Top

International Journal of Information Security

Published in:

06-03-2021 | regular contribution

Privacy preserving data sharing and analysis for edge-based architectures

Authors: Mina Sheikhalishahi, Andrea Saracino, Fabio Martinelli, Antonio La Marra

Published in: International Journal of Information Security | Issue 1/2022

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In this paper, we present a framework for privacy preserving collaborative data analysis among multiple data providers acting as edge of a cloud environment. The proposed framework computes the best trade-off among privacy and result accuracy, based on the privacy requirements of data providers and the specific requested analysis algorithm. Though the presented model is general and can be applied to different environments, this work is motivated by the need of sharing information related to Cyber Threats (CTI). The presented framework is independent from the number of data providers, used data format, privacy requirement and analysis operations. The model is based on the concepts of trade-off score between accuracy and privacy, which also considers measures for privacy requirement such as differential privacy, l-diversity and k-anonymity. Together with the model, the paper discusses the framework implementation and presents results to show the effectiveness and viability of the proposed approach.

previous article [m]allotROPism: a metamorphic engine for malicious software variation development

next article Public key versus symmetric key cryptography in client–server authentication protocols

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

https://www.mitre.org/about.

http://docs.oasis-open.org/cti/stix/v2.0/stix-v2.0-part2-stix-objects.html

The other privacy-preserving techniques in this category, such as data swapping, are not common approaches. Therefore, we do not consider them in this study.

The process is iteratively repeated for 4 times to fulfill the 5 privacy levels’ requirement.

https://www.oasis-open.org/.

https://www.mitre.org/.

https://stixproject.github.io/.

https://cve.mitre.org/.

Ashok, V., Navuluri, K., Alhafdhi, A., Mukkamala, R.: Dataless data mining: association rules-based distributed privacy-preserving data mining. In: 12th International Conference on Information Technology—New Generations (ITNG), 2015, pp. 615–620 (2015)

Bertino, E., Lin, D., Jiang, W.: A survey of quantification of privacy preserving data mining algorithms. In: Privacy-preserving data mining, vol. 34, pp. 183–205. Springer (2008)

Bogan, E., English, J.: Benchmarking for Best Practices: Winning Through Innovative Adaptation (1994)

Brown, G., Pocock, A.C., Zhao, M., Luján, M.: Conditional likelihood maximisation: a unifying framework for information theoretic feature selection. J. Mach. Learn. Res. 13, 27–66 (2012)MathSciNetMATH

Bunn, P., Ostrovsky, R.: Secure two-party k-means clustering. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 486–497. CCS 07, ACM (2007)

Chen, K., Liu, L.: Privacy-preserving multiparty collaborative mining with geometric data perturbation. IEEE Trans. Parall. Distrib. Syst. 20(12), 1764–1776 (2009)CrossRef

Clifton, C., Kantarcioglu, M., Vaidya, J., Lin, X., Zhu, M.Y.: Tools for privacy preserving distributed data mining. SIGKDD Explor. Newsl. 4(2), 28–34 (2002)CrossRef

Costantino, G., Marra, A.L., Martinelli, F., Mori, P., Saracino, A.: Privacy preserving distributed attribute computation for usage control in the internet of things. In: 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications, pp. 1844–1851 (2018)

De Vito, S., Massera, E., Piga, M., Martinotto, L., Di Francia, G.: On field calibration of an electronic nose for benzene estimation in an urban pollution monitoring scenario. Sens. Actuators: B. Chem. 129(2), 750–757 (2008)CrossRef

10.

Dwork, C.: Differential privacy: a survey of results. In: Proceedings of the 5th International Conference on Theory and Applications of Models of Computation, pp. 1–19. TAMC’08 (2008)

11.

Egea, M., Matteucci, I., Mori, P., Petrocchi, M.: Definition of data sharing agreements—the case of spanish data protection law. In: Accountability and Security in the Cloud, June 2–6, 2014, pp. 248–272 (2014)

12.

Fan, W., He, J., Guo, M., Li, P., Han, Z., Wang, R.: Privacy preserving classification on local differential privacy in data centers. J. Parall. Distrib. Comput. 135, 70–82 (2020)CrossRef

13.

Fung, B.C.M., Wang, K., Chen, R., Yu, P.S.: Privacy-preserving data publishing: a survey of recent developments. ACM Comput. Surv. 42(4), 14:1–14:53 (2010)CrossRef

14.

Gao, C., Li, J., Xia, S., Choo, K.R., Lou, W., Dong, C.: Mas-encryption and its applications in privacy-preserving classifiers. IEEE Trans. Knowl. Data Eng. 1, 1–17 (2020)

15.

Guyon, I., Elisseeff, A.: An introduction to variable and feature selection. J. Mach. Learn. Res. 3, 1157–1182 (2003)MATH

16.

Hamidi, M., Sheikhalishahi, M., Martinelli, F.: Secure two-party agglomerative hierarchical clustering construction. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy, ICISSP. pp. 432–437 (2018)

17.

Inan, A., Kantarcioglu, M., Bertino, E.: Using anonymized data for classification. In: International Conference on Data Engineering. ICDE 09 (2009)

18.

Iyengar, V.S.: Transforming data to satisfy privacy constraints. In: Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 279–288. KDD ’02, ACM (2002)

19.

Khodaparast, F., Sheikhalishahi, M., Haghighi, H., Martinelli, F.: Privacy preserving random decision tree classification over horizontally and vertically partitioned data. In: IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, pp. 600–607 (2018)

20.

Kifer, D., Gehrke, J.: Injecting utility into anonymized datasets. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, pp. 217–228. SIGMOD ’06, ACM (2006)

21.

Li, T., Li, J., Liu, Z., Li, P., Jia, C.: Differentially private naive bayes learning over multiple data sources. Inf. Sci. 1, 89–104 (2018)MathSciNetCrossRef

22.

Lichman, M.: UCI machine learning repository (2013)

23.

Machanavajjhala, A., Kifer, D., Gehrke, J., Venkitasubramaniam, M.: L-diversity: Privacy beyond k-anonymity. ACM Trans. Knowl. Discov. Data 1(1), 1 (2007)CrossRef

24.

Martinelli, F., Sheikhalishahi, M.: Distributed data anonymization. In: IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC), pp. 580–586 (2019)

25.

Martinelli, F., Matteucci, I., Petrocchi, M., Wiegand, L.: A formal support for collaborative data sharing. International Cross-Domain Conference and Workshop on Availability, Reliability, and Security, CD-ARES 2012, 547–561 (2012)

26.

Martinelli, F., Riesco, R.: Nis wg3 deliverable: Strategic research agenda (2015). https://resilience.enisa.europa.eu/nis-platform/shared-documents/3rd-plenary-meeting-april-2015

27.

Martinelli, F., Saracino, A., Sheikhalishahi, M.: Modeling privacy aware information sharing systems: a formal and general approach. In: IEEE Trustcom/BigDataSE/ISPA. pp. 767–774 (2016)

28.

Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA: a controlled natural language for data sharing agreements. In: Proceedings of the 2010 ACM Symposium on Applied Computing (SAC), pp. 616–620

29.

Matteucci, I., Petrocchi, M., Sbodio, M.L., Wiegand, L.: A design phase for data sharing agreements. In: Data Privacy Management and Autonomous Spontaneus Security, pp. 25–41. Springer (2012)

30.

Maymounkov, P., Mazieres, D.: Kademlia: A peer-to-peer information system based on the xor metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) Peer-to-Peer Systems, pp. 53–65. Springer, Berlin (2002)CrossRef

31.

Mohammed, N., Alhadidi, D., Fung, B.C.M., Debbabi, M.: Secure two-party differentially private data release for vertically partitioned data. IEEE Trans. Dependable Sec. Comput. 11(1), 59–71 (2014)CrossRef

32.

Mohammed, N., Chen, R., Fung, B.C., Yu, P.S.: Differentially private data release for data mining. In: Proceedings of the 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD ’11, pp. 493–501. ACM (2011)

33.

Oliveira, S.R.M., Zaïane, O.R.: Privacy preserving frequent itemset mining. In: Proceedings of the IEEE International Conference on Privacy, Security and Data Mining—Volume 14, CRPIT ’14. pp. 43–54. Australian Computer Society, Inc. (2002)

34.

Rubinstein, B.I.P., Bartlett, P.L., Huang, L., Taft, N.: Learning in a large function space: Privacy-preserving mechanisms for svm learning. CoRR (2009). arXiv:0911.5708

35.

Seligman, L., Rosenthal, A., Caverlee, J.: Data service agreements: toward a data supply chain. In: Proceedings of the Information Integration on the Web workshop at the Very Large Database Conference, Toronto (2004)

36.

Sheikhalishahi, M., Martinelli, F.: Privacy-utility feature selection as a tool in private data classification. In: 14th International Conference on Distributed Computing and Artificial Intelligence DCAI, pp. 254–261 (2017)

37.

Sheikhalishahi, M., Nateghizad, M., Martinelli, F., Erkin, Z., Loog, M.: On the statistical detection of adversarial instances over encrypted data. In: Security and Trust Management—15th International Workshop, STM, pp. 71–88 (2019)

38.

Swarup, V., Seligman, L., Rosenthal, A.: A data sharing agreement framework. In: International Conference on Information Systems Security, pp. 22–36. Springer (2006)

39.

Sweeney, L.: K-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 10(5), 557–570 (2002)MathSciNetCrossRef

40.

Xiao, M.J., Huang, L.S., Luo, Y.L., Shen, H.: Privacy preserving id3 algorithm over horizontally partitioned data. In: 6th International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT’05), pp. 239–243 (2005)

Title: Privacy preserving data sharing and analysis for edge-based architectures
Authors: Mina Sheikhalishahi
Andrea Saracino
Fabio Martinelli
Antonio La Marra
Publication date: 06-03-2021
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Information Security / Issue 1/2022
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-021-00542-x

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2022

Track for surveys

DAPP: automatic detection and analysis of prototype pollution vulnerability in Node.js modules

A new smart smudge attack using CNN

Public key versus symmetric key cryptography in client–server authentication protocols

Automatic analysis of attack graphs for risk mitigation and prioritization on large-scale and complex networks in Industry 4.0

[m]allotROPism: a metamorphic engine for malicious software variation development

Premium Partner