1 / 67

Published in: IEEE Transactions on Industrial Informatics Henrique Potter

Location Privacy Protection based on Differential Privacy Strategy for Big Data in Industrial Internet-of-Things. Published in: IEEE Transactions on Industrial Informatics Henrique Potter. Overview. Privacy risks in IoT Privacy protection techniques k-anonymity Differential Privacy

margaritol
Download Presentation

Published in: IEEE Transactions on Industrial Informatics Henrique Potter

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Location Privacy Protection based on Differential Privacy Strategy for Big Data in Industrial Internet-of-Things Published in: IEEE Transactions on Industrial Informatics Henrique Potter

  2. Overview • Privacy risks in IoT • Privacy protection techniques • k-anonymity • Differential Privacy • How to protect

  3. Privacy risks in IoT

  4. Privacy risks in IoT • Unauthorized access to private data • Data stored in a remote storage • Personal Devices

  5. Privacy risks in IoT • Unauthorized access to private data • Data stored in a remote storage • Personal Devices • Infer information based on device/user profiling, messaging patterns and public data • Statistical and Machine Learning techniques

  6. Privacy risks in IoT • Privacy leaks • From the Netflix Prize competition • Released 100M ratings of 480K users over 18K movies • Claimed to have anonymized the data

  7. Privacy risks in IoT • Privacy leaks • From the Netflix Prize competition • Released 100M ratings of 480K users over 18K movies • Claimed to have anonymized the data • 96% of users could be uniquely identified when crossing the data against IMDB data (Narayanan & Shmatikov 2006)

  8. Privacy risks in IoT • How to protect privacy • Unauthorized access to private data • Infer information based on device/user profiling, messaging patterns and public data

  9. Differential Privacy • Developed by Cynthia Dwork in 2006 • Formal definition of privacy • Offers a framework to develop privacy solutions • Constrained to aggregate data analysis

  10. Differential Privacy • Developed by Cynthia Dwork in 2006 • Formal definition of privacy • Offers a framework to develop privacy solutions • Constrained to aggregate data analysis • Averages • Profiling techniques • Machine Learning models etc.

  11. Differential Privacy • Developed by Cynthia Dwork in 2006 • Formal definition of privacy • Offers a framework to develop privacy solutions • Constrained to aggregate data analysis • Assumes that the attacker has maximum auxiliary information about the target

  12. Differential Privacy - Scenario Example • Database to compute the avg income of residents

  13. Differential Privacy - Scenario Example • Database to compute the avg income of residents • If you knew that Bob is going to move

  14. Differential Privacy - Scenario Example • Database to compute the avg income of residents • If you knew that Bob is going to move • Execute the algorithm A to compute the average before and after he moves D = database state with Bob record D’ = database state without Bob record

  15. Differential Privacy • Adds a random noise to the answer of A • Make the database D indistinguishable from D’ by a factor of Ꜫ x ’

  16. Differential Privacy • Adds a random noise to the answer of A • Make the database D indistinguishable from D’ by a factor of Ꜫ

  17. Differential Privacy • Adds a random noise to the answer of A • Make the database D indistinguishable from D’ by a factor of Ꜫ

  18. Differential Privacy • Adds a random noise to the answer of A • Make the database D indistinguishable from D’ by a factor of Ꜫ

  19. Differential Privacy • Adds a random noise to the answer of A • Make the database D indistinguishable from D’ by a factor of Ꜫ

  20. Differential Privacy • Adds a random noise to the answer of A • Make the database D indistinguishable from D’ by a factor of Ꜫ

  21. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private y A(D) =

  22. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private y A(D) =

  23. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private y A(D) = A(D’) =

  24. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private Add a random noise n based on an uniform distribution y A(D) = A(D’) =

  25. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private Add a random noise based on an uniform distribution A(D) Range of outputs

  26. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private A(D) A(D’)

  27. Differential Privacy • For D and D’ that differs in at most in element (sample) • The proportion of the probability of the outputs of P(D) and P(D’) • – differentially private A(D) – differentially private A(D’)

  28. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ – differentially

  29. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ – differentially

  30. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ smaller gets? – differentially

  31. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ smaller gets? – differentially

  32. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ smaller gets? – differentially Less reliable the aggregate information becomes

  33. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ bigger gets? – differentially Less reliable the aggregate information becomes

  34. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ bigger gets? – differentially More reliable the aggregate information becomes

  35. Differential Privacy • For all choices of D,D’ and S of an Attacker • He can’t tell the difference from D and D’ bigger gets? – differentially More reliable the aggregate information becomes Less privacy you have

  36. Differential Privacy • How to choose an acceptable ? • Depends on the application

  37. Differential Privacy • How to choose an acceptable ? • Depends on the application • The base line depends on the sensitivity function

  38. Differential Privacy - Sensitivity • Sensitivity captures the maximum variation in the output of P(D) given that the value that makes the most “impact” is different in D’

  39. Differential Privacy - Theorem • If you add a random Laplacian noise with “width” lambda of to a function P(D). “It will enjoy e - differential privacy” Add a random noise P(D)=y+ Lap( )

  40. Differential Privacy - Mechanisms • Laplacian Mechanism • Adding Laplacian noise bigger then the sensitivity

  41. Differential Privacy - Mechanisms • Laplacian Mechanism • Adding Laplacian noise bigger then the sensitivity • Exponential Mechanism • Randomly selects elements to participate in the aggregate analysis

  42. LPT-DP-K Algorithm • Designed for location data • Adds noise to proportional to most frequently visited locations • Can’t add noise to all data since they defining the position of something

  43. Location privacy tree Accessing count Number Location Information

  44. Location privacy tree

  45. Location privacy tree

  46. Weighted Selection • Select K records randomly weighted by their accessing frequency

  47. Weighted Selection • Select K records randomly weighted by their accessing frequency

  48. Weighted Selection • Select K records randomly weighted by their accessing frequency

  49. Noise Enhancement based on Laplace • Adds noise to the K selected records y

  50. Noise Enhancement based on Laplace • Adds noise to the K selected records y n as the random Laplacian noise

More Related