Results 1  10
of
67
Privacy Preserving Association Rule Mining in Vertically Partitioned Data
 In The Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining
, 2002
"... Privacy considerations often constrain data mining projects. This paper addresses the problem of association rule mining where transactions are distributed across sources. Each site holds some attributes of each transaction, and the sites wish to collaborate to identify globally valid association ru ..."
Abstract

Cited by 295 (21 self)
 Add to MetaCart
Privacy considerations often constrain data mining projects. This paper addresses the problem of association rule mining where transactions are distributed across sources. Each site holds some attributes of each transaction, and the sites wish to collaborate to identify globally valid association rules. However, the sites must not reveal individual transaction data. We present a twoparty algorithm for efficiently discovering frequent itemsets with minimum support levels, without either site revealing individual transaction values.
Building Decision Tree Classifier on Private Data
 IN PROCEEDINGS OF THE IEEE INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY AND DATA MINING
, 2002
"... This paper studies how to build a decision tree classifier under the following scenario: a database is vertically partitioned into two pieces, with one piece owned by Alice and the other piece owned by Bob. Alice and Bob want to build a decision tree classifier based on such a database, but due to t ..."
Abstract

Cited by 136 (5 self)
 Add to MetaCart
(Show Context)
This paper studies how to build a decision tree classifier under the following scenario: a database is vertically partitioned into two pieces, with one piece owned by Alice and the other piece owned by Bob. Alice and Bob want to build a decision tree classifier based on such a database, but due to the privacy constraints, neither of them wants to disclose their private pieces to the other party or to any third party. We present a protocol that allows Alice and Bob to conduct such a classifier building without having to compromise their privacy. Our protocol uses an untrusted thirdparty server, and is built upon a useful building block, the scalar product protocol. Our solution to the scalar product protocol is more efficient than any existing solutions.
Random projectionbased multiplicative data perturbation for privacy preserving distributed data mining
 IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING
, 2006
"... This paper explores the possibility of using multiplicative random projection matrices for privacy preserving distributed data mining. It specifically considers the problem of computing statistical aggregates like the inner product matrix, correlation coefficient matrix, and Euclidean distance matri ..."
Abstract

Cited by 94 (6 self)
 Add to MetaCart
(Show Context)
This paper explores the possibility of using multiplicative random projection matrices for privacy preserving distributed data mining. It specifically considers the problem of computing statistical aggregates like the inner product matrix, correlation coefficient matrix, and Euclidean distance matrix from distributed privacy sensitive data possibly owned by multiple parties. This class of problems is directly related to many other datamining problems such as clustering, principal component analysis, and classification. This paper makes primary contributions on two different grounds. First, it explores Independent Component Analysis as a possible tool for breaching privacy in deterministic multiplicative perturbationbased models such as random orthogonal transformation and random rotation. Then, it proposes an approximate random projectionbased technique to improve the level of privacy protection while still preserving certain statistical characteristics of the data. The paper presents extensive theoretical analysis and experimental results. Experiments demonstrate that the proposed technique is effective and can be successfully used for different types of privacypreserving data mining applications.
PrivacyPreserving Multivariate Statistical Analysis: Linear Regression and Classification
 In Proceedings of the 4th SIAM International Conference on Data Mining
, 2004
"... analysis technique that has found applications in various areas. In this paper, we study some multivariate statistical analysis methods in Secure 2party Computation (S2C) framework illustrated by the following scenario: two parties, each having a secret data set, want to conduct the statistical ana ..."
Abstract

Cited by 89 (1 self)
 Add to MetaCart
(Show Context)
analysis technique that has found applications in various areas. In this paper, we study some multivariate statistical analysis methods in Secure 2party Computation (S2C) framework illustrated by the following scenario: two parties, each having a secret data set, want to conduct the statistical analysis on their joint data, but neither party is willing to disclose its private data to the other party or any third party. The current statistical analysis techniques cannot be used directly to support this kind of computation because they require all parties to send the necessary data to a central place. In this paper, We define two Secure 2party multivariate statistical analysis problems: Secure 2party Multivariate Linear Regression problem and Secure 2party Multivariate Classification problem. We have developed a practical security model, based on which we have developed a number of building blocks for solving these two problems.
Location privacy via private proximity testing
 In NDSS
, 2011
"... We study privacypreserving tests for proximity: Alice can test if she is close to Bob without either party revealing any other information about their location. We describe several secure protocols that support private proximity testing at various levels of granularity. We study the use of “locatio ..."
Abstract

Cited by 53 (1 self)
 Add to MetaCart
(Show Context)
We study privacypreserving tests for proximity: Alice can test if she is close to Bob without either party revealing any other information about their location. We describe several secure protocols that support private proximity testing at various levels of granularity. We study the use of “location tags ” generated from the physical environment in order to strengthen the security of proximity testing. We implemented our system on the Android platform and report on its effectiveness. Our system uses a social network (Facebook) to manage user public keys. 1
A Practical Approach to Solve Secure MultiParty Computation Problems
 IN NEW SECURITY PARADIGMS WORKSHOP
, 2002
"... Secure Multiparty Computation (SMC) problems deal with the following situation: Two (or many) parties want to jointly perform a computation. Each party needs to contribute its private input to this computation, but no party should disclose its private inputs to the other parties, or to any third pa ..."
Abstract

Cited by 43 (1 self)
 Add to MetaCart
(Show Context)
Secure Multiparty Computation (SMC) problems deal with the following situation: Two (or many) parties want to jointly perform a computation. Each party needs to contribute its private input to this computation, but no party should disclose its private inputs to the other parties, or to any third party. With the proliferation of the Internet, SMC problems becomes more and more important. So far no practical solution has emerged, largely because SMC studies have been focusing on zero information disclosure, an ideal security model that is expensive to achieve. Aiming at developing practical solutions to SMC problems, we propose a new paradigm, in which we use an acceptable security model that allows partial information disclosure. Our conjecture is that by lowering the restriction on the security, we can achieve a much better performance. The paradigm is motivated by the observation that in practice people do accept a less secure but much more efficient solution because sometimes disclosing information about their private data to certain degree is a risk that many people would rather take if the performance gain is so significant. Moreover, in our paradigm, the security is adjustable, such that users can adjust the level of security based on their definition of the acceptable security. We have developed a number of techniques under this new paradigm, and are currently conducting extensive studies based on this new paradigm.
PRIVATE COLLABORATIVE FORECASTING AND BENCHMARKING
, 2004
"... Suppose a number of hospitals in a geographic area want to learn how their own heartsurgery unit is doing compared with the others in terms of mortality rates, subsequent complications, or any other quality metric. Similarly, a number of small businesses might want to use their recent pointofsale ..."
Abstract

Cited by 41 (0 self)
 Add to MetaCart
Suppose a number of hospitals in a geographic area want to learn how their own heartsurgery unit is doing compared with the others in terms of mortality rates, subsequent complications, or any other quality metric. Similarly, a number of small businesses might want to use their recent pointofsales data to cooperatively forecast future demand and thus make more informed decisions about inventory, capacity, employment, etc. These are simple examples of cooperative benchmarking and (respectively) forecasting that would benefit all participants as well as the public at large, as they would make it possible for participants to avail themselves of more precise and reliable data collected from many sources, to assess their own local performance in comparison to global trends, and to avoid many of the inefficiencies that currently arise because of having less information available for their decisionmaking. And yet, in spite of all these advantages, cooperative benchmarking and forecasting typically do not take place, because of the participants’ unwillingness to share their information with others. Their reluctance to share is quite rational, and is due to fears of embarrassment, lawsuits, weakening their negotiating position (e.g., in case of overcapacity), revealing corporate performance and strategies, etc. The
Blind Vision
 Proc. of the 9 th European Conf. on Computer Vision
, 2006
"... Alice would like to detect faces in a collection of sensitive surveillance images she own. Bob has a face detection algorithm that he is willing to let Alice use, for a fee, as long as she learns nothing about his detector. Alice is willing to use Bob´s detector provided that he will learn nothing a ..."
Abstract

Cited by 23 (1 self)
 Add to MetaCart
(Show Context)
Alice would like to detect faces in a collection of sensitive surveillance images she own. Bob has a face detection algorithm that he is willing to let Alice use, for a fee, as long as she learns nothing about his detector. Alice is willing to use Bob´s detector provided that he will learn nothing about her images, not even the result of the face detection operation. Blind vision is about applying secure multiparty techniques to vision algorithms so that Bob will learn nothing about the images he operates on, not even the result of his own operation and Alice will learn nothing about the detector. The proliferation of surveillance cameras raises privacy concerns that can be addressed by secure multiparty techniques and their adaptation to vision algorithms.
Privacypreserving computation of Bayesian networks on vertically partitioned data
 IEEE Transactions on Data Knowledge Engineering
"... Abstract—Traditionally, many data mining techniques have been designed in the centralized model in which all data is collected and available in one central site. However, as more and more activities are carried out using computers and computer networks, the amount of potentially sensitive data store ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
(Show Context)
Abstract—Traditionally, many data mining techniques have been designed in the centralized model in which all data is collected and available in one central site. However, as more and more activities are carried out using computers and computer networks, the amount of potentially sensitive data stored by business, governments, and other parties increases. Different parties often wish to benefit from cooperative use of their data, but privacy regulations and other privacy concerns may prevent the parties from sharing their data. Privacypreserving data mining provides a solution by creating distributed data mining algorithms in which the underlying data need not be revealed. In this paper, we present privacypreserving protocols for a particular data mining task: learning a Bayesian network from a database vertically partitioned among two parties. In this setting, two parties owning confidential databases wish to learn the Bayesian network on the combination of their databases without revealing anything else about their data to each other. We present an efficient and privacypreserving protocol to construct a Bayesian network on the parties ’ joint data. Index Terms—Data privacy, Bayesian networks, privacypreserving data mining. 1
More efficient secure function evaluation using tiny trusted third parties
 Dartmouth College, Computer Science
, 2005
"... We investigate the use of trustworthy devices, which function as trusted third parties (TTPs), to solve general twoparty Secure Function Evaluation (SFE) problems. We assume that a really trustworthy TTP device will have very limited protected memory and computation environment—a tiny TTP. This pre ..."
Abstract

Cited by 14 (4 self)
 Add to MetaCart
(Show Context)
We investigate the use of trustworthy devices, which function as trusted third parties (TTPs), to solve general twoparty Secure Function Evaluation (SFE) problems. We assume that a really trustworthy TTP device will have very limited protected memory and computation environment—a tiny TTP. This precludes trivial solutions like "just run the function in the TTP". Traditional scrambled circuit evaluation approaches to SFE have a very high overhead in using indirectlyaddressed arrays—every array access’s cost is linear in the array size. The main gain in our approach is that array access can be provided with much smaller overhead— O ( √ N log N). This expands the horizon of problems which can be efficiently solved using SFE. Additionally, our technique provides a simple way to deploy arbitrary programs on tiny TTPs. In our prototype, we use a larger (and expensive) device, the IBM 4758 secure coprocessor, but we also speculate on the design of future tiny devices that could greatly improve the current prototype’s efficiency by being optimized for the operations prevalent in our algorithms. We have prototyped a compiler for the secure function definition language (SFDL) developed in the Fairplay project. Our compiler produces an arithmetic circuit, augmented with array access gates which provide more efficient secure access to arrays. We then have a circuit interpreter in the 4758 to evaluate such a circuit on given inputs. It does this gate by gate, requiring very little protected space. We report on the performance of this prototype, which confirms our approach’s strength in handling indirectlyaddressed arrays. 1