Research On Data Privacy Protection Method Based On Differential Privacy Mechanism

With the rapid popularization of mobile smart devices,research institutions continuously aggregate raw data(such as medical image data,bank financial data,etc.)by using smart devices such as cloud platforms,Internet of Things,and mobile terminals,and then analyze,mine,and train data to obtain the potential value of the data.However,the raw data contains a large amount of personal sensitive information.Once this sensitive information is leaked,it will cause serious privacy problems.Therefore,in order to protect data,the government has issued relevant laws and regulations that prohibit data owners from arbitrarily publishing user data.And data barriers are also formed between enterprises,which brings about the problem of data islands.So,the protection of data privacy has become one of the most concerned issues of researchers.In response to the issues mentioned,this thesis proposes the following research on data privacy protection:(1)Focusing on the life cycle of data,this thesis divides data privacy protection into three stages: data collection,data release and data use.Then,according to the privacy risks that may be faced at each stage,the existing differential privacy-based privacy protection schemes for data collection,data release and data use are summarized in detail,and the advantages and disadvantages of these schemes are analyzed.(2)Aiming at the contradiction between data privacy protection and availability in the process of image data release,this thesis proposes an image data compression protection mechanism QAPP based on discrete cosine transform(DCT)and differential privacy(DP).Specifically,QAPP is composed of three phases.First,DCT is applied to each image to obtain its cosine coefficients matrix.Second,the cosine coefficient is compressed by the proposed selection function mechanism,which can retain the main features of each image.Third,the appropriate Laplace noise is injected into the compressed matrix to achieve privacy protection,and these noise-added coefficients are used to reconstruct the noise-added images through inverse DCT.In this way,it can not only minimize the noise error caused by the differential privacy mechanism,but also ensure that the noise-added image has a better visualization quality.Subjective and objective image quality evaluation,and extensive experiment based on the real medical image dataset illustrate that the proposed methods QAPP can better balance medical image quality and privacy than similar DP-based methods.(3)Aiming at the privacy attack and model security problem faced by model training in the process of data use(which will eventually lead to the problem of data islands),this thesis proposes a novel distributed model training system,namely LDP-Fed+,based on the federated learning framework that takes into account differential privacy protection and model security defense.Specifically,firstly,a local perturbation module is added at the local side,which perturbs the user’s original data through feature extraction,binary encoding and decoding,and random response,and then perform local training on the perturbed data to indirectly obtain the perturbation parameters that meet local differential protection,so as to effectively deal with model inversion attacks.Secondly,a security defense module is added on the server side,which uses the auxiliary model and differential index mechanism to select an appropriate number of local disturbance parameters for aggregation to enhance model security defense and deal with membership inference attacks.The experimental results show that,compared with other federated learning models based on differential privacy,LDP-Fed+ has stronger robustness for model security and higher accuracy for model training while ensuring strict privacy protection.