Privacy-preserving t-repetition, range set union, and DNF operations on distributed sets

천지영 Graduate School of Information Management oand Sec 2011 국내박사

In many distributed environments parties are having their private datasets and want to extract some useful information with their private datasets while parties do not want to reveal their private datasets. Privacy-preserving set operations such as set union and set intersection on distributed sets are widely used in privacy-preserving data mining techniques. However, conventional privacy-preserving set operations are not sufficient to manage new requests as given below. In many healthcare applications, it is important to find rare cases among medical data of individuals. Finding rare cases with medical data is needed when hospitals or research institutes want to identify rare diseases. To extract meaningful information from the medical data while protecting the privacy of data owners, privacy-preserving data mining can be used. However, most previous privacy-preserving data mining techniques are focused on common cases. The common cases are important in privacy-preserving data mining, however, rare cases should not be overlooked. Privacy-preserving data mining techniques for rare cases have not received much attention so far. In this thesis, we introduce new privacy-preserving set operations called t-repetition, range set union, and DNF operations on distributed sets for rare cases and show how the protocols can be used to make new set operations as well as conventional set operations. Our protocols are as follows: - t-Repetition: A privacy-preserving t-repetition protocol can be used to find elements which exactly t parties out of n parties have in common in their datasets without revealing their private datasets. We note that an element which n parties out of n parties have in common is in a set intersection. Thus, our privacy-preserving t-repetition protocol can be used to find a set intersection, i.e., n-repetition, and could be considered as a generic extension of a privacy-preserving set intersection protocol. We note that n-repeated elements are the commonest cases, and 1-repeated elements are the rarest cases. - Range Set Union: A privacy-preserving range set union protocol can be used to find elements which at least t1 parties and at most t2 parties have in their private datasets without revealing any other information except the information which could be inferred from the range set union. Our privacy-preserving range set union protocol makes it possible to construct exact-threshold set union and under-threshold set union as well as over-threshold set union while preserving privacy of the parties. - DNF Operations: A privacy-preserving DNF operation on distributed sets is to find a set $S_F$ satisfying $S_F=(S_{1,1}\cap...\cap S_{1,t_2})\cup...\cup (S_{t_1,1}\cap...\cap S_{t_1,t_2})$ without revealing any other information except information which could be inferred from DNF operations, where $S_{i,j}\in\{A_1,...,A_n,\overline{A_1},...,\overline{A_n}\}$ and a set $A_k$ is known only to a party $P_k$. A complement set $\overline{A_k}$ is defined as $\overline{A_k}=(A_1\cup...\cup A_n)-A_k$. Using privacy-preserving DNF operations on distributed sets it is possible to find set union, (threshold) set intersection, set of t-repeated elements and so on. Our protocols do not reveal any other information except the information which could be inferred from the protocols and a size of each private set. The information of the size of each private set revealed by our protocols is due to the use of a underlying privacy-preserving set union protocol.

공인의 프라이버시와 알 권리에 관한 연구 : 프라이버시 침해 관련 판례를 중심으로

김흥규 연세대학교 언론홍보대학원 2005 국내석사

As information society advances and mass media grow in number, so would invasion of privacy of an individual grow. Against this backdrop, a problem calling for a greater attention looms large: How can we address the conflict involving press freedom (the public''s right to know) and protection of personal rights (right to privacy of an individual).In the United States, there is a tendency that public figures are given lesser right to privacy than are private citizens. For public officials, freedom of press takes precedence over an individual''s privacy. And the press is protected in privacy trials in a way that the libel suitors should prove the actual malice of the media.This study focuses on how mass media can minimize the conflict between the public''s right to know and protection of privacy rights. This paper picked up 39 cases involving alleged intrusion into privacy, analyzed how public personages and non-public individuals got different judgments, and took a look at when the media win the cases.Results show that public figures won 69.2% of privacy trials, an about 20% points lower than in the cases for private citizens, demonstrating that public figures have lesser right to privacy. Out of 39 cases, the media got only 7 wins (17.9%) and chances of winning got slim as the cases are appealed.Broadcasting organizations are more prone to privacy suits (7 cases or 35%) than newspaper companies (13 cases or 30%) followed by magazines including weeklies (12 cases or 28%). In defamation suits, newspapers outnumber broadcasting outlets.By types of privacy intrusion, public disclosure of private facts tops the list with 16 cases (41%), followed by public notification of investigation facts (12 cases, 30.8%), invasion of the right to likeness (8 cases, 20.5%), reports of scandals (5.1%), and right to voice (1 case, 2.6%).Analysis of the cases illustrates that the Korean courts have taken into consideration three factors in judging privacy cases. The first consideration is about the sphere of interest: public or private. The second factor is whether private facts are made public under the consent of private citizens. The third consideration is whether the disclosure of an individual''s personal life has legitimate public interest.In conclusion, news organizations should pay considerable attention when their reports bring possible intrusion on privacy rights. Although media are relatively protected from libel suits, judgments in courts are made within the context of the published event, not on an individual text basis. It is necessary that courts come up with concrete standards and principles in privacy laws so that libel suits could diminish. 정보화 사회의 진전과 대중매체의 발달로 개인의 프라이버시 침해 가능성이 한층 높아졌다. 국민의 알 권리 충족을 위한 언론 자유와 개인의 프라이버시라는 인격권 보호의 충돌, 혹은 갈등 양상을 어떻게 조화시키고 해결해 나가야 할 것인가 하는 문제는 우리 사회에서도 이제 현실적 관심사로 대두되고 있다.미국의 경우 보도 대상이 사인(私人)이 아닌 공인(公人)인 경우 그 명예보다 언론자유를 우선시하는 경향이다. 또 언론이 소송에 휘말리더라도 원고인 공인이 언론의 ‘현실적 악의’(actual malice)를 입증하도록 해 법적인 보호장치를 두고 있다.본 연구는 이러한 문제의식에서 출발해 국민의 알 권리와 프라이버시 보호라는 두 기본권의 충돌을 최소화하기 위해 우리 사회에서 실제로 어떠한 노력이 필요한지를 언론의 시각에서 접근하고자 했다. 이를 위해 본 연구는 언론 보도 등으로 법적 분쟁에 이른 법원 판결문 가운데 직접 또는 간접으로 프라이버시권과 관련된 사례 39건을 연구 대상으로 삼아 원고가 공인인 경우와 사인인 경우에 법원의 판단에 어떤 차이가 있고, 언론은 어떤 경우에 법적 책임이 면제되는지 등을 분석했다.분석 결과 프라이버시 관련 소송에서 공인의 승소율은 69.2%로 사인에 비해 20% 포인트 가까이 낮아, 공인의 프라이버시는 사인보다 상대적으로 덜 보호되는 것으로 나타났다. 그러나 연구대상 판례 39건 가운데 언론사가 승소한 사건은 7건(17.9%)에 불과했고, 상급심으로 갈수록 언론매체가 법정에서 승리하기 어려운 경향을 보였다.언론 매체별로는 방송사가 소송에 연루된 경우가 35%(15건), 일간신문 30%(13건), 주간지를 포함한 잡지 28%(12건) 등으로 나타나, 명예훼손 소송에서와는 달리 방송이 신문보다 프라이버시 침해 시비를 더 많이 일으키는 것으로 드러났다.프라이버시 관련 판례를 보도내용과 판결문에 반영된 위법성의 정도에 따라 5가지 유형으로 구분한 결과 사적 사항 공표가 16건으로 41%를 차지했고, 피의사실 공표 30.8%(12건), 초상권 침해 20.5%(8건), 추문 보도 5.1%, 음성권 침해 2.6%(1건) 순이었다.연구 대상 판결문의 내용을 종합해보면, 우리나라 법원은 개인의 프라이버시 침해 여부를 가리는 과정에서 크게 세 가지 요인을 고려 대상으로 삼아왔다고 할 수 있다. 첫째, 공개된 내용이 공적 영역인지, 사적 영역의 것인지, 둘째, 개인의 동의하에 사적 영역의 공개가 이뤄졌는지, 셋째, 사적 영역이지만 공중의 정당한 관심의 대상인지를 고려해 왔다.때로는 보도 내용이 공적 영역이라도 개인의 동의 여부를 더 우선시했고, 더러는 개인의 동의가 없더라도 공중의 정당한 관심사인지를 가려 판단하기도 했다. 일관된 판결 기준이 없고, 문제를 제기한 원고마다 사안마다 다르다 보니 프라이버시권이 예측 가능한 법리로 작용하기에는 한계가 있는 것으로 보인다.이상과 같은 연구 결과를 바탕으로 도출한 결론을 요약하면, 언론은 개인의 프라이버시에 대한 보도를 할 경우 스스로 적절한 주의를 기울이지 않으면 안 된다는 점이다. 비록 법원이 위법성 조각사유(면책사유)를 통해서 언론의 자유를 다소 보장하고 있기는 하지만, 개별적 텍스트(text)에 대한 결론이 아니라 전후 맥락적 상황(context)에 대한 법원의 종합적인 고려를 통해서 이뤄지는 것이므로 언론이 이를 유의해야 한다. 또한 법원도 예측 가능성 있는 법리의 확립을 통해 사전에 프라이버시 분쟁을 막을 수 있도록 언론 관련 소송에서 보다 구체적이고 명확한 기준, 원칙을 제시할 필요가 있다고 본다.

A Cryptographic Approach towards Privacy-Preserving Image Data Transmission, Storage and Computation

아흐마드 이자즈 조선대학교 대학원 2023 국내박사

In today’s world, most of the automated applications ranging from the health sector to the entertainment industry are driven by Artificial Intelligence (AI), owing to the success of deep learning (DL) algorithms. There are two main challenges in the development and implementation of DL-based solutions. First, DL algorithms are characterized as compute-intensive tasks, and their training requires innovative technology and high computational resources. Second, training DL models for a particular task requires a large volume of sample data, which in some domains such as in the field of medical image analysis, is expensive and difficult to acquire. To overcome these limitations, cloud services such as computing, and storage resources are emerging as one of the cost-effective solutions. For example, in the first case, organizations can avail cloud-computing services to access the latest technology to speed-up the training process and allow DL models to scale efficiently with a lower capital cost. Similarly, to mitigate the data deficiency challenge, an organization can benefit from a community cloud, where services are shared by organizations with common interests to achieve their goals. In this case, cloud storage services can be utilized as a shared data repository for joint projects and collaboration among the organizations. Nonetheless, like all communication systems, when data is outsourced to the avail of cloud services, there is a risk of information leakage, which can lead to privacy concerns. A straightforward solution to this is the encryption of data before transmission and for which the full encryption algorithms based on the number theory and chaos theory are proven to be the most secure techniques. Though this guarantees security during transmission, it is necessary to decrypt the data prior to performing any computations on them. This data reveal may be tolerable in certain scenarios; however, when dealing with privacy-sensitive data such as medical images, surveillance data, financial data, etc., such encryption techniques are not adequate to cater to the requirements of privacy preserving computation. In addition, when transmitting large volumes of data (especially image data), compression is necessary to efficiently utilize the available limited bandwidth. On the other hand, techniques specifically proposed to enable computation in the encryption domain have their associated computational cost, communication overhead and specialized design requirement that may reduce data utility and degrade the DL model performance. Therefore, privacy-preserving techniques that can jointly satisfy the dual requirements of data transmission, data storage and computation in the encryption domain are of immense importance. In this work, we first investigate the order of performing compression and encryption processes that gives a better trade-off between compression savings and encryption efficiency and measure its impact on the downstream application performance. Next, we present a detailed taxonomy and comprehensive analysis of the JPEG compatible perceptual encryption methods in terms of their encryption and compression efficiencies. We adapt the assorted practices that have been proposed to effectively manage the encryption and compression trade-off, into a uniform framework, which may serve as a guideline for selecting appropriate techniques according to the privacy-preserving system requirements. To find proper trade-offs between achieving necessary privacy-preservation (during transmission and computation), preserving compression savings and downstream application accuracy, we present a novel transformation function to overcome the limitations of the perceptual encryption methods. In our proposed end-to-end system pipeline for privacy-preserving computation, the compression block introduces certain information loss that may degrade the model accuracy, we propose a novel noise-based data augmentation technique to mitigate the impact of the compression artifacts on the trained DL model performance. To validate the usefulness of the proposed method, we consider a wide range of privacy-preserving applications such as privacy-preserving face recognition, privacy-preserving natural image classification and privacy-preserving COVID-19 detection in Chest X-ray images. Our simulation results show that the proposed simultaneous image encryption and compression scheme for secure and efficient data transmission and/or storage, preserves the lossless compression saving, and with our data-to-symbol mapping function the compression saving is improved on average from 6% to 15%. On the other hand, in the privacy-preserving computation domain, the proposed PE-based scheme at best introduces a decrease of ~5% in the prediction accuracy of a DL model for natural image classification task while ~3% drop in the model’s accuracy and sensitivity scores for medical image analysis. In the face recognition application, the proposed privacy preservation scheme delivers the same recognition accuracy as that of the plain images. Moreover, the proposed noise-based augmentation method has reduced the difference in model accuracy from 11% to 2% for classification of natural images. 딥러닝(DL) 알고리즘의 발전이 인공지능(AI) 기반 자동화 애플리케이션의 확산을 이끌고 있다는 사실은 보건부터 엔터테인먼트까지 넓은 범위에서 목격된다. 그러나, DL 기반 솔루션을 개발하고 구현하는 데는 크게 두 가지 주요 장애물이 있다. 첫째로, DL 알고리즘이 매우 연산 집약적이며, 그 학습 과정은 혁신적인 기술과 상당한 계산 자원을 필요로 한다. 둘째로, DL 모델의 학습을 위해선 풍부한 샘플 데이터가 요구되는데, 특히 의료 이미지 분석 등 일부 분야에서는 비용 문제와 확보의 어려움이 동시에 발생한다. 이러한 한계를 극복하기 위한 방법 중 하나로 클라우드 서비스, 특히 컴퓨팅과 스토리지 자원이 주목 받고 있다. 예를 들어, 딥러닝 기술을 사용하는 조직들은 클라우드 컴퓨팅 서비스를 이용하여 최신 기술에 접근하고, 학습 과정을 가속화하며, DL 모델을 보다 저렴한 비용으로 효율적으로 확장할 수 있다. 또한, 데이터 부족 문제 해결이라는 공동의 목표를 위해 서비스를 공유하는 커뮤니티 클라우드의 이점을 활용할 수 있다. 이 경우, 클라우드 스토리지 서비스는 조직 간의 공동 프로젝트 및 협업을 위한 공유 데이터 저장소 역할을 할 수 있다. 그러나, 클라우드 서비스를 이용하여 데이터를 아웃소싱할 때는 데이터 유출 위험이 있으며, 이는 개인정보 보호 문제로 이어질 수 있다. 이 문제를 간단히 해결하는 방법은 데이터를 전송하기 전에 암호화하는 것이다. 정수론과 혼돈 이론에 기반한 완전 암호화 알고리즘이 가장 안전하다고 알려져 있다. 이 방법은 데이터의 보안성을 보장하지만, 데이터를 처리하기 전에는 암호를 해독해야 한다. 이 방법은 일부 응용 시나리오에서는 적용 가능하지만, 의료 이미지나 감시 데이터, 재무 데이터 등 개인 정보에 민감한 데이터 처리의 경우 개인정보 보호 요구 사항을 만족시키기는 어렵다. 또한, 큰 데이터(특히 이미지 데이터)를 전송하면서 제한된 대역폭을 효과적으로 활용하기 위해 데이터 압축이 필요하다. 한편으로, 암호화 영역에서 계산을 가능하게 하는 PPDL 기술은 연산 비용, 통신 오버헤드 및 특수 설계 요구 사항 등으로 인해 데이터 유틸리티를 줄이고 DL 모델의 성능을 저하시킬 수 있다. 따라서, 데이터 전송과 저장, 그리고 연산에 대한 보안 요구를 모두 충족시킬 수 있는 개인정보 보호 기술은 매우 중요한 연구 주제라 할 수 있다. 본 연구에서는 먼저 압축 절약과 암호화 효율성 사이의 더 나은 균형을 찾기 위해 압축과 암호화 과정의 수행 순서를 조사하고, 이것이 다운스트림 애플리케이션의 성능에 어떠한 영향을 미치는지 측정하였다. 다음으로, JPEG 호환 지각 암호화 방법에 대한 자세한 분류 체계와 포괄적인 분석을 제시하였으며, 이는 암호화와 압축 효율성 측면에서 고려되었다. 본 연구에서는 암호화와 압축의 균형을 효과적으로 관리하기 위해 제안된 다양한 방법을 표준 프레임워크로 적용하여, 개인정보 보호 시스템의 요구 사항에 따라 적절한 기술을 선택하는 지침이 될 수 있도록 지표들을 제시하였다. 필요한 개인정보 보호(전송 및 계산 중), 압축 절약의 보존, 그리고 다운스트림 애플리케이션의 정확도 사이의 적절한 균형을 찾기 위해, 연구에서는 지각 암호화 방법의 한계를 극복하는 새로운 변환 함수를 제시하였다. 연구에서 제안하는 개인정보 보호 연산을 위한 종단간 시스템 파이프라인에서는, 압축 블록이 모델 정확도를 저하시킬 수 있는 특정 정보의 손실을 초래하였다. 이에 대응하기 위해, 연구에서는 훈련된 DL 모델의 성능에 압축 아티팩트의 영향을 완화하는 새로운 노이즈 기반 데이터 확대 기술을 제안하였으며, 제안된 방법의 유용성을 확인하기 위해 흉부 X-선 이미지에서의 개인정보 보호 얼굴 인식, 개인정보 보호 자연 이미지 분류, 그리고 개인정보 보호 COVID-19 감지 등 다양한 개인정보 보호 애플리케이션을 고려하였다. 시뮬레이션 결과로부터, 제안된 동시 이미지 암호화 및 압축 기법이 안전하고 효율적인 데이터 전송 및 저장을 가능하게 하며, 무손실 압축 절약을 유지하고, 데이터 대 심볼 매핑 함수를 통해 압축 절약을 평균 6%에서 15%까지 향상시킨다는 것을 확인하였다. 또한, 제안된 PE 기반 방식을 사용하면, 개인정보 보호 연산 영역에서 자연 이미지 분류 작업에 대한 DL 모델의 예측 정확도는 약 5% 감소하는 반면, 의료 이미지 분석에 대한 모델의 정확도와 민감도 점수는 약 3% 감소함을 확인하였다.

Privacy-Aware Data Analysis: Recent Developments for Statistics and Machine Learning

Lut, Yuliia Columbia University ProQuest Dissertations & These 2022 해외박사(DDOD)

Due to technological development, personal data has become more available to collect, store and analyze. Companies can collect detailed browsing behavior data, health-related data from smartphones and smartwatches, voice and movement recordings from smart home devices. Analysis of such data can bring numerous advantages to society and further development of science and technology. However, given an often sensitive nature of the collected data, people have become increasingly concerned about the data they share and how they interact with new technology. These concerns have motivated companies and public institutions to provide services and products with privacy guarantees. Therefore, many institutions and research communities have adopted the notion of differential privacy to address privacy concerns which has emerged as a powerful technique for enabling data analysis while preventing information leakage about individuals. In simple words, differential privacy allows us to use and analyze sensitive data while maintaining privacy guarantees for every individual data point. As a result, numerous algorithmic private tools have been developed for various applications. However, multiple open questions and research areas remain to be explored around differential privacy in machine learning, statistics, and data analysis, which the existing literature has not covered. In Chapter 1, we provide a brief discussion of the problems and the main contributions that are presented in this thesis. Additionally, we briefly recap the notion of differential privacy with some useful results and algorithms.In Chapter 2, we study the problem of differentially private change-point detection for unknown distributions. The change-point detection problem seeks to identify distributional changes in streams of data. Non-private tools for change-point detection have been widely applied in several settings. However, in certain applications, such as identifying disease outbreaks based on hospital records or IoT devices detecting home activity, the collected data is highly sensitive, which motivates the study of privacy-preserving tools. Much of the prior work on change-point detection---including the only private algorithms for this problem---requires complete knowledge of the pre-change and post-change distributions. However, this assumption is not realistic for many practical applications of interest. In this chapter, we present differentially private algorithms for solving the change-point problem when the data distributions are unknown to the analyst. Additionally, we study the case when data may be sampled from distributions that change smoothly over time rather than fixed pre-change and post-change distributions. Furthermore, our algorithms can be applied to detect changes in linear trends of such data streams. Finally, we also provide a computational study to empirically validate the performance of our algorithms.In Chapter 3, we study the problem of learning from imbalanced datasets, in which the classes are not equally represented, through the lens of differential privacy. A widely used method to address imbalanced data is resampling from the minority class instances. However, when confidential or sensitive attributes are present, data replication can lead to privacy leakage, disproportionally affecting the minority class. This challenge motivates the study of privacy-preserving pre-processing techniques for imbalanced learning. In this work, we present a differentially private synthetic minority oversampling technique (DP-SMOTE) which is based on a widely used non-private oversampling method known as SMOTE. Our algorithm generates differentially private synthetic data from the minority class. We demonstrate the impact of our pre-processing technique on the performance and privacy leakage of various classification methods in a detailed computational study.In Chapter 4, we focus on the analysis of sensitive data that is generated from online internet activity. Accurately analyzing and modeling online browsing behavior play a key role in understanding users and technology interactions. Towards this goal, in this chapter, we present an up-to-date measurement study of online browsing behavior. We study both self-reported and observational browsing data and analyze what underlying features can be learned from statistical analysis of this potentially sensitive data. For this, we empirically address the following questions: (1) Do structural patterns of browsing differ across demographic groups and types of web use?, (2) Do people have correct perceptions of their behavior online?, and (3) Do people change their browsing behavior if they are aware of being observed? In response to these questions, we found little difference across most demographic groups and website categories, suggesting that these features cannot be implied solely from clickstream data. We find that users significantly overestimate the time they spend online but have relatively accurate perceptions of how they spend their time online. We find no significant changes in behavior throughout the study, which may indicate that observation had no effect on behavior or that users were consciously aware of being observed throughout the study.

정보화시대의 개인정보 보호에 관한 연구

김태헌 韓南大學校 情報産業大學院 2006 국내석사

정보통신기술의 비약적인 발전은 인터넷 와 컴퓨터를 등장 시켰으며 컴퓨터의 등장은 업무의 자동화로 업무처리능력을 극대화 시키므로 써 산업발전에 큰 비중을 차지하였고, 인터넷은 전세계가 하나의 네트워크 망으로 연결되면서 엄청난 양의 정보를 효율적으로 검색 및 처리할 수 있게 되었다. 인터넷이나 컴퓨터 등으로 대변되는 정보통신기술(이른바 IT기술)의 발전은 각종 정보를 수집·저장하는 능력을 극대화 시켰을 뿐 아니라, 나아가 개인에 관한 완전한 정보로 가공하여 활용할 수 있는 기술적인 기반을 제공하였다. 이러한 정보통신기술의 발달은 정보화 사회로 진입하게 하였고 정보화 사회가 발전함에 따라 정보통신 기술을 기반으로 인터넷은 e-Biz 라는 산업을 빠르게 성장 시켰다. 또한 이로 인하여 컴퓨터에 의존하는 시간과 활동이 많아 졌으며, 국민의 의식 수준과 생활양식 까지 변화 시켰다. 정보화의 양적인 팽창이 사회 전반에 걸쳐 변화를 주었고 인터넷의 양적인 팽창은 정보자원에 대한 침입가능성을 증대 시켰으며, 사이버공간을 통한 인권 침해 및 해킹, 온라인 사기 등 사이버 범죄가 급증하면서 새로운 사회 문제가 제기 되고 있다. 정보화로 인한 자료의 전산화 및 인터넷 이용이 개인생활과 사회생활의 일상으로 정착 되었고, 정보의 흐름이 가속화되고 대량화 되면서 특히 민간부문에서의 개인정보의 불법이용과 유통이 날로 증가하는 추세에서 오늘날에는 개인 정보에 대한 침해대책이 시급한 상황이다. 또한 네트워크를 통한 개인정보의 거래기회 확대와 활동 범위의 확대는 개인정보의 노출을 더욱 부추기고 있는 실정이다. 이로 인하여, 유통되는 개인 정보를 이용하여 범죄에 이용하는 사례가 점점 빈도수를 더하고 있어 소비자의 불안감을 더욱 가중시키고 있다. 따라서 우리는 충분한 대책을 수립하지 않으면 정보가 국가 경쟁력으로 탈바꿈된 정보화된 경쟁사회에서 불리한 위치에 설수밖에 없다. 즉 정보화의의 순기능을 향상시키고 개인정보의 남용 및 침해라는 사이버 범죄의 역기능을 사전에 억제하고 제거할 수 있는 체계적인 개인정보 보호 대책이 절실히 요구 되고 있다. 정보화의 진전에 따라 정보보호 업무가 기업 경영과 국민생활 전반에 걸쳐 필수적인 요소라는 인식이 확산되고 있다. 이처럼 본 논문에서 개인정보 보호의 중요성에 관한 법 제도적 현황과 침해사례, 문제점 와 그 해결방안을 도출하여 보았다. 첫째 개인정보 보호에 관한 인식 및 윤리의식 개선방안 둘째 개인정보 보호를 고려한 침해방지 대응기술 셋째 개인정보 보호에 법적 문제점 대책 안 등, 앞으로는 기술의 발달로 인해 개인정보 보호의 양상도 법, 제도적인 규제만으로는 해결할 수 없을 정도로 복잡해질 것이며 개인정보를 보호하기 위한 기술적 수단도 실제 이용자 중심으로 변화 될것 이다. 개인정보의 경제적 가치, 각 개인에 대한 인증제도, 정보보호를 위한 기술개발 등 다양한 분야 걸쳐 국내 실정에 맞는 개인정보 보호에 많은 연구와 개인정보에 대한 인식의 변화를 통해 새로운 환경에 적응할 필요가 있을 것이다. The rapid progress in information and communication technologies was led to the Internet and computer, the emergence of computer maximized the ability of conducting business and placed a great deal of weight on various industries, and due to the internet, the world was connected via one network and we came to be able to search and process a huge amount of information. The advance of the information and communication technologies, (so called IT) which are represented by the internet or computer, not only maximized the ability of collecting and storing information, but also provided the technological foundation for enabling us to process it into the complete one regarding an individual and utilize it. This development in information and communication technologies brought about the entry into the informationalized society, and the development of the informationalization helped the e-Biz, which is based on the Internet, grow rapidly. Due to this, the amount of time and the range of activities are increasingly depending on computer and even changed people’s level of consciousness and way of living. The quantitative expansion of informationalization brought about changes to the society in general, the quantitative growth of the Internet increased the possibility of invasion of informational resources, and consequently, cyber crimes such as violation of human rights, hacking, and on-line frauds have increased sharply and this caused various social problems. The computerization and the use of the Internet due to informationalzation took root in people’s individual and social lives. As the stream of information was accelerated and flowed in bulk, illegal use and distribution of personal information, particularly in private sector, is on the constant increase, so it is urgent to prepare policies against violation of privacy. Besides, the expansion of the opportunity of exchange personal information and range of activities is inciting the exposure of such information. Consequently, the incidence of crimes concerning personal information distributed through network is on the increase and this increasing consumers’anxiety. Therefore, it is unavoidable for us to be in a disadvantageous position where information became national competitiveness unless we take necessary measures to meet the situation. That is, systematic privacy protection measures are acutely required in order to improve the right functions of informationalization, and prevent and get rid of reverse functions like cyber crimes including abuses and violations of personal information in advance. As the informationalization progresses, the awareness that the tasks related to privacy protection are essential to the management of corporations and the people at large is being spread throughout the society. Thus, the present paper attempted to draw the legal and institutional situation concerning the importance of privacy policy, violation cases, related problems and solutions. Firstly, plans for heightening awareness and ethical consciousness regarding privacy policies Secondly, countermeasure against violation considering privacy protection Third, countermeasures for dealing with legal problems concerning privacy polices, etc. The aspects of privacy polices will be getting so complicated that they can’t be solved only via legal and institutional regulations, and technological means to protect privacy will be changed into the real-user-centered direction. It is required that more research on privacy polices suitable for the actual circumstances of the country over the various fields such as economic value of personal information, authentication system for individuals and development of information protection technologies should be conducted and the adaptation to the new environment should be made through the change in awareness.

Privacy Preserving Machine Learning under Differential Privacy

Kijung Jung 고려대학교 대학원 2024 국내박사

In the modern era, large amounts of various data are generated and utilized. In particular, the proliferation of smart devices is generating a large amount of personal data. If personal data is utilized as it is, privacy may be breached. Therefore, it is necessary to take appropriate privacy protection measures in the process of collecting and utilizing data. Differential privacy is one of the strongest privacy models that guarantees statistical guarantee. Differential privacy and its variants, such as local differential privacy and Renyi differential privacy, are widely used to protect privacy. In the past, data were analyzed and utilized directly. However, as machine learning has shown excellent performance in various fields recently, the data are often utilized as training data for machine learning. In this thesis, we propose three privacy preserving machine learning methods that apply differential privacy and its variants when utilizing personal data for machine learning. First, we propose a method for collecting and analyzing time series location data that satisfies local differential privacy. In the data collection process, we represent an individual's location as an array of bits, and then modulate the bits in each array using Randomized Response. In the data analysis process, the Hidden Markov Model is used to analyze the collected data by the collection process. This technique has the advantage of enabling spatio-temporal correlation analysis compared to existing local differential privacy-based location analysis techniques. Next, we propose a novel activation function for deep learning that satisfies differential privacy. To apply differential privacy to deep learning, we need to limit the maximum norm size of the gradients. Using bounded functions such as $tanh$ or sigmoid as an activation function can limit the size of the gradient. However, the performance may be worse than utilizing other functions such as ReLU and its variants. The proposed activation function, Bounded Exponential Linear Unit (BELU) is a bounded activation function that performs better than ReLU in the differentailly private deep learning. Finally, we propose a framework for local-differentially private federated learning. Federated learning is an applicable approach for training machine learning models with distributed data. To apply local differential privacy in federated learning, we need to consider the limited resources of mobile clients and the asynchroncity of federated learning. In the thesis, we propose a framework, LAFD: Local-differentially Private and Asynchronous Federated Learning with Direct Feedback Alignment, that considers the above issues. LAFD consists of two parts: (a) LFL-DFALS: Local-differentially private Federated Learning with Direct Feedback Alignment and Layer Sampling and (b) AFL-LMTGR: Asynchronous Federated Learning with Local Model Training and Gradient Rebalancing. LFL-DFALS can effectively save communication and computation costs through direct feedback alignment and layer sampling, and AFL-LMTGR can solve the straggler problem through local model training and gradient rebalancing. To demonstrate the performance of the proposed methods in each chapter, we compare the performance of the proposed methods with those of the existing methods. 현대 시대는 다양한 데이터가 생성되고 이를 활용하고 있다. 특히, 스마트 기기의 보급에 따라 대량의 개인 데이터가 생성되고 있다. 개인의 데이터를 그대로 활용할 경우 프라이버시 침해가 발생할 수 있다. 이에 따라 데이터를 수집하고 활용하는 과정에서 적절한 프라이버시 보호 조치가 필요하다. 차분 프라이버시는 통계적으로 안전함을 보장하는 가장 강력한 프라이버시 모델 중 하나로 차분 프라이버시와 지역 차분 프라이버시 등의 변형이 프라이버시 보호를 위해 널리 사용되고 있다. 과거에는 데이터를 직접 분석 및 활용했지만 최근에는 기계 학습이 다양한 분야에서 뛰어난 성능을 보이고 있기 때문에 데이터를 기계 학습의 학습 데이터로 이용하는 경우가 많다. 기계 학습 과정에서 개인의 민감한 정보가 학습 데이터로 활용될 수 있기 때문에 프라이버시 보호 조치가 필요하다. 본 논문에서는 기계 학습에 개인의 데이터를 활용할 때 차분 프라이버시 및 그의 변형을 적용한 프라이버시 보호 기계 학습 방법을 제안한다. 첫 번째로 지역 차분 프라이버시를 만족하는 시계열 위치 데이터의 수집 및 분석 방법을 제안한다. 데이터 수집 과정에서는 개인의 위치를 비트 배열로 표현한 후, 각 배열의 비트를 확률 기반 응답을 이용하여 지역 차분 프라이버시를 만족하도록 변조한다. 데이터 분석 과정에서는 은닉 마르코프 모델을 이용하여 분석을 진행한다. 제안 기법은 기존의 지역 차분 프라이버시 기반 위치 분석 기법 대비 위치 분포 분석에서 더 높은 정확도를 보이며, 시공간 상관 관계 분석이 가능하다. 다음으로, 차분 프라이버시를 만족하는 딥러닝에 적합한 활성화 함수를 제안한다. 딥러닝에 차분 프라이버시를 적용하려면 그래디언트의 최대 크기를 제한해야 한다. 이 때 활성화 함수로 tanh나 시그모이드와 같은 최댓값과 최솟값이 정해진 함수를 이용하면 그래디언트의 크기를 제한할 수 있지만 학습 성능이 ReLU와 같은 함수에 비해 떨어지는 문제가 있다. 본 논문에서 제안하는 활성화 함수 Bounded Exponential Linear Unit(BELU)는 활성화 함수의 최댓값과 최솟값을 제한하여 인위적으로 그래디언트의 크기를 제한하지 않아도 되며, 기존 활성화 함수를 이용했을 때보다 뛰어난 학습 성능을 보인다. 마지막으로, 지역 차분 프라이버시를 만족하는 연합 학습 프레임워크를 제안한다. 연합 학습은 학습 데이터가 여러 기기에 분산되어 있을 때 적합한 기계 학습 모델이다. 연합 학습에 지역 차분 프라이버시를 적용하기 위해서 모바일 기기 사용자의 제한된 자원과 여러 학습 결과의 비동기적 수집을 고려해야 한다. 본 논문은 위 문제를 고려한 지역 차분 프라이버시를 만족하는 연합 학습 프레임워크를 제안한다. 프레임워크는 지역 차분 프라이버시 적용과 효율적으로 자원을 사용하는 연합 학습 방법과 지역 차분 프라이버시에 적합한 비동기 연합 학습 방법으로 구성된다. 첫 번째 구성 요소는 다이렉트 피드백 얼라인먼트와 레이어 샘플링을 이용하여 클라이언트의 학습을 진행한다. 이를 통하여 클라이언트의 통신 및 연산 비용을 효과적으로 절약할 수 있다. 두 번째 구성요소는 클라이언트 모델 학습과 그래디언트 리밸런싱을 통해 비동기 연합 학습을 진행한다. 해당 요소를 적용하여 지역 차분 프라이버시에 적합한 비동기 연합 학습이 가능하며, 클라이언트 모델 학습 과정에서 발생하는 서버 모델과의 오차를 그래디언트 리밸런싱을 통해 최소화하여 학습 성능을 향상시킨다.

Efficient and privacy preserving k-Nearest neighbor classification in outsourced environment

박정수 Graduate School of Information security, Korea Uni 2020 국내박사

Cloud services with powerful resources are popularly used to manage exponentially increasing data and to carry out data mining to analyze the data. However, data mining in a cloud environment can cause privacy problems by disclosing both data and query. As for techniques to protect privacy, there are two: secure multiparty computation (SMC) and homomorphic encryption. Classification as one task in data mining is used in a wide range of applications and we focus on k-nearest neighbor (kNN) to realize classification. Although several studies have already attempted to address the privacy problems associated with kNN, the results of these studies are inefficient. In addition, as existing SMC protocols are unsuitable for devices with constraint computing power, we focus on SMC protocol consisting of simple operations. In this thesis, we put forward new constructions for privacy-preserving kNN (PPkNN) classification and SMC protocols as follows. - Firstly, we propose PPkNN classification protocol based on SMC which provides privacy of data, query, kNN result and data access patterns during protocol. As a building block of our PPkNN, we propose privacy-preserving and efficient protocol to find k data with the largest value (top-k data), which is denoted by PE-FTK. PE-FTK reduces the average running time by 35% compared to that of a previous work. Moreover, the result of the previous work is probabilistic, i.e., the result can contain some error, while the result of PE-FTK is deterministic, i.e., the result is correct without any error probability. - Secondly, we propose very efficient PPkNN classification protocol based ion homomorphic encryption in dual non-colluding cloud server environment. When conducting experiments with the same dataset, the most efficient PPkNN classification proposed in prior study took 12.02 to 55.5 minutes but our PPkNN classification took 4.16 minutes. Furthermore, since our PPkNN classification allows to be carried out in parallel for each data, its performance can be improved extremely if it is carried out on machine to allow more parallel operations. Our PPkNN classification also protects the privacy of dataset, input query, kNN result, and data access patterns, where we prove its security formally. In order to construct efficient PPkNN classification protocol, we improve PE-FTK and propose protocols that privately find k largest or smallest elements in array, which are denoted by SkLE/SkSE. - Lastly, we propose generic SMC protocol for any number of parties, which only consists of very simple operations such as multiplication and addition without cryptographic operations. Our SMC protocol is information-theoretically secure in the presence of semi-honest adversary and in honest majority setting. We prove its security by simulation paradigm.

Community Privacy using the Sparse Vector Technique for Graph Statistics

Hara Seon 고려대학교 정보보호대학원 2023 국내석사

Various attacks have occurred to extract information on a specific person from social networks. Differential privacy (DP) is one of the solutions for privacy disclosure issues. However, the privacy issue in social networks makes people reluctant to provide their data. This circumstance causes a lack of data for data analysis. DP in small data degrades data utility more than in big data when we add the same amount of noise. We propose Community Attributes Privacy-preserving Method (CAPM) using the sparse vector technique that maintains a constant privacy level even in small data to mitigate this issue in this paper. CAPM obfuscates raw graph data to protect the network structure in a small network. This technique can improve the data utility performance compared to the existing model. We also suggest a privacy parameter that sets the privacy budget based on the similarity of communities in a network to reflect the network topology and contribute to raising the accuracy of a synthetic graph. In a node privacy view, we inject noise into the edges of central nodes in a community. Finally, we evaluate CAPM with real networks regarding statistical utility and privacy protection. We show that CAPM has an error rate of the number of edges up to 20 percent and its structural entropy is less than 17 percent of the error rate on average. CAPM improves the average clustering coefficient by 82 percent from the recent modeling algorithm. In addition, a maximum 18 percent error rate in modularity outperforms the baseline whose 43 percent of error rate. The evaluation results show that the CAPM generates synthetic social graphs targeting their relations of communities and performs better in data utility.

Privacy-preserving data streaming, collection, and analysis

김수형 Korea University 2017 국내박사

Data privacy facilitates the release and utilization of personal data without concerns of privacy breaches. To preserve privacy, personal data should be anonymized appropriately with consideration for the types of privacy problems. In this thesis, we address three main topics for different types of privacy problems: privacy-preserving data streaming, collection, and analysis. First, we focus on privacy-preserving data streaming. We propose a delay-free anonymization framework to preserve privacy of data streams in real time. The framework immediately releases record streams with the guarantee of privacy preservation. We further devise a method called late validation for increasing the data utility of the anonymization results. Second, we deal with the personal data collection issue between a data collector and distributed data holders. We present a general-purpose protocol for privacy-preserving data collection. Our two-phase protocol conveys personal data to a data collector while anonymizing the data without trusted third-parties. We also devise a heuristic for efficiently managing the dynamic data holders. Finally, we evaluate privacy-preserving data cubes for the analysis of microdata. We organize different types of privacy-preserving data cubes from different anonymization methods, and perform comparative analyses by measuring data size, cell overlap, and information loss of the data cubes.

프라이버시 보존형 인공지능 기술 연구

박철희 공주대학교 일반대학원 2021 국내박사

With the rapid development of networking and computing technologies, the amount of data accumulated online is exploding. These data have enormous potential value that cannot be measured, and countries and companies are creating valuable results through big data analysis. Accordingly, data analysis technologies are rapidly evolving and are emerging as core technologies. Among them, artificial intelligence technology shows remarkable performance in various fields such as face recognition, recommendation service, and classification, and is widely applied in real life. However, concerns about privacy that can arise when analyzing data are becoming a fatal problem. Moreover, as privacy violation attacks against artificial intelligence models are proposed recently, concerns about privacy are growing. In this paper, we analyze privacy invasion attacks against artificial intelligence models and study countermeasures. In particular, we analyze actual privacy threats, and study differential privacy to preserve privacy. First, we study how to apply differential privacy to tree-structured machine learning model, and analyze the attack resistance against the attribute inference attack(model inversion attack). Second, we analyze differentially private stochastic gradient descent algorithm to satisfy differential privacy for neural network-based models, and analyze its resistance against the model inversion attack. Third, we generate synthetic data that satisfies differential privacy through differentially private generative adversarial network(GAN) models, and analyze the degree of privacy preservation against the membership inference attack. Additionally, for each AI model and privacy invasion attack, we analyze the trade-off between the degree of privacy preservation and the utility of the models in order to set an appropriate privacy parameter.