M is the number of candidate privacy data values to be counted, and a column vector in the mapping matrix X is a mapping result of each candidate privacy data value;
and calculating a correlation coefficient between the vector Y and the mapping matrix X by using a Lasso regression method, and completing frequency statistics of the corresponding privacy data values.
2. The method of claim 1, wherein the first information provider encrypts the data report S using a public key of the other information provider, and the second information provider decrypts the received data report S using a private key.
3. The method of claim 1, wherein the information is mapped into a string of bits by a bloom filter.
4. A storage medium having a computer program stored thereon, wherein the computer program is arranged to perform the method of any of claims 1 to 3 when executed.
5. An electronic device comprising a memory having stored therein a computer program and a processor arranged to run the computer to perform the method of any of claims 1 to 3.
CN201911113169.7A 2019-11-14 2019-11-14 User privacy information protection method and system capable of resisting longitudinal attack Active CN110866263B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911113169.7A CN110866263B (en) 2019-11-14 2019-11-14 User privacy information protection method and system capable of resisting longitudinal attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911113169.7A CN110866263B (en) 2019-11-14 2019-11-14 User privacy information protection method and system capable of resisting longitudinal attack

Publications (2)

Publication Number Publication Date
CN110866263A CN110866263A (en) 2020-03-06
CN110866263B true CN110866263B (en) 2022-05-24

Family

ID=69654045

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911113169.7A Active CN110866263B (en) 2019-11-14 2019-11-14 User privacy information protection method and system capable of resisting longitudinal attack

Country Status (1)

Country Link
CN (1) CN110866263B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111563272B (en) * 2020-04-30 2021-11-09 支付宝实验室(新加坡)有限公司 Information statistical method and device
CN112580701B (en) * 2020-12-09 2022-07-12 哈尔滨理工大学 Mean value estimation method and device based on classification transformation disturbance mechanism
CN114614974B (en) * 2022-03-28 2023-01-03 云南电网有限责任公司信息中心 Privacy set intersection method, system and device for power grid data cross-industry sharing

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105978855A (en) * 2016-04-18 2016-09-28 南开大学 System and method for protecting personal information security in real-name system
CN107302521A (en) * 2017-05-23 2017-10-27 全球能源互联网研究院 The sending method and method of reseptance of a kind of privacy of user data
CN109787999A (en) * 2019-03-01 2019-05-21 南京邮电大学 The safety communicating method and system of group user under anonymous social network environment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8145682B2 (en) * 2010-02-25 2012-03-27 Microsoft Corporation Differentially private data release
US9916472B2 (en) * 2015-07-22 2018-03-13 International Business Machines Corporation Obfuscation and protection of data rights

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105978855A (en) * 2016-04-18 2016-09-28 南开大学 System and method for protecting personal information security in real-name system
CN107302521A (en) * 2017-05-23 2017-10-27 全球能源互联网研究院 The sending method and method of reseptance of a kind of privacy of user data
CN109787999A (en) * 2019-03-01 2019-05-21 南京邮电大学 The safety communicating method and system of group user under anonymous social network environment

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
PrivSet: Set-Valued Data Analyses with Locale Differential Privacy;Shaowei Wang etc.;《IEEE》;20181011;全文 *
无线传感器网络隐私保护数据聚集技术;张晓莹;《通信学报》;20181001;第39卷(第10期);第135页第3.3节 *
本地化差分隐私研究综述;叶青青;《CNKI》;20171017;第1989-1991页第4.1.1节 *

Also Published As

Publication number Publication date
CN110866263A (en) 2020-03-06

Similar Documents

Publication Publication Date Title
Panah et al. On the properties of non-media digital watermarking: a review of state of the art techniques
Mehmood et al. Protection of big data privacy
CN110866263B (en) User privacy information protection method and system capable of resisting longitudinal attack
CN105871543B (en) Multiple key cipher text retrieval method under more data owner&#39;s backgrounds based on attribute
CN113347156B (en) Intelligent flow confusion method and system for website fingerprint defense and computer storage medium
KR20150115772A (en) Privacy against interference attack against mismatched prior
Sun et al. A blockchain-based audit approach for encrypted data in federated learning
CN104967693A (en) Document similarity calculation method facing cloud storage based on fully homomorphic password technology
CN115242371A (en) Method, device and system for calculating set intersection and cardinality of differential privacy protection
CN115664629A (en) Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform
JP2022177209A (en) Preventing data manipulation by using multiple aggregation servers
CN112380404B (en) Data filtering method, device and system
CN112787809B (en) Efficient crowd sensing data stream privacy protection truth value discovery method
Bonchi et al. Privacy in spatiotemporal data mining
Lv et al. A review of big data security and privacy protection technology
CN115828194A (en) Data privacy protection method and detection method of privacy enhanced semi-blind digital fingerprint
JP2023002596A (en) Concentration of enciphered network value
CN113554182B (en) Detection method and system for Bayesian court node in transverse federal learning system
CN110912895B (en) Network data flow tracing method based on perceptual hash
Hu et al. MASKCRYPT: Federated Learning with Selective Homomorphic Encryption
CN115442103B (en) Method, system, equipment and storage medium for resisting poisoning attack in group learning
Hu et al. Secure architecture and protocols for robust perceptual hashing
CN117932577B (en) Internet data processing method and system
Sabarinath et al. Image encryption using modified particle swarm optimization
Melis Building and evaluating privacy-preserving data processing systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant