安全电子医疗系统中敏感数据集的决策树评估

IF 7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-09-01 DOI:10.1109/TDSC.2022.3219849

Mingwu Zhang, Yu Chen, W. Susilo

{"title":"安全电子医疗系统中敏感数据集的决策树评估","authors":"Mingwu Zhang, Yu Chen, W. Susilo","doi":"10.1109/TDSC.2022.3219849","DOIUrl":null,"url":null,"abstract":"By collecting and analyzing patients' e-healthcare data in Medical Internet-of-Things (MIOT), e-Healthcare providers can offer alternative and helpful evaluation services of the risk of diseases to patients. However, e-Healthcare providers cannot cope with the huge volumes of data and respond to this online service. Providers typically outsource medical data to powerful medical cloud servers. Since outsourced servers are not fully trusted, a direct evaluation service will inevitably result in privacy risks concerning the patient's identity or original medical data. It is hard to hide the results of an evaluation from the single-server model unless a fully homomorphic cryptosystem is used or the patients must communicate online with the cloud multiple times in an inefficient manner. With regards to these issues, this article proposes a Secure and Privacy-Preserving Decision Tree Evaluation scheme (namely SPP-DTE) to achieve secure disease diagnosis classification under e-Healthcare systems without revealing the sensitive information of patients such as physiological data or the private data of medical providers such as the structure of decision trees. Our proposed scheme uses modified KNN computation to match the similarity and preserve the confidentiality of raw data and also applies matrix randomization and monotonically increasing and one-way functions to confuse the intermediate results. The experiment is conducted in data sets from UCI machine learning repository of medical health data. Our analysis indicates that the proposed SPP-DTE scheme is efficient in terms of computational cost and communication overhead that is practical and efficient for privacy protection in e-Healthcare classification and diagnosis system.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3988-4001"},"PeriodicalIF":7.0000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Decision Tree Evaluation on Sensitive Datasets for Secure e-Healthcare Systems\",\"authors\":\"Mingwu Zhang, Yu Chen, W. Susilo\",\"doi\":\"10.1109/TDSC.2022.3219849\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"By collecting and analyzing patients' e-healthcare data in Medical Internet-of-Things (MIOT), e-Healthcare providers can offer alternative and helpful evaluation services of the risk of diseases to patients. However, e-Healthcare providers cannot cope with the huge volumes of data and respond to this online service. Providers typically outsource medical data to powerful medical cloud servers. Since outsourced servers are not fully trusted, a direct evaluation service will inevitably result in privacy risks concerning the patient's identity or original medical data. It is hard to hide the results of an evaluation from the single-server model unless a fully homomorphic cryptosystem is used or the patients must communicate online with the cloud multiple times in an inefficient manner. With regards to these issues, this article proposes a Secure and Privacy-Preserving Decision Tree Evaluation scheme (namely SPP-DTE) to achieve secure disease diagnosis classification under e-Healthcare systems without revealing the sensitive information of patients such as physiological data or the private data of medical providers such as the structure of decision trees. Our proposed scheme uses modified KNN computation to match the similarity and preserve the confidentiality of raw data and also applies matrix randomization and monotonically increasing and one-way functions to confuse the intermediate results. The experiment is conducted in data sets from UCI machine learning repository of medical health data. Our analysis indicates that the proposed SPP-DTE scheme is efficient in terms of computational cost and communication overhead that is practical and efficient for privacy protection in e-Healthcare classification and diagnosis system.\",\"PeriodicalId\":13047,\"journal\":{\"name\":\"IEEE Transactions on Dependable and Secure Computing\",\"volume\":\"20 1\",\"pages\":\"3988-4001\"},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2023-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Dependable and Secure Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/TDSC.2022.3219849\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Dependable and Secure Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2022.3219849","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 12

摘要

通过在医疗物联网（MIOT）中收集和分析患者的电子医疗数据，电子医疗服务提供商可以为患者提供替代和有用的疾病风险评估服务。然而，电子医疗服务提供商无法应对庞大的数据量并对这项在线服务做出回应。提供商通常将医疗数据外包给功能强大的医疗云服务器。由于外包服务器不完全可信，直接评估服务将不可避免地导致与患者身份或原始医疗数据有关的隐私风险。除非使用全同态密码系统，或者患者必须以低效的方式多次与云在线通信，否则很难从单服务器模型中隐藏评估结果。针对这些问题，本文提出了一种安全和隐私保护的决策树评估方案（即SPP-DTE），以实现电子医疗系统下的安全疾病诊断分类，而不会泄露患者的敏感信息，如生理数据或医疗提供者的私人数据，如决策树的结构。我们提出的方案使用改进的KNN计算来匹配相似性并保持原始数据的机密性，还应用矩阵随机化、单调递增和单向函数来混淆中间结果。该实验是在来自UCI医学健康数据机器学习库的数据集中进行的。我们的分析表明，所提出的SPP-DTE方案在计算成本和通信开销方面是有效的，这对于电子医疗分类和诊断系统中的隐私保护是实用和有效的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Decision Tree Evaluation on Sensitive Datasets for Secure e-Healthcare Systems

By collecting and analyzing patients' e-healthcare data in Medical Internet-of-Things (MIOT), e-Healthcare providers can offer alternative and helpful evaluation services of the risk of diseases to patients. However, e-Healthcare providers cannot cope with the huge volumes of data and respond to this online service. Providers typically outsource medical data to powerful medical cloud servers. Since outsourced servers are not fully trusted, a direct evaluation service will inevitably result in privacy risks concerning the patient's identity or original medical data. It is hard to hide the results of an evaluation from the single-server model unless a fully homomorphic cryptosystem is used or the patients must communicate online with the cloud multiple times in an inefficient manner. With regards to these issues, this article proposes a Secure and Privacy-Preserving Decision Tree Evaluation scheme (namely SPP-DTE) to achieve secure disease diagnosis classification under e-Healthcare systems without revealing the sensitive information of patients such as physiological data or the private data of medical providers such as the structure of decision trees. Our proposed scheme uses modified KNN computation to match the similarity and preserve the confidentiality of raw data and also applies matrix randomization and monotonically increasing and one-way functions to confuse the intermediate results. The experiment is conducted in data sets from UCI machine learning repository of medical health data. Our analysis indicates that the proposed SPP-DTE scheme is efficient in terms of computational cost and communication overhead that is practical and efficient for privacy protection in e-Healthcare classification and diagnosis system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Dependable and Secure Computing 工程技术-计算机：软件工程

CiteScore

11.20

自引率

5.50%

发文量

354

审稿时长

9 months

期刊介绍： The "IEEE Transactions on Dependable and Secure Computing (TDSC)" is a prestigious journal that publishes high-quality, peer-reviewed research in the field of computer science, specifically targeting the development of dependable and secure computing systems and networks. This journal is dedicated to exploring the fundamental principles, methodologies, and mechanisms that enable the design, modeling, and evaluation of systems that meet the required levels of reliability, security, and performance. The scope of TDSC includes research on measurement, modeling, and simulation techniques that contribute to the understanding and improvement of system performance under various constraints. It also covers the foundations necessary for the joint evaluation, verification, and design of systems that balance performance, security, and dependability. By publishing archival research results, TDSC aims to provide a valuable resource for researchers, engineers, and practitioners working in the areas of cybersecurity, fault tolerance, and system reliability. The journal's focus on cutting-edge research ensures that it remains at the forefront of advancements in the field, promoting the development of technologies that are critical for the functioning of modern, complex systems.