Today, the growing concern of privacy issues poses a challenge to the study of sensitive data. In this thesis, we address the learning of private data in two practical scenarios.;1) It is very commonly seen that the same type of data are distributed among multiple parties, and each party has a local portion of the data. For these parties, the learning based only on their own portions of data may lead to small sample problem and generate unsatisfying results. On the other hand, privacy concerns prevent them from exchanging their data and subsequently learning global results from the union of data. In this scenario, we solve the problem with the homomorphic encryption model. Homomorphic encryption enables calculations in the cipher space, which means that some particular operations of data can be conducted even when the data are encrypted. With this technique, we design the privacy preserving solutions for four popular data analysis methods on distributed data, including the Marginal Fisher Analysis (MFA) for dimensionality reduction and classification, the Kruskal-Wallis (KW) statistical test for comparing the distributions of samples, the Markov model for sequence classification and the calculation of Fisher criterion score for informative gene selection. Our solutions allow different parties to perform the algorithms on the union of their data without revealing each party's private information.;2) The other scenario is that, the data holder wants to release some knowledge learned from the sensitive dataset without violating the privacy of individuals participated in the dataset. Although there is no need of direct data exchange in this scenario, publishing the knowledge learned from the data still exposes the participants' private information. Here we adopt the rigorous differential privacy model to protect the individuals' privacy. Specifically, if an algorithm is differentially private, the presence or absence of a data instance in the training dataset would not make much change to the output of the algorithm. In this way, from the released output of the algorithm people cannot gain much information about the individuals participated in the training dataset, and thus the individual privacy is protected. In this scenario, we develop differentially private One Class SVM (1-SVM) models for anomaly detection with theoretical proofs of the privacy and utility. The learned differentially private 1-SVM models can be released for others to perform anomaly detection without violating the privacy of individuals who participated in the training dataset.
展开▼
机译:如今,对隐私问题的日益关注对敏感数据的研究提出了挑战。在本文中,我们讨论了在两种实际情况下学习私有数据的方法:; 1)非常常见的是,同一类型的数据分布在多方之间,并且每一方都有数据的局部部分。对于这些参与方而言,仅基于他们自己的数据部分进行的学习可能会导致小样本问题并产生令人不满意的结果。另一方面,隐私问题阻止了他们交换数据并随后从数据联合中学习全局结果。在这种情况下,我们用同态加密模型解决了这个问题。同态加密可以在密码空间中进行计算,这意味着即使对数据进行了加密,也可以执行某些特定的数据操作。利用这种技术,我们为分布式数据的四种流行数据分析方法设计了隐私保护解决方案,包括用于降维和分类的边际费希尔分析(MFA),用于比较样本分布的Kruskal-Wallis(KW)统计检验,用于序列分类的马尔可夫模型和用于信息性基因选择的Fisher准则得分的计算。我们的解决方案允许不同的各方在不泄露每一方的私人信息的情况下对数据的联合执行算法;; 2)另一种情况是,数据持有人希望在不侵犯个人隐私的情况下释放从敏感数据集中学习到的一些知识参加了数据集。尽管在这种情况下不需要直接交换数据,但是发布从数据中学到的知识仍然会暴露参与者的私人信息。在这里,我们采用严格的差异隐私模型来保护个人隐私。具体来说,如果算法是差分私有的,则训练数据集中是否存在数据实例不会对算法的输出产生太大的影响。这样,从算法的释放输出中,人们无法获得有关参加训练数据集的个体的很多信息,因此,个体隐私得到了保护。在这种情况下,我们开发了用于异常检测的差分私有One Class SVM(1-SVM)模型,并提供了有关隐私和实用程序的理论证明。可以将学习到的差分私有1-SVM模型发布给其他人,以执行异常检测,而不会侵犯参加训练数据集的个人的隐私。
展开▼
