• This repository has been archived on 30/Nov/2023
  • Stars
    star
    168
  • Rank 225,507 (Top 5 %)
  • Language
    Python
  • License
    MIT License
  • Created over 10 years ago
  • Updated 12 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Python Implementation for Mondrian Multidimensional K-Anonymity (Mondrian).

Mondrian Build Status

Mondrian is a Top-down greedy data anonymization algorithm for relational dataset, proposed by Kristen LeFevre in his papers[1]. To our knowledge, Mondrian is the fastest local recording algorithm, which preserve good data utility at the same time. Although LeFevre gave the pseudocode in his papers, the original source code is not available. You can find the third part Java implementation in Anonymization Toolbox[2].

This repository is an open source python implementation for Mondrian.

Motivation

Researches on data privacy have lasted for more than ten years, lots of great papers have been published. However, only a few open source projects are available on Internet [2-3], most open source projects are using algorithms proposed before 2004! Fewer projects have been used in real life. Worse more, most people even don't hear about it. Such a tragedy!

I decided to make some effort. Hoping these open source repositories can help researchers and developers on data privacy (privacy preserving data publishing, data anonymization).

Attention

This Mondrian is the earliest Mondrian proposed in [1], which imposes an intuitive ordering on each attribute. So, there is no generalization hierarchies for categorical attributes. This operation brings lower information loss, but worse semantic results. If you want the Mondrian based on generalization hierarchies, please turn to Basic_Mondrian.

I used both adult and INFORMS dataset in this implementation. For clarification, we transform NCP (Normalized Certainty Penalty) to percentage. This NCP percentage is computed by dividing NCP value with the number of values in dataset (also called GCP (Global Certainty Penalty) [4]). The range of NCP percentage is from 0 to 1, where 0 means no information loss, 1 means loses all information (more meaningful than raw NCP, which is sensitive to size of dataset).

One more thing!!! Mondrian has strict and relax models. (Most online implementations are in strict model.) Both Mondrian split partition with binary split (let lhs and rhs denotes left part and right part). In strict Mondrian, lhs has not intersection part with rhs. But in relaxed Mondrian, the points in the middle are evenly divided between lhs and rhs to ensure |lhs| = |rhs| (+1 where |partition| is odd). So in relax model, the generalized result of lhs and rhs may have intersection.

The Final NCP of Mondrian on adult dataset is about 24.91% (relax) and 12.19% (strict), while 12.26% (relax) and 10.21% (strict) on INFORMS data (with K=10).

Basic idea of Mondrian

First, what is k-anonymity?

Assuming your record is in this format: [QID, SA]. QID means quasi-identifier such as age and birthday, SA means sensitive information such as disease information. The basic idea of k-anonymity is safety in group (or safety in numbers [5]), which means that you are safe if you are in a group of people whose QIDs are the same. Note nobody can infer your sensitive information (SA) from this group using QID, as shown in Fig. 1 (k=3 in 1(b) and 1(c)). If each of these group has at least k people, then this dataset satisfy k-anonymity.

Figure 1. Anonymity, Privacy and Generalization

But in practice, the raw datasets usually don't satisfy k-anonymity, as shown in Fig. 1(a). So, we need some help from anonymization algorithm to transform the raw datasets to anonymized datasets. Mondrian is one of them, and it is based on generalization. I don't want to talk too much about generalization. In a word, generalization is a kind of transformation, which finds a result QID* that covers all QIDs (QID1~QID3 in Fig. 1 (b)). And it also brings information loss (distortion).

How Mondrian anonymizes dataset?

Here is the basic workflow of Mondrian:

  1. Partition the raw dataset into k-groups using kd-tree. k-groups means that each group contains at least k records.
  2. Generalization each k-group (Fig. 1(b)), such that each group has the same QID*.

Why using kd-tree? Because it is fast, straight-forward and sufficient.

Figure 2. Basic workflow of Modnrian

Figure 3. kd-tree

Usage and Parameters:

The Implementation is based on Python 3 and compatible with python 2.7. You can run Mondrian in following steps:

  1. Download (or clone) the whole project.

  2. Run anonymized.py in root dir with CLI.

  3. Get the anonymized dataset from data/anonymized.data, if you didn't add [k | qi | data].

Parameters:

# Usage: python anonymizer.py [r|s] [a | i] [k | qi | data]
# r: relax mondrian, s: strict mondrian
# a: adult dataset, 'i': INFORMS dataset
# k: varying k, qi: varying qi numbers, data: varying size of dataset
# run Mondrian with adult data and default K (K=10)
python anonymizer.py

# run Strict Mondrian with adult data K=20
python anonymizer.py s a 20

# run Relax Mondrian with INFORMS data K=11
python anonymizer.py r i 11


# Evluating Strict Mondrian with k on adult data
python anonymizer.py s a k

For more information:

[1] K. LeFevre, D. J. DeWitt, R. Ramakrishnan. Mondrian Multidimensional K-Anonymity ICDE '06: Proceedings of the 22nd International Conference on Data Engineering, IEEE Computer Society, 2006, 25

[2] UTD Anonymization Toolbox

[3] ARX- Powerful Data Anonymization

[4] G. Ghinita, P. Karras, P. Kalnis, N. Mamoulis. Fast data anonymization with low information loss. Proceedings of the 33rd international conference on Very large data bases, VLDB Endowment, 2007, 758-769

[5] Y. He, J. F. Naughton, Anonymization of set-valued data via top-down, local generalization. Proceedings of VLDB, 2009, 2, 934-945

Support

  • You can post bug reports and feature requests at the Issue Page.
  • Contributions via Pull request is welcome.
  • Also, you can contact me via email.

==========================

by Qiyuan Gong

2017-5-23

Contributor List ๐Ÿ†

More Repositories

1

leetcode

Python & JAVA Solutions for Leetcode
Python
5,211
star
2

How_to_Search_and_Read_a_Paper

ๆœฌๆ–‡ๆกฃ้€‚ๅˆไบŽๅˆšๅ…ฅๅญฆ็š„็ก•ๅฃซๅ’Œๅšๅฃซ(่ฎก็ฎ—ๆœบไธ“ไธšๆœ€ๅฅฝ๏ผŒๅ…ถไป–ไธ“ไธšๅฏๅ‚่€ƒ)ใ€‚
356
star
3

Basic_Mondrian

The raw mondrian is designed for numerical attributes. When comes to categorical attributes, Mondrian needs to transform categorical attributes to numerical ones. This transformations is not good for some applications. In 2006, LeFevre proposed basic Mondrian, which support both categorical and numerical attributes. This repository is an implementation for basic Mondrian.
Python
32
star
4

Deep_Learning_Exercise

Deep Learning Exercise and Notebook
Jupyter Notebook
30
star
5

Clustering_based_K_Anon

cluster based generalization for k-anonymity
Python
29
star
6

Mondrian_L_Diversity

Mondrian for L-diveristy. It's not available now.
Python
18
star
7

image_classification_redis

Image Classification based on Analytics-Zoo and Redis
Python
10
star
8

Top_Down_Greedy_Anonymization

Top_Down_Greedy_Anonymization is a Top-down greedy algorithm data anonymization algorithm for relational dataset, proposed by Jian Xu in his papers.
Python
9
star
9

Google_APAC

My solution for Google APAC
Python
8
star
10

Python_Blind_Image_Watermarking

A simple implement Blind_Image_watermark with Python.
MATLAB
3
star
11

Apriori_based_Anonymization

This repository is an python implement of Apriori_based_Anonymization for set-valued dataset anonymization.
Python
3
star
12

analyzing_weibo_data_with_spark

try to analyzing weibo data with Spark
Python
3
star
13

SEU_Web_Login

This program is a python implement for CLI (command-line interface) web login in Southeast University (China).
Python
3
star
14

Zoo_Benchmark

Scala
2
star
15

Relational_Transaction_Anon

This repository is an python implement of Relation and Transaction Anonymization for Relational and Transaction dataset anonymization.
Python
2
star
16

Semi_Partition

Semi_Partition is a Top-down greedy algorithm data anonymization algorithm for relational dataset. It's more efficient than Mondrian, which is proposed by Kristen LeFevre in his papers.
Python
2
star
17

PAA

Partition and Anatomize Anonymization
Python
1
star
18

Partition_for_Transaction

This repository is an open source python implement for Partition_for_Transaction. I implement this algorithm in python for further study.
Python
1
star
19

ChatGPT-Web

Vue
1
star
20

NEC_based_Anonymization

EC based Anonymization. Improve efficiency without increasing information loss.
Python
1
star
21

1M_Generalization

1M_Generalization is a simple anonymization algorithm for 1:M dataset. It contains two sub-algorithms: Mondrian (for relational part) and Partition (transaction part). Both of them are straight forward, and can be repalced by more powerful algorithm with limtied modification.
Python
1
star