当前位置:
X-MOL 学术
›
IEEE Trans. Inform. Forensics Secur.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Collusion-Resilient Privacy-Preserving Database Fingerprinting
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 2024-09-06 , DOI: 10.1109/tifs.2024.3455748 Shunsheng Zhang 1 , Youwen Zhu 1 , Ao Zeng 1
IEEE Transactions on Information Forensics and Security ( IF 6.3 ) Pub Date : 2024-09-06 , DOI: 10.1109/tifs.2024.3455748 Shunsheng Zhang 1 , Youwen Zhu 1 , Ao Zeng 1
Affiliation
Database sharing may bring about privacy disclosure and illegal redistribution. A previously proposed entry-level Differential Privacy FingerPrinting mechanism (DPFP) for relational database achieves privacy and liability guarantees simultaneously. However, it is only robust against common attacks from a vicious Data Analyzer (DA) and lacks robustness against logical AND or OR collusion attack even if Anti-Collusion Code (ACC) is used to trace who the colluders are. In this work, we propose a Collusion-Resilient entry-level DP FingerPrinting mechanism (CRDPFP) for uniquely identifying colluders by directly using ACCs. Specifically, we firstly theoretically and experimentally demonstrate the vulnerabilities of existing fingerprinting schemes by identification of logical AND/OR collusion attack. To survive 5 types of collusion attacks and identify colluders, a Group-oriented Concatenated (GC) ACC based on I-code and Cover Free Family code is constructed and a catch-all detector is designed. By leveraging the randomization nature of fingerprint, we transform GC code into provable entry-level DP guarantees on the entire database. We also show that CRDPFP inherits the same connection properties between privacy, fingerprint robustness, and database utility from DPFP. Via experiments on two real-world relational databases, we exhibit that our mechanism supplies stronger robustness against 50% random flipping attack from a vicious DA, achieves higher and lower detecting rates of at least one colluder and innocent, uniquely traces all colluders for logical AND or OR collusion attack and obtains near-optimal utility with fingerprint parameter being close to 2 compared to existing schemes.
中文翻译:
抗共谋、隐私保护数据库指纹识别
数据库共享可能会带来隐私泄露和非法再分发。之前提出的关系数据库入门级差分隐私指纹机制(DPFP)同时实现了隐私和责任保证。然而,即使使用反共谋代码(ACC)来追踪共谋者,它也只能抵御来自恶意数据分析器(DA)的常见攻击,并且缺乏抵御逻辑 AND 或 OR 共谋攻击的稳健性。在这项工作中,我们提出了一种抗共谋的入门级 DP 指纹识别机制(CRDPFP),用于通过直接使用 ACC 来唯一地识别共谋者。具体来说,我们首先通过识别逻辑“与”/“或”共谋攻击,从理论上和实验上证明了现有指纹识别方案的漏洞。为了抵御 5 种类型的共谋攻击并识别共谋者,构建了基于 I 代码和 Cover Free Family 代码的面向组的级联 (GC) ACC,并设计了一个包罗万象的检测器。通过利用指纹的随机化特性,我们将 GC 代码转换为整个数据库上可证明的入门级 DP 保证。我们还表明,CRDPFP 继承了 DPFP 的隐私、指纹鲁棒性和数据库实用性之间的相同连接属性。通过对两个现实世界关系数据库的实验,我们表明我们的机制对恶意 DA 的 50% 随机翻转攻击具有更强的鲁棒性,对至少一个共谋者和无辜者实现了更高和更低的检测率,唯一地追踪所有共谋者的逻辑 AND或 OR 共谋攻击,与现有方案相比,获得接近最优的效用,指纹参数接近 2。
更新日期:2024-09-06
中文翻译:
抗共谋、隐私保护数据库指纹识别
数据库共享可能会带来隐私泄露和非法再分发。之前提出的关系数据库入门级差分隐私指纹机制(DPFP)同时实现了隐私和责任保证。然而,即使使用反共谋代码(ACC)来追踪共谋者,它也只能抵御来自恶意数据分析器(DA)的常见攻击,并且缺乏抵御逻辑 AND 或 OR 共谋攻击的稳健性。在这项工作中,我们提出了一种抗共谋的入门级 DP 指纹识别机制(CRDPFP),用于通过直接使用 ACC 来唯一地识别共谋者。具体来说,我们首先通过识别逻辑“与”/“或”共谋攻击,从理论上和实验上证明了现有指纹识别方案的漏洞。为了抵御 5 种类型的共谋攻击并识别共谋者,构建了基于 I 代码和 Cover Free Family 代码的面向组的级联 (GC) ACC,并设计了一个包罗万象的检测器。通过利用指纹的随机化特性,我们将 GC 代码转换为整个数据库上可证明的入门级 DP 保证。我们还表明,CRDPFP 继承了 DPFP 的隐私、指纹鲁棒性和数据库实用性之间的相同连接属性。通过对两个现实世界关系数据库的实验,我们表明我们的机制对恶意 DA 的 50% 随机翻转攻击具有更强的鲁棒性,对至少一个共谋者和无辜者实现了更高和更低的检测率,唯一地追踪所有共谋者的逻辑 AND或 OR 共谋攻击,与现有方案相比,获得接近最优的效用,指纹参数接近 2。
京公网安备 11010802027423号