(IJCNS) International Journal of Computer and Network Security, 145

Vol. 2, No. 10, 2010

Evaluating Clustering Performance for the Protected

Data using Perturbative Masking Techniques in
Privacy Preserving Data Mining
S.Vijayarani1, Dr.A.Tamilarasi2
1,
School of Computer Science and Engg.,
Bharathiar University, Coimbatore, Tamilnadu,India
vijimohan_2000@yahoo.com
2
Dept. of MCA, Kongu Engg. College, Erode, Tamilnadu, India
drtamil@kongu.ac.in

Abstract- Privacy Preserving Data Mining has become very
popular for protecting the confidential knowledge which was
extracted from the data mining techniques. Privacy preserving
data mining is nothing but the study of how to produce valid
mining models and patterns without disclosing private
information. Several techniques are used for protecting the
sensitive data. Some of them are statistical, cryptographic,
randomization, k-anonymity model, l-diversity and etc. In this
work, we have analyzed the two statistical disclosure control
techniques i.e additive noise and micro aggregation. We have
examined the clustering performance of additive noise and
micro aggregation techniques. The experimental results show
that the clustering performance of additive noise technique is
comparatively better than micro aggregation.
Keywords- Data Perturbation, Micro Aggregation, Additive
Noise, K-means clustering
1. Introduction
The problem of privacy-preserving data mining has become
more important in recent years because of the increasing
ability to store personal data about users, and the increasing
sophistication of data mining algorithms to leverage this
information. Many data mining applications such as
financial transactions, health-care records, and network
communication traffic are deal with private sensitive data.
Data is an important asset to business organization and
governments for decision making by analyzing it. Privacy
regulations and other privacy concerns may prevent data
owners from sharing information for data analysis. In order
to share data while preserving privacy data owner must
come up with a solution which achieves the dual goal of
privacy preservation as well as accurate data mining result.
The main consideration in privacy preserving data mining is
twofold. First, sensitive raw data like identifiers, names,
addresses and the like should be modified or trimmed out
from the original database. Second, sensitive knowledge
which can be mined from a database by using data mining
algorithms should also be excluded, because such knowledge
can equally well compromise data privacy.
The main objective in privacy preserving data mining is to
develop algorithms for modifying the original data in some
way, so that the private data and private knowledge remain
private even after the mining process [8]. Data modification
is one of the privacy preserving techniques used to modify
the sensitive or original information available in the
database that needs to be released to the public. It ensures
high privacy protection.
The rest of this paper is organized as follows. In Section 2,
we present an overview of micro data and masking
techniques. Section 3 discusses different types of micro data
protection techniques. Additive noise and micro aggregation
techniques are discussed in section 4. Section 5 gives the
performance results of additive noise and micro aggregation.
Conclusions are given in Section 6.
2. Micro Data
Protecting static individual data is called micro data. It can
be represented as tables. It consists of tuples (records) with
values from a set of attributes. A micro data set V is a file
with n records, where each record contains m attributes on
an individual respondent [3]. The attributes can be classified
in four categories which are not necessarily disjoint:
Ø Identifiers. These are attributes that unambiguously
identify the respondent. Examples are the passport
number, social security number, name surname, etc.
Ø Quasi-identifiers or key attributes. These are attributes
which identify the respondent with some degree of
ambiguity. Examples are address, gender, age,
telephone number, etc.
Ø Confidential outcome attributes. These are attributes
which contain sensitive information on the respondent.
Examples are salary, religion, political affiliation,
health condition, etc.
Ø Non-confidential outcome attributes. Those attribute
which do not fall in any of the categories above.
146
3. Classification of micro data protection
techniques (MPTs) [3]
Figure 1. Micro-data Protection Techniques
3.1 Masking Techniques
Protecting sensitive data is a very significant issue in the
government, public and private bodies. Masking techniques
are used to prevent confidential information in the table.
Masking techniques can operate on different data types.
Data types can be categorized as follows.
Ø Continuous. An attribute is said to be continuous if it is
numerical and arithmetic operations are defined on it.
For instance, attributes age and income are continuous
attributes.
Ø Categorical. An attribute is said to be categorical if it can
assume a limited and specified set of values and
arithmetic operations do not have sense on it. For
instance, attributes marital status and sex are
categorical attributes.
Masking techniques are classified into two categories
Ø Perturbative
Ø Non- Perturbative
3.1.1 Perturbative Masking
Perturbation is nothing but altering an attribute value by a
new value. The data set are distorted before publication.
Data is distorted in some way that affects the protected data
set, i.e. it may contain some errors. In this way the original
dataset may disappear and new unique combinations of data
items may appear in the perturbed dataset; in perturbation
method statistics computed on the perturbed dataset do not
differ from the statistics obtained on the original dataset [3].
Some of the perturbative masking methods are,
Ø Micro aggregation
Ø Rank swapping
Ø Additive noise
Ø Rounding
Ø Resampling
Ø PRAM
(IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 10, 2010
Ø MASSC etc.
3.1.2 Non-Perturbative Masking
Non-perturbative techniques produce protected microdata by
eliminating details from the original microdata. Some of the
Non-perturbative masking methods are
Ø Sampling
Ø Local Suppression
Ø Global Recoding
Ø Top-Coding
Ø Bottom-Coding
Ø Generalization
3.2 Synthetic Techniques
The original set of tuples in a microdata table is replaced
with a new set of tuples generated in such a way to preserve
the key statistical properties of the original data. The
generation process is usually based on a statistical model
and the key statistical properties that are not included in the
model will not be necessarily respected by the synthetic data.
Since the released micro data table contains synthetic data,
the re-identification risk is reduced. The techniques are
divided into two categories: fully synthetic techniques and
partially synthetic techniques. The first category contains
techniques that generate a completely new set of data, while
the techniques in the second category merge the original
data with synthetic data.
3.2.1 Fully Synthetic Techniques
Ø Bootstrap
Ø Cholesky Decomposition
Ø Multiple Imputation
Ø Maximum Entropy
Ø Latin Hypercube Sampling
3.2.2 Partially Synthetic Techniques
Ø IPSO (Information Preserving Statistical
Obfuscation)
Ø Hybrid Masking Random Response
Ø Blank and Impute
Ø SMIKe (Selective Multiple Imputation of Keys)
Ø Multiply Imputed Partially Synthetic Dataset [3]
4. Analysis of the SDC techniques
The main steps involved in this work are,
• Sensitive numerical data item is selected from the
database
• Modifying the sensitive data item using micro
aggregation and additive noise
• Analyzing the statistical performance
• Analyzing the accuracy of privacy protection
• Evaluating the clustering accuracy
 (IJCNS) International Journal of Computer and Network Security, 147
4.1 Micro aggregation
Micro aggregation is an SDC technique consisting in the
aggregation of individual data. It can be considered as an
SDC sub-discipline devoted to the protection of the micro
data. Micro aggregation can be seen as a clustering problem
with constraints on the size of the clusters. It is somehow
related to other clustering problems (e.g., dimension
reduction or minimum squares design of clusters). However,
the main difference of the micro aggregation problem is that
it does not consider the number of clusters to generate or the
number of dimensions to reduce, but only the minimum
number of elements that are grouped in the same cluster [9].
Any type of data, micro aggregation can be operationally
defined in terms of the following two steps:
Ø Partition: The set of original records is partitioned into
several clusters in such a way that records in the same
cluster are similar to each other and so that the number
of records in each cluster is at least k.
Ø Aggregation: An aggregation operator (for example, the
mean for continuous data or the median for categorical
data) is computed for each cluster and is used to replace
the original records. In other words, each record in a
cluster is replaced by the cluster’s prototype.
From an operational point of view, micro aggregation
applies
Ø A clustering algorithm to a set of data obtaining a set of
clusters. Formally, the algorithm determines a partition
of the original data. Then, micro aggregation proceeds
by calculating a cluster representative for each cluster
finally,
Ø Each original datum is replaced by the corresponding
cluster representative [7]
After modifying the values the k means algorithm is applied
to find, whether the original value and the modified value in
the micro aggregation table are in the same cluster.
4.2. Additive Noise
It perturbs a sensitive attribute by adding or by multiplying
it with a random variable with a given distribution. [2]
Ø Masking by uncorrelated noise addition
The vector of observations xj for the j-th attribute of the
original dataset Xj is replaced by a vector
zj = xj +εj
where εj is a vector of normally distributed errors drawn
from a random variable εj ∼ N(0, σ2εj ), such that Cov(εt, εl)
= 0 for all t ≠ l. This does not preserve variances nor
correlations.
Ø Masking by correlated noise addition.
Vol. 2, No. 10, 2010
Correlated noise addition also preserves means and
additionally allows preservation of correlation coefficients.
The difference with the previous method is that the
covariance matrix of the errors is now proportional to the
covariance matrix of the original data, i.e. ε ∼ N(0,Σε),
where Σε = αΣ.
In this work we have used the given additive noise
algorithm.
• Consider a database D consists of T tuples.
D={t1,t2,…tn}. Each tuple in T consists of set of
attributes T={A1,A2,…Ap} where Ai Є T and Ti Є D
• Identify the sensitive or confidential numeric attribute AR
n
• Calculate the mean ΣARi
i=1
• Initialize countgre=0 and countmin=0
• If ARi>=mean then
{
Store these numbers separately
group1= ARi (i=1,..n)
countgre=coungre+1
}
• else if ARi <mean then
{
Store these numbers separately
group2= ARi (i=1,..n)
countmin=countmin+1
}
• Calculate the noise1 value as 2*mean/countgre
• Calculate the noise2 value as 2*mean/countmin
• Subtract the noise1 value from each data item in group1
• Add the noise2 value to each data item in group2
• Now release the new modified sensitive data
• In the modified data find out the mean value which is
same as the original
• Adding the noise1 and noise2 produce the result as 0.
5. Experimental Results
In order to conduct the experiments, synthetic employee
dataset can be created with 500 records. From this dataset,
we select the sensitive numeric attribute, income. Additive
noise and micro aggregation techniques are used for
modifying the attribute income.
The following performance factors are considered for
evaluating the two techniques
5.1 Statistical Calculations
The statistical properties mean, standard deviation and
variance of modified data can be compared with the original
data. Both the techniques were produced the same results.
148 (IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 10, 2010

with the modified clusters. The additive noise modified data

set clustering is same as the original clustering.

Figure 2. Statistical Performance

5.2. Privacy Protection

In order to verify the privacy protection, we have analyzed
whether all the sensitive data items are modified or not.
From the results, we know that, there is a 100% privacy
protection.
Figure 4.Accuracy of additive noise and micro aggregation.
6. Conclusions
Preserving privacy in data mining activities is a very
important issue in many applications. In this paper, we have
analyzed micro aggregation and additive noise perturbative
masking techniques in privacy preserving data mining.
Micro aggregation and additive noise performance are good
in statistical calculations and privacy protection. Then we
have used the modified dataset for clustering, the results
show that the additive noise technique is comparatively
better than micro aggregation.

ACKNOWLEDGEMENT

I would like to thank “The UGC, New Delhi” for providing

me the necessary funds.

Figure 3. Data Modification References

5.3 Accuracy of Clustering
Ø K-Means Clustering Algorithm
The k-means algorithm for partitioning, where each
cluster’s center is represented by the mean value of the
objects in the cluster
Input
• K : the number of clusters
• D : a data set containing n objects
Output: Set of k clusters
Method
• arbitrarily choose k objects from D as the initial
cluster centers;
• Repeat
• (re)assign each object to the cluster to which the
object is the most similar, based on the mean value
of the objects in the cluster
• Update the cluster means, i.e. calculate the mean
value of the objects for each cluster
• Until no change
In order to verify the clustering accuracy we have used k-
means clustering algorithm. Original clusters are compared
[1] Brand R (2002). “Micro data protection through noise
addition”. In Domingo-Ferrer J, editor, Inference
Control in Statistical Databases, vol. 2316 of LNCS,pp.
97{116. Springer, Berlin Heidelberg.
[2] Charu C.Aggarwal IBM T.J. Watson Research Center,
USA and Philip S. “Privacy preserving data mining:
Models and algorithms” Yu University of Illinois at
Chicago, USA.
[3] Ciriani, S.De Capitani di Vimercati, S.Foresti, and
P.Samarati “Micro data protection” © Springer US,
Advances in Information Security (2007)
[4] Feng LI†, Jin MA, Jian-hua LI (School of Electronic
Information and Electrical Engineering,“ Distributed
anonymous data perturbation method for privacy-
preserving data mining”. Shanghai Jiao Tong
University, Shanghai 200030, China).
[5] G. R. Sullivan. The Use of Added Error to Avoid
Disclosure in Microdata Releases. PhD thesis, Iowa State
University, 1989.
[6] J. J. Kim. A method for limiting disclosure in microdata
based on random noise and transformation. In
Proceedings of the Section on Survey Research Methods,
pages 303–308, Alexandria VA, 1986. American
Statistical Association.
[7] Vicen c Torra “Constrained micro aggregation: Adding
constraints for Data Editing” IIIA - Artificial
Intelligence Research Institute, CSIC - Spanish Council
 (IJCNS) International Journal of Computer and Network Security, 149
Vol. 2, No. 10, 2010

for Scientific Research, Campus UAB s/n, 08193

Bellaterra (Catalonia, Spain).
[8] Vassilios S. Veryhios, Elisa Bertino, Igor Nai Fovino
Loredana Parasiliti Provenza, Yucel Saygin,
Yanniseodoridis, “State-of-the-art in Privacy Preserving
Data Mining”, SIGMOD Record, Vol. 33, No. 1, March
2004.
[9] Xiaoxun Sun1 Hua Wang1 Jiuyong Li2 “Microdata
Protection Through Approximate Microaggregation”
2009, Australian Computer Society, Inc. Thirty-Second
Australasian Computer Science Conference
(ACSC2009), Wellington, New Zealand. Conferences in
Research and Practice in Information Technology
(CRPIT), Vol. 91. Bernard Mans, Ed.

Authors Profile

Mrs. S.Vijayarani has completed MCA and

M.Phil in Computer Science. She is working
as Assistant Professor in the School of
Computer Science and Engineering,
Bharathiar University, Coimbatore. She is
currently pursuing her Ph.D in the area of
privacy preserving data mining. She has
published two papers in international journal
and presented six research papers in
international and national conferences.

Dr. A.Tamilarasi is a Professor and Head in

the Departmentof MCA, Kongu Engineering
College, Perundurai. She has supervised a
number of Ph.D students. She has published a
number of research papers in national and
international journals and conference
proceedings.