diff-priv 0.1.0

k-anonymity, (c,l)-diversity and ε-differential privacy framework
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275

use crate::analysis::analyser::Analyser;
use crate::analysis::cluster_analyser::ClusterAnalyser;
use crate::analysis::disclosure_risk_analyser::DisclosureRiskAnalyser;
use crate::analysis::mse_analyser::MseAnalyser;
use crate::analysis::publishing_delay_analyser::PublishingDelayAnalyser;
use crate::analysis::sse_analyser::SseAnalyser;
use crate::anonymization::cluster::Cluster;
use crate::data_manipulation::anonymizable::{Anonymizable, QuasiIdentifierType};
use crate::noise::noiser::Noiser;
use crate::publishing::publisher::Publisher;
use rayon::prelude::*;
use std::collections::BTreeMap;
use std::sync::Mutex;
use std::time::{SystemTime, UNIX_EPOCH};

// the micro aggregation differential privacy anonymization
pub struct MicroaggAnonymizer<N, A, P>
where
    N: Noiser,
    A: Anonymizable,
    P: Publisher,
{
    k: usize,           // k-anonymity level
    k_max: usize,       // maximum k-anonymity level before cluster is removed
    l: usize,           // l-diversity level
    c: i32,             // recursive (l,c)-diversity
    delta: u128,        // life time delta in seconds
    diff_thres: f64,    // difference threshold between data points
    buffer_size: usize, // batch of data used to detect concept drift
    pub publisher: P,
    pub cluster_set: BTreeMap<u128, Cluster<A, N>>,
    pub noiser: N,
    pub analysers: Vec<Analyser<A>>,
}

#[allow(clippy::too_many_arguments)]
impl<N, A, P> MicroaggAnonymizer<N, A, P>
where
    N: Noiser,
    A: Anonymizable,
    P: Publisher,
{
    pub fn new(
        k: usize,
        k_max: usize,
        l: usize,
        c: i32,
        diff_thres: f64,
        delta: u128,
        buffer_size: usize,
        publisher: P,
        noiser: N,
    ) -> Self {
        let analysers = vec![
            Analyser::Mse(MseAnalyser::default()),
            Analyser::Sse(SseAnalyser::default()),
            Analyser::PublishingDelay(PublishingDelayAnalyser::default()),
            Analyser::ClusterAnalyser(ClusterAnalyser::default()),
            Analyser::DisclosureRiskAnalyser(DisclosureRiskAnalyser::initialize(100)),
        ];
        Self {
            k,
            k_max,
            l,
            c,
            diff_thres,
            delta: delta * 1000000000,
            buffer_size,
            publisher,
            cluster_set: Default::default(),
            noiser,
            analysers,
        }
    }

    /// feed the data tuple through the differential privacy algorithm
    pub fn anonymize(&mut self, value: A) {
        // Borrowing the right cluster caused multiple ownership problems as we borrow
        // self mutable and immutable.
        debug!("cluster count: {}", self.cluster_set.len());
        match self.find_best_cluster(&value) {
            // create new cluster
            None => {
                info!("new cluster created");
                let mut cluster = self.create_new_cluster();

                cluster.add_tuple(value);
                let now = SystemTime::now().duration_since(UNIX_EPOCH).unwrap();
                self.cluster_set.insert(now.as_nanos(), cluster);
                self.analysers.iter_mut().for_each(|analyser| {
                    if let Analyser::ClusterAnalyser(cluster_analyser) = analyser {
                        cluster_analyser.add_count()
                    }
                })
            }
            Some(mut cluster) => {
                info!("cluster found");
                // check life time and change cluster
                if cluster.check_cluster_life_time() >= self.delta {
                    cluster.publish_all(&mut self.publisher, &mut self.analysers);
                    cluster = self.create_new_cluster();
                    info!("cluster life time delta exceeded")
                }

                cluster.add_tuple(value);

                // publishing value when k-anon level is met
                if cluster.w_current.buffer.len() == self.k {
                    cluster.publish_all(&mut self.publisher, &mut self.analysers);
                    info!("k-level is met published all")
                } else if self.k < cluster.w_current.buffer.len()
                    && cluster.w_current.buffer.len() <= self.k_max + 1
                {
                    // if the cluster contains at least k records
                    cluster.publish(&mut self.publisher, &mut self.analysers);
                    info!("publishing")
                }

                // check if the w_current is full (max size of buffer)
                // and reuse the buffer if concept drift is not detected
                if cluster.is_full() {
                    info!("cluster is full, checking concept drift");
                    cluster.detect_concept_drift()
                }

                // we removed the cluster in the find best cluster method
                // we need to insert it again
                match cluster.complete_buffer_amount > self.k_max {
                    true => {
                        cluster.publish_all(&mut self.publisher, &mut self.analysers);
                        info!("cluster is full removing..");
                        cluster.print_domain_qis().into_iter().enumerate().for_each(
                            |(index, domain)| match domain {
                                (
                                    QuasiIdentifierType::Integer(min),
                                    QuasiIdentifierType::Integer(max),
                                ) => {
                                    debug!("QI {}| min: {:?}| max: {:?}", index + 1, min, max)
                                }
                                (
                                    QuasiIdentifierType::Float(min),
                                    QuasiIdentifierType::Float(max),
                                ) => {
                                    debug!("QI {}| min: {:?}| max: {:?}", index + 1, min, max)
                                }
                                _ => panic!("wrong QI"),
                            },
                        );
                        // cluster has already been removed from cluster_set
                        // and it does not need to be added again
                        self.analysers.iter_mut().for_each(|analyser| {
                            if let Analyser::ClusterAnalyser(cluster_analyser) = analyser {
                                cluster_analyser.remove_count()
                            }
                        })
                    }
                    false => {
                        // add the cluster again at its arrival time into the cluster,
                        // if there already is another cluster there change the arrival time
                        // and try again
                        while self.cluster_set.contains_key(&cluster.last_arrival) {
                            let now = SystemTime::now()
                                .duration_since(UNIX_EPOCH)
                                .unwrap()
                                .as_nanos();
                            cluster.last_arrival = now
                        }
                        self.cluster_set.insert(cluster.last_arrival, cluster);
                    }
                };
            }
        }
    }

    /// finding best cluster looking at the threshold
    /// Some -> use cluster for further building
    /// None -> create new cluster
    /// TODO: create a check here for old cluster so that the looping through the cluster_set
    /// is only done once, here we can improve massively on speed to use async to publishing the cluster set concurrently while
    /// looping further maybe?
    fn find_best_cluster(&mut self, value: &A) -> Option<Cluster<A, N>> {
        // remove the cluster from self and return it
        let mut best_cluster: Option<Cluster<A, N>> = None;
        let best_cluster_key: Mutex<Option<u128>> = Mutex::new(None);
        let least_info_loss: Mutex<Option<f64>> = Mutex::new(None);

        self.cluster_set.par_iter().for_each(|(key, a)| {
            if a.centroid.calculate_difference(value) <= self.diff_thres {
                let info_loss = value.calculate_info_loss(&a.centroid);
                let mut least_info = least_info_loss.lock().unwrap();
                match *least_info {
                    None => {
                        *least_info = Some(info_loss);
                        *best_cluster_key.lock().unwrap() = Some(*key)
                    }
                    Some(current_info_loss) => {
                        if info_loss < current_info_loss {
                            *least_info = Some(info_loss);
                            *best_cluster_key.lock().unwrap() = Some(*key)
                        }
                    }
                }
            }
        });

        // remove the key from the hashmap and set the best_cluster
        // variable
        if let Some(key) = *best_cluster_key.lock().unwrap() {
            best_cluster = self.cluster_set.remove(&key);
        }

        best_cluster
    }

    /// create new cluster
    fn create_new_cluster(&self) -> Cluster<A, N> {
        Cluster::new(
            self.k,
            self.l,
            self.c,
            self.buffer_size,
            self.noiser.clone(),
        )
    }
}

#[cfg(test)]
mod tests {
    use super::MicroaggAnonymizer;
    use crate::data_manipulation::mueller::MuellerStream;
    use crate::noise::laplace::laplace_noiser::LaplaceNoiser;
    use crate::test::dummy_publisher::DummyPublisher;

    #[test]
    fn find_best_cluster() {
        let noiser = LaplaceNoiser::new(0.1, 3, 0.1);
        let publisher = DummyPublisher::default();
        let mut anonymizer: MicroaggAnonymizer<LaplaceNoiser, MuellerStream, DummyPublisher> =
            MicroaggAnonymizer::new(2, 10, 2, 2, 0.65, 10, 5, publisher, noiser);

        let mueller1 = MuellerStream {
            age: Some(30),
            gender: Some("male".to_string()),
            ..MuellerStream::default()
        };

        assert!(anonymizer.find_best_cluster(&mueller1).is_none());

        anonymizer.anonymize(mueller1);

        assert_eq!(anonymizer.cluster_set.len(), 1);

        let mueller2 = MuellerStream {
            age: Some(30),
            gender: Some("male".to_string()),
            ..MuellerStream::default()
        };

        assert!(anonymizer.find_best_cluster(&mueller2).is_some());

        anonymizer.anonymize(mueller2);

        let mueller3 = MuellerStream {
            age: Some(50),
            gender: Some("female".to_string()),
            ..MuellerStream::default()
        };

        assert_eq!(anonymizer.cluster_set.len(), 1);

        anonymizer.anonymize(mueller3);

        assert_eq!(anonymizer.cluster_set.len(), 2)
    }
}