| Nowadays,collaborative filtering(CF)is commonly used in recommendation systems.It can provide personalized recommending results for users,from the vast ocean of information.However,CF requires users to send their historical data to the recommendation server,which leads to privacy risks.Even if a user's historical data is preserved by traditional anonymization techniques,the attacker can still infer his private information by deanonymization attacks.Differential privacy(DP)is a mathematically rigorous definition on individual privacy,which ensures that the output of a differentially private query on a dataset is independent to whether an arbitrary individual opts into or out of this dataset.As the result,it has become a present research hotspot to develop differentially private collaborative filtering techniques.According to the deployments of privacy-preserving mechanisms,the existing approaches can be divided into three main categories: server-side mechanisms,client-side mechanisms,and the client-server collaborative mechanisms.However,these mechanisms each has its own problems.For the server-side mechanisms,they assume that different users are independent to each other.However,there are situations when the relations between users need to be over-perturbed,when the recommendations are greatly influenced by users' relationship with other users.In these situations,the server-side mechanisms cannot provide accurate recommendation.For the client-side mechanisms,they perturb users' historical data according to the similarity between items.However,most of them do not take into consider the difference between the priori and posterior knowledge of the attackers,thus suffer from inference attacks.For the client-server collaborative mechanisms,they perturb users' data at the client-side,and then perturb the intermediate results of recommendation computation at the server-side.However,this two-times perturbation will greatly decrease the recommendation accuracy.To address the above mentioned problems,in this thesis,we carry out our research from three aspects.Firstly,we propose a graph-link analysis based server-side protection mechanism for relation-based collaborative filtering.Within this mechanism,we refine the constraint conditions which describe the recommending scenario and define individual privacy.Based on this refinement,we further prove the monotonicity of the recommendation utility function,and improve the perturbation method,so at to enhance recommendation accuracy.Secondly,we propose a bayesian theory-based client-side protection mechanism,which prevents inference attack by limiting the difference between attackers' priori and posterior knowledge.Moreover,we maximize the level of achieved privacy by using a nonlinear programming method,subject to the constraint of ensuring the utility requirements of users.Lastly,we propose a collaborative protection mechanism satisfying local differential privacy.On the one hand,this mechanism perturbs users' historical data at the client-side by using randomized response technique,which can be proved to satisfy differential privacy.On the other hand,this mechanism reconstructs the statistical characteristics of each item and the correlation characteristics of any two items at the serverside by using the unbiased estimation method,and enhances the recommendation accuracy according to the reconstructed results.Based on the afore-mentioned theoretical results,we propose a differentially private prototype collaborative filtering system,which has been deployed for testing on Fanfou social networking.This thesis addresses the privacy problems in collaborative filtering,and proposes improvements for existing protection mechanisms,including the server-side,client-side,and client-server collaborative mechanisms.Compared with existing methods,the proposed privacy-preserving techniques can achieve better trade-off between individual privacy and recommendation accuracy.This implies great significance for both applications of collaborative filtering and researches in privacy protection. |
PDF Full Text Request