Search results

1. Introduction -- 2. Basics of Cryptography and Machine Learning -- 3. Privacy Models and Privacy Mechanisms -- 4. User's Privacy -- 5. Avoiding Disclosure from Computations -- 6. Avoiding Disclosure from Data Masking Methods -- 7. Other -- 8. Conclusions.

Several methods for providing edge and node-differential privacy for graphs have been devised. However, most of them publish graph statistics, not the edge-set of the randomized graph. We present a method for graph randomization that provides randomized response and allows for publishing differentially private graphs. We show that this method can be applied to sanitize data to train collaborative filtering algorithms for recommender systems. Our results afford plausible deniability to users in relation to their interests, with a controlled probability predefined by the user or the data controller. We show in an experiment with Facebook Likes data and psychodemographic profiles, that the accuracy of the profiling algorithms is preserved even when they are trained with differentially private data. Finally, we define privacy metrics to compare our method for different parameters of e with a k-anonymization method on the MovieLens dataset for movie recommendations. ; CC BY-NC-ND 4.0 This work was partially supported by the Swedish Research Council (Vetenskapsrådet) project DRIAT (VR 2016-03346), the Spanish Government under grants RTI2018-095094-B-C22 "CONSENT", and the UOC postdoctoral fellowship program. ICETE: International Conference on E-Business and Telecommunication Networks

Different types of data privacy techniques have been applied to graphs and social networks. They have been used under different assumptions on intruders' knowledge. i.e., different assumptions on what can lead to disclosure. The analysis of different methods is also led by how data protection techniques influence the analysis of the data. i.e., information loss or data utility. One of the techniques proposed for graph is graph perturbation. Several algorithms have been proposed for this purpose. They proceed adding or removing edges, although some also consider adding and removing nodes. In this paper we propose the study of these graph perturbation techniques from a different perspective. Following the model of standard database perturbation as noise addition, we propose to study graph perturbation as noise graph addition. We think that changing the perspective of graph sanitization in this direction will permit to study the properties of perturbed graphs in a more systematic way. ; CC BY 4.0 Also part of the Security and Cryptology book sub series (LNSC, volume 11737) This work was partially supported by the Swedish Research Council (Vetenskapsrådet) project DRIAT (VR 2016-03346), the Spanish Government under grants RTI2018-095094-B-C22 "CONSENT" and TIN2014-57364-C2-2-R "SMARTGLACIS", and the UOC postdoctoral fellowship program.

In this work we present an algorithm for k-anonymization of datasets that are changing over time. It is intended for preventing identity disclosure in dynamic datasets via microaggregation. It supports adding, deleting and updating records in a database, while keeping k-anonymity on each release. We carry out experiments on database anonymization. We expected that the additional constraints for k-anonymization of dynamic databases would entail a larger information loss, however it stays close to MDAV's information loss for static databases. Finally, we carry out a proof of concept experiment with directed degree sequence anonymization, in which the removal or addition of records, implies the modification of other records. ; CC BY 4.0 Also part of the Security and Cryptology book sub series (LNSC, volume 11025) Julián Salas acknowledges the support of a UOC postdoctoral fellowship. This work is partly funded by the Spanish Government through grant TIN2014-57364-C2-2-R "SMARTGLACIS". Vicenç Torra acknowledges the suport of Vetenskapsrdet project: "Disclosure risk and transparency in big data privacy" (VR 2016-03346, 2017-2020). DRIAT

The amount of public statistical information available is growing and more accurate protection methods are needed in order to achieve data confidentiality. The Post-Randomization Method (PRAM) protection method was introduced in 1997 as a very powerful method for categorical microdata, but it is still not widely used. This method has a Markov matrix as a parameter. The main problem of the application of this method is that it is difficult to find a good Markov matrix that performs changes in the microdata file producing low loss of valuable information and low risk of disclosure of sensitive data. In this paper we present a methodology that helps us to find a matrix to perform better protections. This is achieved by using an evolutionary algorithm with integrated Information Loss and Disclosure Risk measures. Experiments using three different datasets are also presented in order to empirically evaluate the application of this technique. © 2014 Elsevier Inc. All rights reserved. ; This work has been done under the PhD in Computer Science program of the Universitat Autònoma de Barcelona (UAB). It is also partially supported by the Spanish MEC ARES-CONSOLIDER INGENIO 2010 CSD2007-00004, and COPRIVACY TIN2011-27076-C03-03. The research leading to these results has also received funding from the European Union's Seventh Framework Programme (FP7/2007-2013) under Grant Agreement Num. 262608. ; Peer Reviewed

In this article we provide a formal framework for reidentification in general. We define n-confusion as a concept for modeling the anonymity of a database table and we prove that n-confusion is a generalization of k-anonymity. After a short survey on the different available definitions of k-anonymity for graphs we provide a new definition for k-anonymous graph, which we consider to be the correct definition. We provide a description of the k-anonymous graphs, both for the regular and the non-regular case. We also introduce the more flexible concept of (k, l)-anonymous graph. Our definition of (k, l)-anonymous graph is meant to replace a previous definition of (k, l)-anonymous graph, which we here prove to have severe weaknesses. Finally, we provide a set of algorithms for k-anonymization of graphs. © 2012 Springer-Verlag. ; Partial support by the Spanish MEC projects ARES (CONSOLIDER INGENIO 2010 CSD2007-00004), eAEGIS (TSI2007-65406-C03-02), COPRIVACY (TIN2011-27076-C03-03), and RIPUP (TIN2009-11689) is acknowledged. One author is partially supported by the FPU grant (BOEs 17/11/2009 and 11/10/2010) and by the Government of Catalonia under grant 2009 SGR 1135 ; Peer Reviewed

This book constitutes the refereed proceedings of the First International Conference on Modeling Decisions for Artificial Intelligence, MDAI 2004, held in Barcelona, Spain in August 2004. The 26 revised full papers presented together with 4 invited papers were carefully reviewed and selected from 53 submissions. The papers are devoted to topics like models for information fusion, aggregation operators, model selection, fuzzy integrals, fuzzy sets, fuzzy multisets, neural learning, rule-based classification systems, fuzzy association rules, algorithmic learning, diagnosis, text categorization, unsupervised aggregation, the Choquet integral, group decision making, preference relations, vague knowledge processing, etc

Anonymization of graph-based data is a problem, which has been widely studied last years, and several anonymization methods have been developed. Information loss measures have been carried out to evaluate the noise introduced in the anonymized data. Generic information loss measures ignore the intended anonymized data use. When data has to be released to third-parties, and there is no control on what kind of analyses users could do, these measures are the standard ones. In this paper we study different generic information loss measures for graphs comparing such measures to the cluster-specific ones. We want to evaluate whether the generic information loss measures are indicative of the usefulness of the data for subsequent data mining processes. © 2014, Springer-Verlag London. ; This work was partly funded by the Spanish Government through projects TIN2011-27076-C03-02 "CO-PRIVACY", CONSOLIDER INGENIO 2010 CSD2007-0004 "ARES" and TIN2010-15764 "N-KHRONOUS". ; Peer Reviewed