abstract: Review and reply to Katerina's comments

This commit is contained in:
Manos Katsomallos 2022-01-10 13:49:23 +01:00
parent 92795631f8
commit 0b922ca6ae

View File

@ -8,13 +8,14 @@ generate massive amounts of user-related, and usually geo-tagged, data on a dail
The manipulation of such data is useful in numerous application domains including traffic monitoring, intelligent building, and healthcare. The manipulation of such data is useful in numerous application domains including traffic monitoring, intelligent building, and healthcare.
A high percentage of these data carry information of user activities and other personal details, and thus their manipulation and sharing raise concerns about the privacy of the individuals involved. A high percentage of these data carry information of user activities and other personal details, and thus their manipulation and sharing raise concerns about the privacy of the individuals involved.
To enable the secure---from the user privacy perspective---data sharing, researchers have already proposed various seminal techniques for the protection of user privacy while accounting for data utility and quality. To enable the secure---from the user privacy perspective---data sharing, researchers have already proposed various seminal techniques for the protection of user privacy while accounting for data utility and quality.
However, the continuous fashion in which data are generated nowadays, and the high availability of external sources of information, pose more threats and add extra challenges to the problem, due to inevitable correlations that arise. However, the continuous fashion in which data are generated nowadays and the high availability of external sources of information, pose more threats and add extra challenges to the problem due to the inevitable presence of data correlation.
% that arise.
% \kat{Mention here the extra challenges posed by the specific problem that you address : the Landmark privacy} % \kat{Mention here the extra challenges posed by the specific problem that you address : the Landmark privacy}
\kat{I still do not see the motivation/challenges for landmark privacy. Saying about configurability is not enough.. We should see sth about overperturbing the data when not necessary by the context..} % \kat{I still do not see the motivation/challenges for landmark privacy. Saying about configurability is not enough.. We should see sth about overperturbing the data when not necessary by the context..}
It is therefore essential to design solutions that not only guarantee a balance between user privacy protection and data utility, but also provide configurability and consider the preferences of the users. It is therefore essential to design solutions that guarantee sufficient user privacy protection and maximize data utility, while providing configurability by considering the context and user preferences.
% Survey % Survey
Initially, we investigate the literature regarding data privacy in continuous data publishing, and report on the proposed solutions, with a special focus on solutions concerning location or geo-referenced data. Initially, we study the literature regarding data privacy in continuous data publishing, and report on the proposed solutions, with a special focus on solutions concerning location or geo-referenced data.
As a matter of fact, a wealth of algorithms has been proposed for privacy-preserving data publishing, either for microdata or statistical data. As a matter of fact, a wealth of algorithms has been proposed for privacy-preserving data publishing, either for microdata or statistical data.
In this context, we seek to offer a guide that would allow readers to choose the proper algorithm(s) for their specific use case accordingly. In this context, we seek to offer a guide that would allow readers to choose the proper algorithm(s) for their specific use case accordingly.
We provide an insight into time-related properties of the algorithms, e.g.,~if they work on finite or infinite data, or if they take into consideration any underlying type of data correlation. We provide an insight into time-related properties of the algorithms, e.g.,~if they work on finite or infinite data, or if they take into consideration any underlying type of data correlation.
@ -24,17 +25,23 @@ Thereafter, we proceed to propose a novel type of data privacy, called \emph{{\t
We observe that in continuous data publishing, events are not equally significant in terms of privacy, and hence they should affect the privacy-preserving processing differently. We observe that in continuous data publishing, events are not equally significant in terms of privacy, and hence they should affect the privacy-preserving processing differently.
Differential privacy is a well-established paradigm in privacy-preserving time series publishing. Differential privacy is a well-established paradigm in privacy-preserving time series publishing.
The existing differential privacy protection levels protect either a single timestamp, or all the data per user or per window in the time series; however, considering all timestamps as equally significant. The existing differential privacy protection levels protect either a single timestamp, or all the data per user or per window in the time series; however, considering all timestamps as equally significant.
The novel notion that we propose, {\thething} privacy, is based on differential privacy and allocates the available privacy budget while taking into account significant events (\emph{\thethings}) in the time series. The novel notion that we propose, {\thething} privacy, is based on differential privacy and allocates the available privacy budget at each timestamp while taking into account significant events (\emph{\thethings}) in the time series.
\kat{Again, a reader does not understand what this really mean..give some concrete indices} % \kat{Again, a reader does not understand what this really mean..give some concrete indices}
We design three privacy schemes that guarantee {\thething} privacy and further extend them by providing more robust privacy protection to the {\thething} set with the design of a dummy {\thething} selection module. This allows for better data utility by optimizing the privacy budget allocation, and thus avoiding the injection of unnecessary noise into the data releases.
\kat{give some idea also what the dummy module does} We design three {\thething} privacy schemes and further extend them by enhancing the privacy protection of the {\thething} set with the design of a dummy {\thething} selection module
% \kat{give some idea also what the dummy module does}
that renders the actual {\thethings} indistinguishable with the addition of regular events to the {\thething} set.
% Evaluation % Evaluation
Finally, we evaluate the proposed {\thething} privacy schemes and dummy {\thething} selection module on real and synthetic data sets. Finally, we evaluate the proposed {\thething} privacy schemes and dummy {\thething} selection module on real and synthetic data sets.
We assess the impact on data utility for several possible {\thething} distributions, with emphasis on situations under the presence of temporal correlation. We assess the impact on data utility for several possible {\thething} distributions, with emphasis on situations under the presence of temporal correlation.
% \kat{add selection, and a small comment on the conclusions driven by the experiments.} % \kat{add selection, and a small comment on the conclusions driven by the experiments.}
Overall, the results of the experimental evaluation and comparative analysis of {\thething} privacy validate its applicability to several use case scenarios and showcase the improvement, in terms of data utility, over the existing privacy protection levels. Overall, the results of the experimental evaluation and comparative analysis of {\thething} privacy validate its applicability to several use case scenarios and showcase the improvement, in terms of data utility, over the existing privacy protection levels.
Particularly, the dummy {\thething} selection module achieves better {\thething} protection, provoking only a reasonable data utility decline. \kat{what is reasonable?} Particularly, the dummy {\thething} selection module achieves better {\thething} protection, provoking only a
% reasonable
% \kat{what is reasonable?}
minor
data utility decline.
In terms of temporal correlation, we observe that under moderate and strong correlation, greater average regular{\thething} event distance causes greater overall privacy loss. In terms of temporal correlation, we observe that under moderate and strong correlation, greater average regular{\thething} event distance causes greater overall privacy loss.