在数据共享时运用博弈论来挫败多阶段隐私入侵。

Using game theory to thwart multistage privacy intrusions when sharing data.

作者信息

Wan Zhiyu, Vorobeychik Yevgeniy, Xia Weiyi, Liu Yongtai, Wooders Myrna, Guo Jia, Yin Zhijun, Clayton Ellen Wright, Kantarcioglu Murat, Malin Bradley A

机构信息

Department of Electrical Engineering and Computer Science, Vanderbilt University, Nashville, TN 37212, USA.

Department of Biomedical Informatics, Vanderbilt University Medical Center, Nashville, TN 37203, USA.

出版信息

Sci Adv. 2021 Dec 10;7(50):eabe9986. doi: 10.1126/sciadv.abe9986.

DOI:10.1126/sciadv.abe9986

PMID:34890225

原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC8664254/

Abstract

Person-specific biomedical data are now widely collected, but its sharing raises privacy concerns, specifically about the re-identification of seemingly anonymous records. Formal re-identification risk assessment frameworks can inform decisions about whether and how to share data; current techniques, however, focus on scenarios where the data recipients use only one resource for re-identification purposes. This is a concern because recent attacks show that adversaries can access multiple resources, combining them in a stage-wise manner, to enhance the chance of an attack’s success. In this work, we represent a re-identification game using a two-player Stackelberg game of perfect information, which can be applied to assess risk, and suggest an optimal data sharing strategy based on a privacy-utility tradeoff. We report on experiments with large-scale genomic datasets to show that, using game theoretic models accounting for adversarial capabilities to launch multistage attacks, most data can be effectively shared with low re-identification risk.

摘要

针对个人的生物医学数据如今已被广泛收集，但其共享引发了隐私担忧，特别是关于看似匿名的记录被重新识别的问题。正式的重新识别风险评估框架可为有关是否以及如何共享数据的决策提供依据；然而，当前的技术主要关注数据接收者仅使用一种资源进行重新识别的情况。这是一个问题，因为最近的攻击表明，对手可以访问多种资源，并以分阶段的方式将它们组合起来，以提高攻击成功的几率。在这项工作中，我们使用具有完美信息的两人斯塔克尔伯格博弈来表示重新识别博弈，该博弈可用于评估风险，并基于隐私 - 效用权衡提出最优数据共享策略。我们报告了对大规模基因组数据集的实验结果，以表明使用考虑了对手发动多阶段攻击能力的博弈论模型，大多数数据可以在低重新识别风险的情况下有效地共享。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9cb3/8664254/cec09f277ff2/sciadv.abe9986-f1.jpg

相似文献

Using game theory to thwart multistage privacy intrusions when sharing data.在数据共享时运用博弈论来挫败多阶段隐私入侵。

Sci Adv. 2021 Dec 10;7(50):eabe9986. doi: 10.1126/sciadv.abe9986.

Expanding Access to Large-Scale Genomic Data While Promoting Privacy: A Game Theoretic Approach.在促进隐私保护的同时扩大对大规模基因组数据的访问：一种博弈论方法。

Am J Hum Genet. 2017 Feb 2;100(2):316-322. doi: 10.1016/j.ajhg.2016.12.002. Epub 2017 Jan 5.

Optimizing annotation resources for natural language de-identification via a game theoretic framework.通过博弈论框架优化用于自然语言去识别的注释资源。

J Biomed Inform. 2016 Jun;61:97-109. doi: 10.1016/j.jbi.2016.03.019. Epub 2016 Mar 25.

A game theoretic framework for analyzing re-identification risk.一种用于分析重新识别风险的博弈论框架。

PLoS One. 2015 Mar 25;10(3):e0120592. doi: 10.1371/journal.pone.0120592. eCollection 2015.

PanDa Game: Optimized Privacy-Preserving Publishing of Individual-Level Pandemic Data Based on a Game Theoretic Model.熊猫游戏：基于博弈论模型的个体级大流行病数据优化隐私保护发布。

IEEE Trans Nanobioscience. 2023 Oct;22(4):808-817. doi: 10.1109/TNB.2023.3284092. Epub 2023 Oct 3.

The Importance of Context: Risk-based De-identification of Biomedical Data.背景的重要性：基于风险的生物医学数据去识别化

Methods Inf Med. 2016 Aug 5;55(4):347-55. doi: 10.3414/ME16-01-0012. Epub 2016 Jun 20.

An Open Source Tool for Game Theoretic Health Data De-Identification.一种用于博弈论健康数据去识别的开源工具。

AMIA Annu Symp Proc. 2018 Apr 16;2017:1430-1439. eCollection 2017.

A Game-Theoretic Framework to Preserve Location Information Privacy in Location-based Service Applications.基于博弈论的位置服务应用中位置信息隐私保护框架

Sensors (Basel). 2019 Apr 1;19(7):1581. doi: 10.3390/s19071581.

Tuning Privacy-Utility Tradeoff in Genomic Studies Using Selective SNP Hiding.利用选择性单核苷酸多态性隐藏调整基因组研究中的隐私-效用权衡

Proc Asia Pac Bioinform Conf. 2023 Apr;2023.

Re-Identification Risk versus Data Utility for Aggregated Mobility Research Using Mobile Phone Location Data.使用手机位置数据进行汇总移动性研究时的再识别风险与数据效用

PLoS One. 2015 Oct 15;10(10):e0140589. doi: 10.1371/journal.pone.0140589. eCollection 2015.

引用本文的文献

A decade of research on genetic privacy: the findings of the GetPreCiSe Center at Vanderbilt University.十年基因隐私研究：范德堡大学精准隐私中心的研究成果

Front Genet. 2025 Aug 21;16:1629386. doi: 10.3389/fgene.2025.1629386. eCollection 2025.

Applications and Concerns of ChatGPT and Other Conversational Large Language Models in Health Care: Systematic Review.ChatGPT 及其他会话型大型语言模型在医疗保健中的应用及关注：系统评价。

J Med Internet Res. 2024 Nov 7;26:e22769. doi: 10.2196/22769.

HydraGAN: A Cooperative Agent Model for Multi-Objective Data Generation.九头蛇生成对抗网络（HydraGAN）：一种用于多目标数据生成的协作代理模型。

ACM Trans Intell Syst Technol. 2024 Jun;15(3). doi: 10.1145/3653982. Epub 2024 May 17.

Differentially private knowledge transfer for federated learning.联邦学习中的差异化隐私知识转移。

Nat Commun. 2023 Jun 24;14(1):3785. doi: 10.1038/s41467-023-38794-x.

IEEE Trans Nanobioscience. 2023 Oct;22(4):808-817. doi: 10.1109/TNB.2023.3284092. Epub 2023 Oct 3.

Supporting COVID-19 Disparity Investigations with Dynamically Adjusting Case Reporting Policies.用动态调整病例报告政策支持 COVID-19 差异调查。

AMIA Annu Symp Proc. 2023 Apr 29;2022:279-288. eCollection 2022.

Managing re-identification risks while providing access to the All of Us research program.在提供对“所有人”研究计划访问权限的同时，管理重新识别风险。

J Am Med Inform Assoc. 2023 Apr 19;30(5):907-914. doi: 10.1093/jamia/ocad021.

A Multifaceted benchmarking of synthetic electronic health record generation models.综合电子健康记录生成模型的多方面基准测试。

Nat Commun. 2022 Dec 9;13(1):7609. doi: 10.1038/s41467-022-35295-1.

Sociotechnical safeguards for genomic data privacy.基因组数据隐私的社会技术保障措施。

Nat Rev Genet. 2022 Jul;23(7):429-445. doi: 10.1038/s41576-022-00455-y. Epub 2022 Mar 4.

本文引用的文献

Data privacy through participant empowerment.通过增强参与者能力实现数据隐私保护。

Nat Comput Sci. 2021 Mar;1(3):175-176. doi: 10.1038/s43588-021-00047-6.

Citizen-centered, auditable and privacy-preserving population genomics.以公民为中心、可审计且保护隐私的群体基因组学。

Nat Comput Sci. 2021 Mar;1(3):192-198. doi: 10.1038/s43588-021-00044-9. Epub 2021 Mar 25.

Genome Reconstruction Attacks Against Genomic Data-Sharing Beacons.针对基因组数据共享信标的基因组重建攻击。

Proc Priv Enhanc Technol. 2021;2021(3):28-48. doi: 10.2478/popets-2021-0036. Epub 2021 Apr 26.

Preserving Genomic Privacy via Selective Sharing.通过选择性共享保护基因组隐私。

Proc ACM Workshop Priv Electron Soc. 2020 Nov;2020:163-179. doi: 10.1145/3411497.3420214. Epub 2020 Nov 9.

Creating artificial human genomes using generative neural networks.使用生成式神经网络创建人工人类基因组。

PLoS Genet. 2021 Feb 4;17(2):e1009303. doi: 10.1371/journal.pgen.1009303. eCollection 2021 Feb.

Privacy challenges and research opportunities for genomic data sharing.基因组数据共享的隐私挑战和研究机会。

Nat Genet. 2020 Jul;52(7):646-654. doi: 10.1038/s41588-020-0651-0. Epub 2020 Jun 29.

Births: Final Data for 2018.出生情况：2018年最终数据。

Natl Vital Stat Rep. 2019 Nov;68(13):1-47.

Privacy-Preserving Biomedical Database Queries with Optimal Privacy-Utility Trade-Offs.具有最优隐私-效用权衡的隐私保护生物医学数据库查询。

Cell Syst. 2020 May 20;10(5):408-416.e9. doi: 10.1016/j.cels.2020.03.006. Epub 2020 Apr 30.

Learning to learn from data: Using deep adversarial learning to construct optimal statistical procedures.学会从数据中学习：利用深度对抗学习构建最优统计程序。

Sci Adv. 2020 Feb 26;6(9):eaaw2140. doi: 10.1126/sciadv.aaw2140. eCollection 2020 Feb.

Evaluating the re-identification risk of a clinical study report anonymized under EMA Policy 0070 and Health Canada Regulations.评估根据 EMA 政策 0070 和加拿大卫生部法规进行匿名化的临床研究报告的再识别风险。

Trials. 2020 Feb 18;21(1):200. doi: 10.1186/s13063-020-4120-y.

文献AI研究员

20分钟写一篇综述，助力文献阅读效率提升50倍。

立即体验

用中文搜PubMed

大模型驱动的PubMed中文搜索引擎

马上搜索

文档翻译

学术文献翻译模型，支持多种主流文档格式。

立即体验

在数据共享时运用博弈论来挫败多阶段隐私入侵。

Using game theory to thwart multistage privacy intrusions when sharing data.

作者信息

机构信息

出版信息

相似文献

引用本文的文献

本文引用的文献

文献AI研究员

用中文搜PubMed

文档翻译

Suppr 超能文献

相似文献

引用本文的文献

本文引用的文献