A privacy policy combination optimization method in a multi-party data fusion scene
By employing a heavily anonymized architecture and a Bayesian network fusion algorithm in multi-party data fusion scenarios, the problems of privacy leakage and policy conflict in data fusion are solved, achieving efficient privacy protection and improved data availability.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SHANXI MERCURY TECH CO LTD
- Filing Date
- 2022-05-15
- Publication Date
- 2026-06-05
AI Technical Summary
In multi-party data fusion scenarios, existing privacy protection strategies cannot effectively prevent the leakage of global data privacy after data fusion, resulting in privacy policy conflicts and over-protection issues, which leads to reduced data availability.
A multi-source data fusion architecture based on re-anonymization is adopted. Bayesian generation technology is used to transform the local data of each participant into a Bayesian network. Collaborative filtering algorithm is used to predict the relationship between network nodes. The collaborative filtering Bayesian network fusion algorithm and the multi-strategy combination optimization algorithm (PP-Lego) of multi-source data fusion are combined to eliminate the risk of privacy leakage and optimize the order of privacy protection strategies.
It improves the privacy protection effect after data fusion, avoids over-protection or under-protection, and significantly enhances the usability and privacy of data.
Smart Images

Figure CN115098880B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data privacy protection, specifically to a method for optimizing the combination of privacy strategies in a multi-party data fusion scenario. Background Technology
[0002] Big data brings us endless imagination and expectations, breaking down prevalent industry barriers. When making decisions, people often need to utilize comprehensive data sharing. For example, to build smart city transportation, we need to explore traffic volume data together with road network data. To generate more accurate personalized movie recommendations for users, we should consider users' internet search history and movie review records. Fortunately, with the rapid development of cloud computing, the Internet of Things, and advanced wireless technology (5G), comprehensive analysis of multi-source data is technically feasible.
[0003] However, with the continuous emergence of new technologies such as deep learning and artificial intelligence, the balance between offense and defense has been disrupted, rendering traditional data management and privacy protection methods ineffective. Specifically, existing privacy protection strategies primarily target the privacy requirements of single, one-sided data releases. These strategies treat each data release as an information silo, assuming that this information is independent of previously released information. This leads to the following problems.
[0004] (1) Non-public disclosure of privacy information. Data owners have already implemented privacy protection measures for the data they possess (a "self-protection" model). However, in the era of big data, the data sources that publish relevant data are multi-source, which means that the various local data privacy protection schemes previously implemented by each data source cannot prevent the risk of global data privacy leakage after data fusion. There may be some hidden or even unknown relationships between attributes. Adversaries can use data mining techniques, such as Apriori and SVM, to reveal these hidden relationships, thereby leaking privacy.
[0005] (2) Privacy Policy Conflicts. Data owners can formulate specific privacy policies for the data they own. However, due to a lack of communication, different policies may conflict, resulting in weakened privacy protection, also known as insufficient privacy protection, or even direct leakage of personal privacy. Adversaries can use this as a breakthrough to launch corresponding privacy reasoning attacks.
[0006] (3) Over-protection of privacy. To ensure that the merged data meets the personalized privacy protection needs of all parties, a natural solution is to overlay multiple privacy policies on the merged data. However, this will lead to an excessive stacking of privacy policies on many datasets that already meet privacy protection requirements. It is conceivable that the result will be a significant reduction in data usability.
[0007] To illustrate this issue more vividly, let's use... Figure 1 For example, in Figure 1 In (a~b), Party A uses 5-anonymity, and Party B uses 3-diversity. Figure 1 (c) shows the result of a natural fusion operation of data from Party A and Party B with the same ID attribute. Clearly, even if each local data point does not contain personally identifiable sensitive information, simply merging multiple data sources increases the likelihood of identifying specific user privacy (because records {5,7} do not satisfy anonymity), resulting in inadequate privacy protection. Figure 1 (d-e) illustrates two implementation schemes for data fusion. Scheme 2 (3-diversity first, then 5-anonymity) requires adding 20 noise lines, while Scheme 1 (5-anonymity first, then 3-diversity) requires adding 29 noise lines, resulting in over-protection of privacy. This example demonstrates that the execution order of different privacy protection strategies directly affects the usability of the fused data. Summary of the Invention
[0008] This invention proposes a multi-source data fusion privacy protection method based on privacy policy combination optimization in multi-source data fusion scenarios. It aims to address the problem of privacy information mining and leakage caused by the multi-source fusion, sharing and publishing of big data by constructing a protection mode of multi-privacy policy combination optimization, so as to greatly improve the availability of fused data while protecting privacy.
[0009] To address the aforementioned issues, this invention proposes a privacy-preserving architecture for multi-party data fusion based on heavy anonymization. In the internal anonymization stage, instead of directly fusing the original data (or anonymized data), Bayesian generation techniques are first used to transform the local data of each participant into a Bayesian network. Then, collaborative filtering algorithms are used to predict the relationships between the Bayesian network nodes of each party, achieving network fusion and eliminating the mapping relationship between individual user privacy and the original data. Building upon this, this invention proposes a combined optimization method for multi-party privacy protection strategies (named Privacy Protection Lego, or PP-Lego) as the outer anonymization layer, aiming to eliminate over-protection or under-protection phenomena that may occur in multi-source data fusion, maximizing the utility of the fused data. Specifically, the parties participating in data fusion collaboratively fuse the data into a Bayesian network according to a predetermined privacy protection strategy, and use collaborative filtering to predict the dependencies between Bayesian network nodes, preventing privacy leakage of the fused data. Furthermore, to improve the usability of the fused data, this invention proposes the PP-Lego heuristic algorithm, which maps privacy protection strategies to hypergraphs and designs corresponding heuristic rules. It uses hypergraph resolution techniques to satisfy privacy constraints, and experiments have shown that the algorithm greatly improves data usability.
[0010] To achieve the above objectives, the present invention employs the following technical solutions:
[0011] 1) System model based on multi-source data fusion with heavy anonymization
[0012] System models based on multi-source data fusion with heavy anonymization, such as Figure 2 As shown, three types of entities are involved: data owners, data centers, and authorized users.
[0013] ● Data Owner. Here, each data owner can represent an organization or individual who has a dataset D(X,A). I ,F,A S ), stored on a server or private cloud that he sets up, where X = {x1, x2, ..., x} n} represents a set of tuples; A I ={a1,a2,…,a m} represents a set of information attributes; A S It is a sensitive attribute, containing the user's private information; F represents the set of relationships between X and A, F = {f k :U→V k}, where V k It is a k The range of values (a) k ∈A|A=A I ∪A STo better serve their respective user groups, data owners reached a consensus on data integration and sharing. Each data owner transformed their local data into a Bayesian network before merging the data.
[0014] ● Data Centers. Data centers possess vast storage and computing resources. A data center here could be a "loyal but curious" public cloud—meaning it faithfully provides data fusion services to various data owners, yet it may detect and analyze personal privacy within the data.
[0015] ● Authorized users. Users can enjoy the benefits of big data by customizing the services they need (e.g., data clustering, classification, regression analysis, etc.). However, unknown attackers may also be lurking among users, so it's assumed that users are also "curious," i.e., they are considered a potential privacy mining group. Unlike data centers, users may possess contextual information related to the merged data, enabling them to launch incremental information attacks, such as background knowledge attacks and onion attacks.
[0016] Data fusion is the organic integration of data from different sources with the aim of providing users with high-quality data services. The following is a definition of data fusion.
[0017] Definition 1 (Equivalence Class): Define the data as a quadruple D(X,A,F,V), let... If there are t records Make If true, then {x1,x2,…,x} t} is called an equivalence class of A' on dataset D, and is denoted as [x i ] A' Generally, the set of all equivalence classes formed by A' is denoted as E. A' D / E A' This is called a partition of dataset E with respect to A'. Specifically, let A = IA ∪ SA (IA is the set of information attributes, SA is the set of sensitivity attributes), and... like Then E is called A' Let D be the information equivalence class of dataset D.
[0018] Definition 2 (Data Fusion): Given m datasets D1,…,D to be fused. m (in (The difference operator is symmetric), and the fused dataset D(X,IA,SA,F,V) satisfies: Specifically, if there are two datasets D to be merged... i D j ,like Make and This is called information refinement and fusion; if any record x k ∈X i ∩X j ,satisfy (where SA) i =SA j If the information increments are consistent, it is called coordinated fusion; otherwise, it is called uncoordinated fusion. The research scope of this invention is coordinated information increment refinement fusion.
[0019] 2) Bayesian network fusion based on collaborative filtering
[0020] As can be seen from the heavily anonymized architecture, the data owners of the fused data first transform their local data into Bayesian networks. Fusing these Bayesian networks is a prerequisite for outer anonymization. However, predicting the dependencies between attribute nodes belonging to different Bayesian networks becomes the primary problem in data fusion, directly impacting the usability of the fused data. This invention proposes a Bayesian network fusion algorithm based on collaborative filtering. This algorithm utilizes matrix factorization to predict the dependencies between attributes of different datasets, preventing privacy leaks in the fused data.
[0021] Matrix factorization models are widely used to solve various types of prediction problems in recommender systems, such as movie rating prediction and QoS prediction. Since each attribute has a similar numerical distribution representation for its local and global attribute sets, matrix factorization techniques can be applied to the fusion process of multi-source data. Matrix factorization maps attributes to several joint latent factor spaces, and the dependencies between attributes are defined as the inner product of these spaces. Therefore, a dependency matrix is constructed based on the generated Bayesian network. Here, it is assumed that the Bayesian network involved in the fusion has been privacy-preserving. Then, the dependency matrix is "stitched" together using matrix expansion techniques, and this extended dependency matrix is named as the extended dependency matrix. The relevant definitions are as follows:
[0022] Definition 3 (Dependency Matrix): Given a Bayesian network G(V,E), where V={v1,v2,…,v…} m} corresponds to the set of all attributes A in dataset D, and E is a set of two points in the Bayesian network. <v i ,v j There is a directed edge between them, let:
[0023]
[0024] dij is an element of the matrix. Accordingly, the matrix is called a 'matrix'. It is a dependency matrix based on a Bayesian network G.
[0025] Definition 4 (Extended Dependency Matrix): Given a set of Bayesian networks G = {G1, ..., G...} k}, (k≥2) are fused to form the corresponding dependency matrix DM={DM1,…,DM k}(DM i =(V i E i An extended dependency matrix EDM is constructed using the dependency matrix DM. m×m ,in, Extended Dependency Matrix (EDM) m×m Each element in the code is defined as follows:
[0026]
[0027] Each element entry ij This represents the network node dependencies observed from the raw data, when entry ij When = 1, it represents node a. i and node a j There is a dependency relationship between them, and the conditional probability between them is P(a j |a i ); when entry ij When = 0, it indicates node a i and node a j There is no dependency between them; entry ij =? represents node a i and node a j The relationship between them is unclear.
[0028] To briefly describe the Bayesian network fusion scheme, assume there are two existing Bayesian networks to be fused, each containing m1, ..., m2. n property The dependency matrix can be represented as like Figure 3 As shown in (b), the value "1" for each item in the dependency matrix indicates... Figure 3 In (a) of the equation, there exists a directed edge in the corresponding Bayesian network, and vice versa. A value of "0" indicates that there is no directed edge. Then, based on Definition 2, these are fused into an extended dependency matrix. Figure 3 In (c) of the matrix, the gray terms represent existing dependencies between nodes in the dependency matrix, while the white terms represent unknown dependencies between nodes to be predicted. For example, entry A,B =1, entry D,E =0, while entry D,C=? indicates that it is impossible to determine whether the conditional probability P(C|D) exists. The problem of predicting the relationship between nodes can be modeled as a matrix factorization problem, which uses the existing definite terms in the matrix to approximate the unknown values in the matrix, thereby achieving the purpose of prediction.
[0029] Definition 5 (Matrix Factorization): Given a dependency matrix DM m×m And its rank rank(DM) = d, if there exists a matrix L m×d R d×m This makes L m×d ×R d×m =DM m×m If true, then {L m×d ,R d×m} is called matrix DM m×m Two-factor decomposition. Generally speaking, if (||·||2 represents the L2 distance), let Then {L m×d ,R d×m} is DM m×m ε-estimation of matrix decomposition.
[0030] First, the "?" in the matrix can be predicted through matrix decomposition. Values that were "1" or "0" in the original matrix may change in the fused matrix, indicating that dependencies in local data do not necessarily maintain the same dependency in the overall data, and vice versa. The decomposition process breaks down the original matrix into matrices where each element has a value between [0,1], and the product of the decomposed matrices is defined as follows:
[0031]
[0032] Given Q i,k Matrix and R k,j The matrix, and the fused M matrix, are used to minimize the loss function in order to achieve prediction:
[0033]
[0034] After simplifying it, we get:
[0035]
[0036] The first term is the L2 distance between each observation and the corresponding predicted value in the matrix, the second term is the regularization penalty term used to prevent overfitting, and λ is a parameter used to control the regularization term.
[0037] The objective function is then:
[0038]
[0039] The gradient descent algorithm is an update process from random initialization to iteration until convergence. It can be used to solve for Q and R. Its core steps are:
[0040] (1) For Q respectively i,k ,R k,j Taking the derivative, we get:
[0041]
[0042] (2) Update variables based on the direction of the negative gradient:
[0043]
[0044] This invention designs a Bayesian Network Fusion Algorithm Based on Collaborative Filtering (CF-BNF). This algorithm uses gradient descent to iteratively update the matrix, ultimately predicting the null values of the matrix and achieving convergence. The pseudocode of the algorithm is as follows:
[0045]
[0046]
[0047] 3) Multi-strategy combination optimization algorithm for multi-source data fusion
[0048] This invention designs a multi-strategy combinatorial optimization algorithm (PP-Lego) for multi-source data fusion. By mapping multi-source data fusion with multiple privacy protection strategies to a hypergraph, and designing a series of heuristic rules, the data fusion process is transformed into a hypergraph resolution process. Hyperedge resolution is also the one-by-one realization of privacy constraints, which can ensure data privacy while improving data availability.
[0049] First, the privacy protection strategy is defined as a quintuple F = (G, IA, SA, OP, V), where G represents the transfer of the privacy protection strategy to the Bayesian network derived from the dataset; IA represents the information attribute node; SA represents the privacy node; and OP represents a certain operation step of the privacy protection strategy. A privacy protection strategy consists of several operation steps, i.e., OP = (OP1, OP2, ..., OP). m V represents the range of values after the operation OP. Then, the execution order of different privacy protection strategies is determined from a structural perspective.
[0050] Definition 6 (Operational Hypergraph): Given a tuple HG(HE,OP), where HE represents the set of hyperedges, HG = {HE1, HE2, ..., HE} n}, where OP represents the specific privacy protection operations of each party involved in data fusion, OP = {OP1, OP2, ..., OP} n Such a pair is called an operation hypergraph.
[0051] Based on the above judgment of the execution order of different privacy protection strategies F, this invention uses a hypergraph resolution algorithm to solve the optimization process, and first proposes a heuristic rule for hyperedge resolution:
[0052] Rule 1: If a hypergraph HG contains only one hyperedge HE, it can be directly eliminated, i.e., R(HG) = R(HE);
[0053] Rule 2: If a hypergraph HG consists of n disjoint hyperedges HE1, HE2, ..., HE n The union of the sets, which can be executed in parallel, is R(HG) = R(HE1) × R(HE2) × ... × R(HE2). n );
[0054] Rule 3: If a hypergraph HG consists of n connected components HE1, HE2, ..., HE n To determine the probability dependency between each hyperedge HE and the privacy node, if HE1 is closer to the privacy node downwards than HE2, then HE2 < HE1, meaning HE1 is resolved first, and vice versa. For each hyperedge HE... N Intersecting superedges HE M Eliminate R(HE) from bottom to top M The tuples in the array that have no probability dependency are obtained.
[0055] The PP-Lego algorithm recursively calls the above three rules, selecting, solving, and eliminating each hyperedge in the hypergraph HG one by one to construct R(HG). The process of eliminating hyperedges is also the process of implementing privacy constraints one by one. The pseudocode of the heuristic algorithm is as follows:
[0056]
[0057]
[0058] Compared with the prior art, the present invention has the following advantages:
[0059] 1) A novel multi-party data fusion framework based on re-anonymization is proposed, and a layered data privacy protection mechanism is given for the data background held by different roles.
[0060] 2) To avoid privacy leaks caused by directly using the original data from all parties for data fusion, a multi-party data network fusion method is proposed. By using a series of techniques such as Bayesian network generation and collaborative filtering, the joint distribution of variables among extended attributes is predicted.
[0061] 3) To enhance the targeted nature of privacy protection, a heuristic algorithm for combining privacy protection strategies is proposed. Through a series of heuristic algebraic optimization rules, the algorithm minimizes the impact on data availability while satisfying the privacy requirements of all parties. Attached Figure Description
[0062] Figure 1 Comparison of noisy results for different privacy protection strategies executed in different orders;
[0063] Figure 2 This invention is based on a multi-source data fusion model with heavy anonymization;
[0064] Figure 3 This refers to the matrix decomposition process.
[0065] Figure 4 Comparison of convergence processes for different datasets;
[0066] Figure 5 Comparison of convergence times for different datasets;
[0067] Figure 6 Comparison results of various algorithms when k=5 and l=3;
[0068] Figure 7 Comparison results of various algorithms when k=8 and l=4;
[0069] Figure 8 Comparison results of various algorithms when k=10 and l=5;
[0070] Figure 9 The results show a comparison of the time costs of the naive algorithm and the PP-Lego algorithm. Detailed Implementation
[0071] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
[0072] A method for optimizing privacy strategies in multi-party data fusion scenarios includes the following steps:
[0073] Step 1. Each data owner participating in data fusion respectively converts their local data into a Bayesian network by means of Bayesian generation technology, and uploads the anonymized Bayesian network to the data center for fusion. The specific steps are as follows:
[0074] Step 1.1. Each data owner applies a Bayesian network generation algorithm based on the hill-climbing method to convert the local original data they own into the corresponding Bayesian network;
[0075] Step 1.2. Each data owner performs privacy protection operations on the Bayesian network converted from the original data according to their respective privacy protection requirements. In this embodiment, three privacy protection operations of attribute value generalization, t-nearest neighbor, and l-diversity are implemented on the Bayesian network.
[0076] Sensitive attribute value generalization operation: According to the attribute value generalization hierarchy tree set by the data owner for the data attributes, the attribute leaf nodes to be anonymized and protected in the attribute value domain are aggregated with all sibling leaf nodes of their parent node into an attribute node and replaced by its direct parent node to form a new leaf node. The probability distribution of the attribute value corresponding to this leaf node inherits from all the original leaf nodes participating in the aggregation, and its value is the sum of the probability distributions of all the participating aggregation nodes;
[0077] t-nearest neighbor protection operation: a) Define the value distribution situation that maximizes the information entropy in the attribute value domain space to be anonymized and protected as the theoretical benchmark (its distribution value is denoted as X min ), and define the one with the largest attribute value probability distribution as the smoothing benchmark to be smoothed (its distribution value is denoted as X max ); b) Use variance for measurement, and define as the smoothing operation unit (where m is a positive integer), and perform iterative unit correction on the theoretical benchmark and the smoothing benchmark to be smoothed, that is, each round of correction makes If the variance of the probability of each value of the attribute from the theoretical benchmark is not higher than t, stop the iteration, otherwise jump to execute a).
[0078] l-diversity protection operation: Expand the value domain space of the attribute to be privacy protected in the Bayesian network, so that the number of different values in its value domain space is greater than or equal to l. Based on the probability distribution of each value in the corrected attribute according to the correction principle of maximizing information entropy, in the process of each round of correction, a) only select one value with the largest probability distribution as the target object to be corrected (its distribution value is denoted as X max ), and the number of different values in the current attribute value domain space is denoted as m (m < l). Distribute the probability distribution value higher than the mean value of it equally to the newly added attribute values {X m+1 ,..., X l}, that is b) Jump to execute a), until ( The minimum threshold of the preset probability distribution, and ).
[0079] Step 1.3: Each data owner participating in the data fusion uploads the partially anonymized Bayesian network to the data center for fusion.
[0080] Step 2: In this embodiment, a collaborative filtering algorithm is used to predict the association relationships between Bayesian network nodes of all parties, so as to achieve network fusion and thus eliminate the mapping relationship between personal user privacy and raw data. The specific steps are as follows:
[0081] Step 2.1: Construct the Extended Dependency Matrix (EDM) based on each local Bayesian network. m×m ,in, Each element entry ij This represents the network node dependencies observed from the raw data, when entry ij When = 1, it represents node a. i and node a j There is a dependency relationship between them, and the conditional probability between them is P(a j |a i ); when entry ij When = 0, it indicates node a i and node a j There is no dependency between them; entry ij =? represents node a i and node a j The relationship between them is unclear.
[0082] Step 2.2: Predict the element value corresponding to "?" in the extended dependency matrix through matrix factorization. Given Q i,k Matrix and R k,j The matrix, and the fused M matrix, are used to minimize the loss function in order to achieve prediction: After simplifying it, we get: The first term represents the L2 distance between each observed value and its corresponding predicted value in the matrix; the second term is a regularization penalty term used to prevent overfitting; and λ is a parameter used to control the regularization term. After simplification, the objective function is as follows:
[0083]
[0084] st0≤Q≤1 0≤R≤1
[0085] The objective function is optimized and solved using the gradient descent algorithm.
[0086] Step 2.3, respectively for Q i,k ,R k,j Taking the derivative, we get:
[0087]
[0088] Step 2.4, update the variables according to the negative gradient direction:
[0089]
[0090] Step 3: The parties involved in data fusion anonymize the outer layer of the fused Bayesian network according to the roles and permissions of the data users. This invention proposes a combined optimization method for multi-party privacy protection strategies, which maps privacy protection strategies to a hypergraph and designs corresponding heuristic rules. Hypergraph resolution technology is used to satisfy privacy constraints while eliminating over-protection or under-protection phenomena that may occur in multi-source data fusion, thereby maximizing the utility of the fused data. The specific implementation steps of this embodiment are as follows:
[0091] Step 3.1: Define the privacy protection strategy as a quintuple F = (G, IA, SA, OP, V), where G represents the transfer of the privacy protection strategy to the Bayesian network derived from the dataset; IA represents the information attribute node; SA represents the privacy node; and OP represents a certain operation step of the privacy protection strategy. A privacy protection strategy consists of several operation steps, i.e., OP = (OP1, OP2, ..., OP). m V represents the value range after the operation OP.
[0092] Step 3.2, then determine the execution order of different privacy protection strategies from a structural perspective:
[0093] 1) If operations involving privacy attributes are involved Starting from the privacy nodes of the Bayesian network, the Bayesian network is encoded, and the operations on two different privacy nodes are compared by correcting the privacy node SA within a maximum correction threshold. and The impact on the Bayesian network structure, if OP i Compared to OP j If the impact on the data structure is relatively small, then the partial order relationship between them is: OP j <OP i OP i Compared to OP j Execute first, and vice versa;
[0094] 2) If multiple operations on information attributes are involved Then there are two cases: First, when a partial order relation OP exists. i<OP j <OP k <OP i By using the probabilistic reasoning relationships between IAs, the range of each operation is calculated. If IA j , Then operate OP i range This will affect the IA j IA k Operations, i.e., OP i Compared to OP j OP k Execute first, if Then operate OP k range It will affect the IA j IA i Operations, i.e., OP k Compared to OP j OP i Execute first; then, if a partial order relation exists, the OP will be executed. i <OP j <OP k OP i <OP k Then OP k Compared to OP j OP i Execute first, and for OP j OP i Sequence, if in operation and middle, but It will affect OP j So, OP j <OP i OP i Compared to OP j Execute first, and vice versa.
[0095] Step 3.3: Based on the above judgment of the execution order of different privacy protection strategies F, this embodiment uses a hypergraph resolution algorithm to solve the optimization process and proposes a heuristic rule for hyperedge resolution:
[0096] Rule 1: If a hypergraph HG contains only one hyperedge HE, it can be directly eliminated, i.e., R(HG) = R(HE);
[0097] Rule 2: If a hypergraph HG consists of n disjoint hyperedges HE1, HE2, ..., HE n The union of the sets, which can be executed in parallel, is R(HG) = R(HE1) × R(HE2) × ... × R(HE2). n );
[0098] Rule 3: If a hypergraph HG consists of n connected components HE1, HE2, ..., HE n To determine the probability dependency between each hyperedge HE and the privacy node, if HE1 is closer to the privacy node downwards than HE2, then HE2 < HE1, meaning HE1 is resolved first, and vice versa. For each hyperedge HE... N Intersecting superedges HE M Eliminate R(HE) from bottom to top M The tuples in the array that have no probability dependency are obtained.
[0099] In this embodiment, three different datasets are used to evaluate the effectiveness of the proposed privacy protection method based on multi-source data fusion with a re-anonymization architecture. The first dataset is the Cancer dataset, a small Bayesian network structure with 5 attribute nodes and 11 parameters. 10458 records were selected for the experiment, and the attribute {dyspnoea} was treated as a sensitive attribute SA node. The second dataset is the Sachs dataset, a medium-sized network from the previous chapter. The third dataset is the Insurance dataset, a large network containing 27 vertices, 47 edges, and 510 parameters. In this dataset, {accident} is treated as a sensitive attribute node. The specific descriptions of the three datasets are shown in Table 1. The experimental environment was implemented using a 64-bit Windows 10 system with a Xeon(R) Platinum 6162 CPU @ 1.90GHz and 1TB of memory.
[0100] Table 1. Dataset Description
[0101]
[0102] The first set of experiments verifies the correctness and effectiveness of the Bayesian network fusion algorithm based on collaborative filtering. In the experiments, mean squared error (MSE) is used to measure the accuracy of the predictions. The formula for MSE is:
[0103]
[0104] Where n is the number of samples, y i For real data, To fit the data, w i >0, the closer the MSE is to 0, the better the fit.
[0105] In the experiment, the algorithm parameters were set as follows: λ = 0.002 to prevent overfitting, step size = 5000, and learning rate α = 0.01 to control the step size of each iteration. The three datasets {Cancer, Sachs, Insurance} were fused pairwise, and five independent experiments were conducted. The experimental results were recorded, and the mean and standard deviation (mean ± sd) of the five experimental results were calculated. The results are shown in Table 2 below.
[0106] The results in Table 2 show that the mean squared error of the {Cancer, Sachs} dataset is the smallest when the two datasets are fused, fluctuating within the range of 0.03926±0.00022. The mean squared errors of the other two datasets also remain around 0.1. This indicates that the CF-BNF algorithm proposed in this chapter can accurately predict the dependencies between nodes after data fusion, and it has strong robustness for the fusion of small and medium-to-large datasets.
[0107] Table 2 MSE Experimental Results
[0108]
[0109] Secondly, the experiment also recorded the convergence process and convergence time of the proposed CF-BNF algorithm on three datasets, such as... Figure 4 and Figure 5 As shown.
[0110] Figure 4 The results show that as the number of iterations increases, the loss functions of the three sets of fused data {Cancer, Sachs}, {Cancer, Sachs}, and {Sachs, Insurance} gradually converge, with all losses below 0.2. Moreover, the two sets of data {Cancer, Sachs} and {Cancer, Sachs} converged in fewer iterations, at 3000 and 4000 iterations, respectively.
[0111] Figure 5 The results show that the convergence time for the datasets {Cancer, Sachs} is approximately 162s, for {Cancer, Insurance} it is approximately 446s, and for {Sachs, Insurance} it is approximately 580s. This indicates that the CF-BNF algorithm can converge within a certain time, and the convergence time increases with the complexity of the dataset.
[0112] To verify that the proposed PP-Lego optimization algorithm can significantly improve data availability, this invention also designed a comparative experiment for analysis. Since the two datasets {Sacha, Insurance} contain five identical information attributes, the three benchmark algorithms were compared with the PP-Lego optimization algorithm of this embodiment under the fusion of these two datasets. The first benchmark method is to naturally integrate the privacy-protected data by each data owner; this method is called Natural-Integration. The second method is a distributed DkA algorithm that implements secure data fusion between two parties under a semi-honest model. It is used to merge two private data tables into a k-anonymity table, where each private table is a vertical partition of the same set of records. This method has higher fusion accuracy and data anonymity than the first method, but it cannot be applied to large datasets. The third method is an improvement on the DkA algorithm, called the DkA-Improve algorithm. This method calculates the maximum security value for both parties each time anonymization is performed, and then performs the anonymization operation on the data. Compared with the second method, it has higher anonymity and data availability, and this method can be extended to large datasets.
[0113] Secondly, in this experiment, the anonymization method used for the Sacha dataset was k-anonymity, and the anonymization method used for the Insurance dataset was l-diversity. Noise was added during the anonymization process for both datasets. Different values of k and l were given in the experiment to observe the results. To measure the magnitude of data availability, data availability was represented by Qua, with the formula:
[0114]
[0115] Where 'a' represents the original data and 'b' represents the data with added noise, the formula shows that the more noise added, the worse the data usability. In the experiment, the amount of data generated by the Bayesian network was used as the independent variable, ranging from 10,000 to 100,000 data points. Results were recorded every 10,000 data points to observe changes in data usability. Experimental results were obtained by setting k=5, l=3, k=8, l=4, and k=10, l=5, respectively. Figures 6-8 As shown.
[0116] according to Figure 6 , Figure 7 , Figure 8 The experimental results are analyzed from both horizontal and vertical perspectives:
[0117] (1) From a horizontal perspective, when the amount of data is extremely small, the three benchmark algorithms have little difference in their impact on data availability. This is because Bayesian networks have randomness when generating data, and both datasets are medium to large-scale networks. When generating a small amount of data, they cannot fully reflect the relationship between attributes. When performing privacy protection operations on the data using k-anonymity and l-diversity respectively, a large amount of noise is added, which leads to data distortion and reduces data availability. Similarly, for the PP-Lego algorithm proposed in this invention, when the amount of data is small, its data availability remains between 60% and 80%. As the amount of data increases, the ability of data generated by Bayesian networks to represent information attributes gradually increases, and the noise added by privacy protection operations on the generated data gradually decreases, thus gradually improving data availability. Moreover, the data availability of the optimization algorithm proposed in this invention is consistently higher than the other three methods. When the amount of data reaches 100,000 records, the data availability reaches 92.13%, 95.40%, and 92.98% respectively, which is 49.23, 41.16, and 46.73 percentage points higher than the natural fusion method.
[0118] (2) From a longitudinal perspective, the data availability of various algorithms varies depending on the values of k and l. When k=8 and l=4, the data availability of the four methods is generally better than that of k=5 and l=3 and k=10 and l=5. For example, regarding the PP-Lego algorithm proposed in this invention, when k=8 and l=4, the data availability is higher than the other two cases for different data volumes. When the data volume is 10,000 records, the data availability of the PP-Lego algorithm is close to 80%, and when the data volume reaches 100,000 records, the data availability of the PP-Lego algorithm is 2% to 4% higher than the other two cases.
[0119] The above experimental results show that the PP-Lego optimization algorithm proposed in this invention can greatly improve the usability of fused data.
[0120] To verify the superiority of the PP-Lego algorithm in terms of time complexity, this invention also designed a set of comparative experiments. Given k=8 and l=4, the time complexity of three benchmark algorithms and the optimized algorithm proposed in this invention were compared. The experimental results are as follows: Figure 9As shown, experimental results indicate that the time overhead of the other three methods increases linearly with the increase in data volume, while the optimization algorithm proposed in this invention is almost unaffected by the data size, and the time overhead remains within 7.1 seconds. When the data reaches 100,000 records, the Natural-integration method has a time overhead of 19.45 seconds, while the PP-Lego algorithm proposed in this invention has a time overhead of only 7.03 seconds, saving 12.42 seconds of time overhead compared to the Natural-integration method.
[0121] The preferred embodiments of the present invention disclosed above are merely illustrative of the invention. These preferred embodiments do not exhaustively describe all details, nor do they limit the invention to the specific implementations described. Clearly, many modifications and variations can be made based on the content of this specification. This specification selects and specifically describes these embodiments to better explain the principles and practical applications of the invention, thereby enabling those skilled in the art to better understand and utilize the invention. The invention is limited only by the claims and their full scope and equivalents.
Claims
1. A method for combining privacy strategies in a multi-party data fusion scenario, characterized in that: Includes the following steps: Step 1: The inner anonymization stage of the data owner's local data: Each data owner participating in the data fusion uses Bayesian generation technology to transform their local data into a Bayesian network, and uploads the anonymized Bayesian network to the data center for fusion. Step 11: Each data owner applies a Bayesian network generation algorithm based on hill climbing to transform their respective local original data into corresponding Bayesian networks. In steps one and two, each data owner performs privacy protection operations on the Bayesian network transformed from the original data according to their own privacy protection needs; Step 13: Each data owner participating in the data fusion uploads the partially anonymized Bayesian network to the data center for fusion. Step 2, Fusion of Local Bayesian Networks: Collaborative filtering algorithm is used to predict the relationships between nodes in each Bayesian network to achieve network fusion, thereby eliminating the mapping relationship between personal user privacy and original data; Step 21: Construct an extended dependency matrix based on each local Bayesian network; Step 22: Predict the element values corresponding to unknown elements in the extended dependency matrix through matrix decomposition; Step 3: Outer Anonymization Stage Based on Multi-Strategy Combination Optimization Mechanism: The parties involved in data fusion anonymize the fused Bayesian network according to the roles and permissions of data users. Through the combination optimization method of multi-party privacy protection strategies, the privacy protection strategies are mapped to the hypergraph and corresponding heuristic rules are designed. Hypergraph resolution technology is used to satisfy privacy constraints while eliminating over-protection or under-protection phenomena that may occur in multi-source data fusion, so as to maximize the utility of the fused data. Each data owner performs privacy protection operations on the Bayesian network transformed from the original data according to their own privacy protection needs, including: generalizing sensitive attribute values through the Bayesian network; -Nearest neighbor and - Diverse privacy protection options; Sensitive attribute value generalization protection operation: Based on the attribute value generalization hierarchy tree set by the data owner for the data attributes, the attribute leaf node to be anonymized in the attribute value domain is aggregated with all its sibling leaf nodes of the same parent node into one attribute node and replaced by its direct parent node to form a new leaf node. The probability distribution of the attribute value corresponding to this leaf node is inherited from all the original leaf nodes participating in the aggregation, and its value is the sum of the probability distributions of all participating nodes. - Nearest Neighbor Protection Operation: a) Define the distribution of values in the attribute value space that maximizes information entropy as the theoretical baseline, denoted as [the distribution value is missing here]. The attribute with the largest probability distribution is defined as the baseline to be smoothed, and its distribution value is denoted as... b) Use variance as a measure, Defined as the unit of smoothing operation, where, For positive integers, iterative unit corrections are performed on the theoretical benchmark and the benchmark to be smoothed, that is, each round of correction makes... If the variance of the probability of each attribute value occurring is no higher than the theoretical baseline, Then stop iterating; otherwise, jump to execute a). - Diversity protection operation: Expand the value domain space of the attribute to be privacy protected in the Bayesian network, so that the number of distinct values in the value domain space is greater than or equal to 1. Based on the probability distribution of each value in the corrected attribute, and following the correction principle of maximizing information entropy, in each round of correction, c) only selects the value with the largest probability distribution as the target object to be corrected, and its distribution value is denoted as... And the number of distinct values in the current attribute value domain space is denoted as The probability distribution value above the mean Distribute the newly added attribute values evenly ,Right now , d) Jump to execute c) until , The minimum threshold of the preset probability distribution, and .
2. The privacy strategy combination method in a multi-party data fusion scenario according to claim 1, characterized in that: The method of using collaborative filtering to predict the association relationships between Bayesian network nodes of each party specifically involves: Step 21: Construct extended dependency matrices based on each local Bayesian network. ,in, Each element This represents the network node dependencies observed from the raw data, when... When, it indicates a node and nodes There is a dependency relationship between them, and the conditional probability between them is... ;when When, it indicates a node and nodes There is no dependency between them; Represents a node and nodes The relationship between them is unclear; Step 22: Predict the extended dependency matrix using matrix factorization. The corresponding element value, given Matrix and Matrix, and the fused matrix For the matrix, to achieve prediction, minimize the loss function: After simplifying it, we get: The first term is the L2 distance between each observation and its corresponding predicted value in the matrix, and the second term is a regularization penalty term used to prevent overfitting. This is a parameter used to control the regularization term.
3. The privacy strategy combination method in a multi-party data fusion scenario according to claim 2, characterized in that: The construction of the extended dependency matrix based on each local Bayesian network is specifically as follows: Given a set of Bayesian networks The components are merged to form the corresponding dependency matrix. , Through the dependency matrix Construct an extended dependency matrix ,in, Expanding the dependency matrix Each element in the code is defined as follows: , Each element This represents the network node dependencies observed from the raw data, when... When, it indicates a node and nodes There is a dependency relationship between them, and the conditional probability between them is... ;when When, it indicates a node and nodes There is no dependency between them; Represents a node and nodes The relationship between them is unclear.
4. The privacy strategy combination method in a multi-party data fusion scenario according to claim 3, characterized in that: The method of predicting the element values corresponding to unknown elements in the extended dependency matrix through matrix decomposition is as follows: Given a dependency matrix and its rank If a matrix exists , , making If it is established, then Called a matrix Two-factor decomposition; if , Let the L2 distance be denoted by the following: ,but yes Matrix decomposition -estimate; In the matrix "Prediction is made through matrix factorization. The values of "1" or "0" in the original matrix may change in the matrix after network fusion. This shows that the dependency relationship on the local data does not necessarily maintain the same dependency relationship on the overall data, and vice versa." The decomposition process involves breaking down the original matrix into its constituent elements. The matrix between the given matrix and the product of the decomposed matrices are defined as follows: Given Matrix and Matrix, and the fused matrix For the matrix, to achieve prediction, minimize the loss function: , After simplifying it, we get: , The first term is the L2 distance between each observation and its corresponding predicted value in the matrix, and the second term is a regularization penalty term used to prevent overfitting. This is a parameter used to control the regularization term; The objective function is then: min 。 5. The privacy strategy combination method in a multi-party data fusion scenario according to claim 4, characterized in that: The gradient descent algorithm, which minimizes the loss function, is an update process that proceeds from random initialization to iteration until convergence. and The core steps are: (1) For each Taking the derivative, we get: , ; (2) Update variables based on the direction of the negative gradient: , 。 6. The privacy strategy combination method in a multi-party data fusion scenario according to claim 5, characterized in that: The method for combining and optimizing the multi-party privacy protection strategies is as follows: Step 31: Define the privacy protection strategy as a quintuple. ,in This indicates a shift in privacy protection strategies to Bayesian networks derived from datasets; Represents information attribute nodes, Indicates a privacy node. This represents a specific step in a privacy protection strategy. A privacy protection strategy consists of several steps. , Indicates that after operation The range of values after that, ; Step 32: Determine the execution order of different privacy protection strategies from a structural perspective: 1) If operations involving privacy attributes are involved , Then, starting from the privacy nodes of the Bayesian network, the Bayesian network is encoded, and the privacy nodes are corrected within the maximum correction threshold. To compare operations on two different privacy nodes and The impact on the Bayesian network structure, if Comparison If the impact on the data structure is relatively small, then the partial order relationship between them is: ,Right now Comparison Execute first, and vice versa; 2) If multiple operations on information attributes are involved , , Then there are two cases: First, when a partial order relation exists. ,pass The probabilistic reasoning relationship between them is used to calculate the range of each operation. ,like Then the operation range It will affect the The operation, namely Comparison , Execute first, if Then the operation range It will affect the The operation, namely Comparison , Execute first; then, if a partial order relation exists... , ,but Comparison , Execute first, and for , Sequence, if in operation and middle, ,but It will have an impact ,So ,Right now Comparison Execute first, and vice versa; Step 33: By judging the execution order of different privacy protection strategies, a hypergraph resolution algorithm is used to solve the optimization process, and a heuristic rule for hyperedge resolution is proposed: Rule 1: If the hypergraph Contains only one super edge It can be directly dissolved, that is, R( ) = R( ); Rule 2: If the hypergraph yes Non-intersecting super-edges , ... The union of the sets, which are executed in parallel, then R( ) = R( )×R( )×……×R( ); Rule 3: If the hypergraph Depend on Connected components , ... If we compose the components, then we need to determine the individual hyperedges. The probabilistic dependency with privacy nodes, if Comparison Moving even further down to privacy nodes, then ,Right now First, resolve the problem, and vice versa; for each edge with a hyperedge... Intersecting superedges Eliminate R from bottom to top The tuples in ) that have no probability dependence are obtained to obtain R( ) = R( ) R( ) R( ) ... R( ).