Privacy preserving classification over differentially private data


ZORARPACI E., ÖZEL S. A.

WILEY INTERDISCIPLINARY REVIEWS-DATA MINING AND KNOWLEDGE DISCOVERY, 2020 (Journal Indexed in SCI) identifier identifier

  • Publication Type: Article / Review
  • Volume:
  • Publication Date: 2020
  • Doi Number: 10.1002/widm.1399
  • Title of Journal : WILEY INTERDISCIPLINARY REVIEWS-DATA MINING AND KNOWLEDGE DISCOVERY

Abstract

Privacy preserving data classification is an important research area in data mining field. The goal of a privacy preserving classification algorithm is to protect the sensitive information as much as possible, while providing satisfactory classification accuracy. Differential privacy is a strong privacy guarantee that enables privacy of sensitive data stored in a database by determining the ratio of sensitive information leakage with respect to an e parameter. In this study, our aim is to investigate the classification performance of the state-of-the-art classification algorithms such as C4.5, Naive Bayes, One Rule, Bayesian Networks, PART, Ripper, K*, IBk, and Random tree for performing privacy preserving classification. To preserve privacy of the data to be classified, we applied input perturbation technique coming from differential privacy, and observed the relationship between the e parameter values and accuracy of the classifiers. To our best knowledge, this article is the first study that analyzes the performances of the well-known classification algorithms over differentially private data, and discovers which datasets are more suitable for privacy preserving classification when input perturbation is applied to provide data privacy. The classification algorithms are compared by using the differentially private versions of the well-known datasets from the UCI repository. According to the experimental results, we observed that, as e parameter value increases, better classification accuracies are achieved with lower privacy levels. When the classifiers are compared, Naive Bayes classifier is the most successful method. The e parameter should be greater than or equal to 2 (i.e., e >= 2) to achieve cloud server is malicious and untrusted, sensitive data will satisfactory classification accuracies.