Anatomization through generalization (AG): A hybrid privacy-preserving approach to prevent membership, identity and semantic similarity disclosure attacks

摘要

Individuals' data is creating a new trend of opportunity for different organizations. This data is termed as a tradable asset for business. Most of the companies collect and store data of individuals to be used for direct activities such as providing better services to their customers, or to be released for non-direct activities such as analysis, doing research, marketing and public health. This collected data may include sensitive information like criminal records, financial records and medical records, which may result in privacy threats if compromised. A number of approaches are used to ensure Privacy-Preserving Data Publishing (PPDP). But most of the existing methods don't prevent all main privacy disclosure attacks or cause substantial loss of information. In order to prevent membership, identity and semantic similarity attacks while maintaining usefulness of data, a hybrid approach is proposed in this paper. This approach combines the bucketization method of anatomization approach and generalization as well as suppression methods of anonymization approach to achieve the two major privacy requirements: (l, e) diversity and k-anonymity. Our experiment shows that from the view of data privacy, the proposed technique increases the diversity degree of sensitive values by 29% and 37% on average over (l, e) diversity and klredInfo techniques respectively. On the other hand from the view of information loss, the proposed technique reduces the Discernibility Penalty (DP)D by 30% on average over (l, e) diversity technique and increases it by 28% on average over klredIinfo technique. In addition, the proposed technique increased the Normalized Certainty Penalty (NCP) by 12% on average over klredInf technique. Hence the proposed technique preserves data privacy more effectively as compared to klredInfo and (l, e) diversity techniques while maintaining the utility of data.