Local and global recoding methods for anonymizing set-valued data

Handle URI:
http://hdl.handle.net/10754/561606
Title:
Local and global recoding methods for anonymizing set-valued data
Authors:
Terrovitis, Manolis; Mamoulis, Nikos; Kalnis, Panos ( 0000-0002-5060-1360 )
Abstract:
In this paper, we study the problem of protecting privacy in the publication of set-valued data. Consider a collection of supermarket transactions that contains detailed information about items bought together by individuals. Even after removing all personal characteristics of the buyer, which can serve as links to his identity, the publication of such data is still subject to privacy attacks from adversaries who have partial knowledge about the set. Unlike most previous works, we do not distinguish data as sensitive and non-sensitive, but we consider them both as potential quasi-identifiers and potential sensitive data, depending on the knowledge of the adversary. We define a new version of the k-anonymity guarantee, the k m-anonymity, to limit the effects of the data dimensionality, and we propose efficient algorithms to transform the database. Our anonymization model relies on generalization instead of suppression, which is the most common practice in related works on such data. We develop an algorithm that finds the optimal solution, however, at a high cost that makes it inapplicable for large, realistic problems. Then, we propose a greedy heuristic, which performs generalizations in an Apriori, level-wise fashion. The heuristic scales much better and in most of the cases finds a solution close to the optimal. Finally, we investigate the application of techniques that partition the database and perform anonymization locally, aiming at the reduction of the memory consumption and further scalability. A thorough experimental evaluation with real datasets shows that a vertical partitioning approach achieves excellent results in practice. © 2010 Springer-Verlag.
KAUST Department:
Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division; Computer Science Program
Publisher:
Springer Verlag
Journal:
VLDB Journal
Issue Date:
10-Jun-2010
DOI:
10.1007/s00778-010-0192-8
Type:
Article
ISSN:
10668888
Sponsors:
We would like to thank the authors of [12] for sharing with us the implementation of the Partition algorithm. This work was supported by grant HKU 715108E from Hong Kong RGC.
Appears in Collections:
Articles; Computer Science Program; Computer, Electrical and Mathematical Sciences and Engineering (CEMSE) Division

Full metadata record

DC FieldValue Language
dc.contributor.authorTerrovitis, Manolisen
dc.contributor.authorMamoulis, Nikosen
dc.contributor.authorKalnis, Panosen
dc.date.accessioned2015-08-02T09:15:13Zen
dc.date.available2015-08-02T09:15:13Zen
dc.date.issued2010-06-10en
dc.identifier.issn10668888en
dc.identifier.doi10.1007/s00778-010-0192-8en
dc.identifier.urihttp://hdl.handle.net/10754/561606en
dc.description.abstractIn this paper, we study the problem of protecting privacy in the publication of set-valued data. Consider a collection of supermarket transactions that contains detailed information about items bought together by individuals. Even after removing all personal characteristics of the buyer, which can serve as links to his identity, the publication of such data is still subject to privacy attacks from adversaries who have partial knowledge about the set. Unlike most previous works, we do not distinguish data as sensitive and non-sensitive, but we consider them both as potential quasi-identifiers and potential sensitive data, depending on the knowledge of the adversary. We define a new version of the k-anonymity guarantee, the k m-anonymity, to limit the effects of the data dimensionality, and we propose efficient algorithms to transform the database. Our anonymization model relies on generalization instead of suppression, which is the most common practice in related works on such data. We develop an algorithm that finds the optimal solution, however, at a high cost that makes it inapplicable for large, realistic problems. Then, we propose a greedy heuristic, which performs generalizations in an Apriori, level-wise fashion. The heuristic scales much better and in most of the cases finds a solution close to the optimal. Finally, we investigate the application of techniques that partition the database and perform anonymization locally, aiming at the reduction of the memory consumption and further scalability. A thorough experimental evaluation with real datasets shows that a vertical partitioning approach achieves excellent results in practice. © 2010 Springer-Verlag.en
dc.description.sponsorshipWe would like to thank the authors of [12] for sharing with us the implementation of the Partition algorithm. This work was supported by grant HKU 715108E from Hong Kong RGC.en
dc.publisherSpringer Verlagen
dc.subjectAnonymityen
dc.subjectDatabase privacyen
dc.subjectSet-valued dataen
dc.titleLocal and global recoding methods for anonymizing set-valued dataen
dc.typeArticleen
dc.contributor.departmentComputer, Electrical and Mathematical Sciences and Engineering (CEMSE) Divisionen
dc.contributor.departmentComputer Science Programen
dc.identifier.journalVLDB Journalen
dc.contributor.institutionInstitute for the Management of Information Systems (IMIS), Research Center Athena, Athena, Greeceen
dc.contributor.institutionDepartment of Computer Science, University of Hong Kong, Hong Kong, Chinaen
kaust.authorKalnis, Panosen
All Items in KAUST are protected by copyright, with all rights reserved, unless otherwise indicated.