• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.924-926
• /
• 2021

AI (Artificial Intelligence) is being utilized in various fields and services to give convenience to human life. Unfortunately, there are many security vulnerabilities in today's ML (Machine Learning) systems, causing various privacy concerns as some AI models need individuals' private data to train them. Such concerns lead to the interest in ML systems which can preserve the privacy of individuals' data. This paper introduces the latest research on various attacks that infringe data privacy and the corresponding defense techniques.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.3
• /
• pp.47-57
• /
• 2013

Location privacy has been a serious concern for mobile users who use location-based services to acquire geographical location continuously. Spatial cloaking technique is a well-known privacy preserving method, which blurs an exact user location into a cloaked area to meet privacy requirements. However, cloaking for continuous moving object suffers from cloaked area size problem as it is unlikely for all objects travel in the same direction. In this paper, we propose a grid-based privacy preservation method with an improved Earth Mover's Distance(EMD) metric weight update scheme for semantic cloaking. We also define a representative cloaking area which protects continuous location privacy for moving users. Experimental implementation and evaluation exhibit that our proposed method renders good efficiency and scalability in cloaking processing time and area size control. We also show that our proposed method outperforms the existing method by successfully protects location privacy of continuous moving objects against various adversaries.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.2
• /
• pp.173-180
• /
• 2010

The research of the preserving privacy of sensitive information has been popular recently. Many researches about the techniques of generalizing records under k-anonymity rules have been done. Considering that data anonymity requires a lot of time and resources, it would be important to decide whether a table is vulnerable to privacy attacks before being opened in terms of the improvement of data utilization as well as the privacy protection. It is also important to check to which attack the table is vulnerable and which of anonymity methods should be applied in the table. This paper describe two possible privacy attacks based upon related references. Also, we suggest the technique to check whether data table is vulnerable to any attack of them and describe what kind of anonymity methods should be done in the table. The technique we suggest in this paper can also be applied for checking the safety of anonymity tables in which insert or delete operations occurred as well from privacy attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.10
• /
• pp.3438-3457
• /
• 2022

As location-based services (LBS) are widely used in vehicular ad-hoc networks (VANETs), location privacy has become an utmost concern. Spatial cloaking is a popular location privacy protection approach, which uses a cloaking area containing k-1 collaborative vehicles (CVs) to replace the real location of the requested vehicle (RV). However, all CVs are assumed as honest in k-anonymity, and thus giving opportunities for dishonest CVs to submit false location information during the cloaking area construction. Attackers could exploit dishonest CVs' false location information to speculate the real location of RV. To suppress this threat, an edge-assisted Trusted Collaborative Anonymity construction scheme called TCA is proposed with trust mechanism. From the design idea of trusted observations within variable radius r, the trust value is not only utilized to select honest CVs to construct a cloaking area by restricting r's search range but also used to verify false location information from dishonest CVs. In order to obtain the variable radius r of searching CVs, a multiple linear regression model is established based on the privacy level and service quality of RV. By using the above approaches, the trust relationship among vehicles can be predicted, and the most suitable CVs can be selected according to RV's preference, so as to construct the trusted cloaking area. Moreover, to deal with the massive trust value calculation brought by large quantities of LBS requests, edge computing is employed during the trust evaluation. The performance analysis indicates that the malicious response of TCA is only 22% of the collaborative anonymity construction scheme without trust mechanism, and the location privacy leakage is about 32% of the traditional Enhanced Location Privacy Preserving (ELPP) scheme.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.5
• /
• pp.93-100
• /
• 2024

With the advent of the Fourth Industrial Revolution, cutting-edge technologies such as artificial intelligence, big data, the Internet of Things, and cloud computing are driving innovation across industries. These technologies are generating massive amounts of data that many companies are leveraging. However, there is a notable reluctance among users to share sensitive information due to the privacy risks associated with collecting personal data. This is particularly evident in the healthcare sector, where the collection of sensitive information such as patients' medical conditions poses significant challenges, with privacy concerns hindering data collection and analysis. This research presents a novel technique for collecting and analyzing medical data that not only preserves privacy, but also effectively extracts statistical information. This method goes beyond basic data collection by incorporating a strategy to efficiently mine statistical data while maintaining privacy. Performance evaluations using real-world data have shown that the propose technique outperforms existing methods in extracting meaningful statistical insights.

• Journal of the Korea Society of Computer and Information
• /
• v.26 no.4
• /
• pp.1-9
• /
• 2021

In this paper, we propose a training algorithm of support vector machine (SVM) with a sensitive variable. Although machine learning models enable automatic decision making in the real world applications, regulations prohibit sensitive information from being used to protect privacy. In particular, the privacy protection of the legally protected attributes such as race, gender, and disability is compulsory. We present an efficient least square SVM (LSSVM) training algorithm using a fully homomorphic encryption (FHE) to protect a partial sensitive attribute. Our framework posits that data owner has both non-sensitive attributes and a sensitive attribute while machine learning service provider (MLSP) can get non-sensitive attributes and an encrypted sensitive attribute. As a result, data owner can obtain the encrypted model parameters without exposing their sensitive information to MLSP. In the inference phase, both non-sensitive attributes and a sensitive attribute are encrypted, and all computations should be conducted on encrypted domain. Through the experiments on real data, we identify that our proposed method enables to implement privacy-preserving sensitive LSSVM with FHE that has comparable performance with the original LSSVM algorithm. In addition, we demonstrate that the efficient sensitive LSSVM with FHE significantly improves the computational cost with a small degradation of performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.139-149
• /
• 2008

The amount of personal information collected by organizations and government agencies is continuously increasing. When a data collector publishes personal information for research and other purposes, individuals' sensitive information should not be revealed. On the other hand, published data is also required to provide accurate statistical information for analysis. k-Anonymity and ${\iota}$-diversity models are popular approaches for privacy preserving data publication. However, they are limited to static data release. After a dataset is updated with insertions and deletions, a data collector cannot safely release up-to-date information. Recently, the m-invariance model has been proposed to support re-publication of dynamic datasets. However, the m-invariant generalization can cause high information loss. In addition, if the adversary already obtained sensitive values of some individuals before accessing released information, the m-invariance leads to severe privacy disclosure. In this paper, we propose a novel technique for safely releasing dynamic datasets. The proposed technique offers a simple and effective method for handling inserted and deleted records without generalization. It also gives equivalent degree of privacy preservation to the m-invariance model.

• Journal of Digital Contents Society
• /
• v.18 no.8
• /
• pp.1671-1676
• /
• 2017

In theses days, data has been explosively generated in diverse industrial areas. Accordingly, many industries want to collect and analyze these data to improve their products or services. However, collecting user data can lead to significant personal information leakage. Local differential privacy (LDP) proposed by Google is the state-of-the-art approach that is used to protect individual privacy in the process of data collection. LDP guarantees that the privacy of the user is protected by perturbing the original data at the user's side, but a data collector is still able to obtain population statistics from collected user data. However, the prevention of leakage of personal information through such data perturbation mechanism may cause the significant reduction in the data utilization. Therefore, the degree of data perturbation in LDP should be set properly depending on the data collection and analysis purposes. Thus, in this paper, we develop the simulation tool which aims to help the data collector to properly chose the degree of data perturbation in LDP by providing her/him visualized simulated results with various parameter configurations.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.6
• /
• pp.1519-1534
• /
• 2017

Data de-identification is the one of the technique that preserves individual data privacy and provides useful information of data to the analyst. However, original de-identification techniques like k-anonymity have vulnerabilities to background knowledge attacks. On the contrary, differential privacy has a lot of researches and studies within several years because it has both strong privacy preserving and useful utility. In this paper, we analyze various models based on differential privacy and formalize a differentially private model on financial data. As a result, we can formalize a differentially private model on financial data and show that it has both security guarantees and good usefulness.

• Journal of the Korea Society of Computer and Information
• /
• v.29 no.6
• /
• pp.69-76
• /
• 2024

Recent advances in sensor and mobile technologies have made it possible to collect user location data. This location information is used as a valuable asset in various industries, resulting in increased demand for location data collection and sharing. However, because location data contains sensitive user information, indiscriminate collection can lead to privacy issues. Recently, geo-indistinguishability (Geo-I), a method of differential privacy, has been widely used to protect the privacy of location data. While Geo-I is powerful in effectively protecting users' locations, it poses a problem because the utility of the collected location data decreases due to data perturbation. Therefore, this paper proposes a method using Geo-I technology to effectively collect user location data while maintaining its data utility. The proposed method utilizes the prior distribution of users to improve the overall data utility, while protecting accurate location information. Experimental results using real data show that the proposed method significantly improves the usefulness of the collected data compared to existing methods.