网络与信息安全学报 (Jun 2023)

Adaptive selection method of desensitization algorithm based on privacy risk assessment

  • Lijun ZU, Yalin CAO, Xiaohua MEN, Zhihui LYU, Jiawei YE, Hongyi LI, Liang ZHANG

DOI
https://doi.org/10.11959/j.issn.2096-109x.2023037
Journal volume & issue
Vol. 9, no. 3
pp. 49 – 59

Abstract

Read online

The financial industry deals with a vast amount of sensitive data in its business operations.However, the conventional approach of binding financial data for desensitization and using desensitization algorithms is becoming inefficient due to the fast-paced growth of financial businesses and the proliferation of data types.Additionally, manual verification and assessment of desensitized data by security experts are time-consuming and may carry potential privacy risks due to the improper selection of desensitization algorithms.While prior research has emphasized desensitization methods and privacy-preserving technologies, limited work has been conducted on desensitization algorithms from the perspective of automation.To address this issue, an adaptive recommendation framework was propose for selecting desensitization strategies that consider various factors, such as existing privacy protection technologies, data quality requirements of business scenarios, security risk requirements of financial institutions, and data attributes.Specifically, a dual-objective evaluation function was established for privacy risk and data quality to optimize the selection of desensitization algorithm parameters for different algorithms.Furthermore, the desensitization algorithm and parameters were adaptively selected by considering the data attributes through a multi-decision factor system and desensitization effect evaluation system.Compared to traditional approaches, the proposed framework effectively tackle issues of reduced data usability and inadequate personal data privacy protection that derive from manual intervention.Testing on a dataset with multiple financial institution types, the experiments show that the proposed method achieves a recommendation accuracy exceeding 95%, while the desensitized privacy risk level differed by less than 10% from the expected level.Additionally, the recommendation efficiency is 100 times faster than expert manual processing.

Keywords