A Framework for Privacy-Preserving White-Box Anomaly Detection using a Lattice-Based Access Control

Proceedings of the 28th ACM Symposium on Access Control Models and Technologies Pub Date : 2023-05-24 DOI:10.1145/3589608.3593831

Cristoffer Leite, J. den Hartog, Paul Koster

{"title":"A Framework for Privacy-Preserving White-Box Anomaly Detection using a Lattice-Based Access Control","authors":"Cristoffer Leite, J. den Hartog, Paul Koster","doi":"10.1145/3589608.3593831","DOIUrl":null,"url":null,"abstract":"Privacy concerns are amongst the core issues that will constrain the adoption of distributed anomaly detection. Indeed, when outsourcing anomaly detection, i.e. with a party other than the data owner running the detection, confidential or private aspects of the observed data may need protection. Some privacy-enhancing function is usually employed. Because of the impact that this restriction causes in the creation of explainable alerts, finding mechanisms to balance the trade-off between privacy and usefulness has become increasingly important. Due to this motivation, in this paper, a privacy-preserving white-box anomaly detection framework is presented to facilitate matching the compatibility between service requirements and privacy restrictions of an user by using an access control based on a lattice of privacy protection levels. Our framework allows entities to verify these trade-offs by specifying required protection at the level of features. We evaluate the framework in a real-world scenario within the e-health setting. The results point out that it can generate interpretable alerts while protecting the confidentiality of the data.","PeriodicalId":124020,"journal":{"name":"Proceedings of the 28th ACM Symposium on Access Control Models and Technologies","volume":"16 11","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 28th ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3589608.3593831","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Privacy concerns are amongst the core issues that will constrain the adoption of distributed anomaly detection. Indeed, when outsourcing anomaly detection, i.e. with a party other than the data owner running the detection, confidential or private aspects of the observed data may need protection. Some privacy-enhancing function is usually employed. Because of the impact that this restriction causes in the creation of explainable alerts, finding mechanisms to balance the trade-off between privacy and usefulness has become increasingly important. Due to this motivation, in this paper, a privacy-preserving white-box anomaly detection framework is presented to facilitate matching the compatibility between service requirements and privacy restrictions of an user by using an access control based on a lattice of privacy protection levels. Our framework allows entities to verify these trade-offs by specifying required protection at the level of features. We evaluate the framework in a real-world scenario within the e-health setting. The results point out that it can generate interpretable alerts while protecting the confidentiality of the data.

查看原文本刊更多论文

基于格子访问控制的隐私保护白盒异常检测框架

隐私问题是限制采用分布式异常检测的核心问题之一。实际上，当外包异常检测时，即与运行检测的数据所有者以外的一方合作时，观察到的数据的机密或私人方面可能需要保护。通常使用一些增强隐私的功能。由于这种限制对创建可解释的警报造成了影响，因此寻找在隐私和有用性之间取得平衡的机制变得越来越重要。基于这一动机，本文提出了一种保护隐私的白盒异常检测框架，利用基于隐私保护级别格的访问控制来匹配用户的服务需求和隐私限制之间的兼容性。我们的框架允许实体通过在特性级别指定所需的保护来验证这些权衡。我们在电子卫生设置的真实场景中评估该框架。结果表明，该方法可以在保护数据机密性的同时生成可解释的警报。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 28th ACM Symposium on Access Control Models and Technologies

自引率

0.00%

发文量