A Two-Phase Algorithm for Differentially Private Frequent Subgraph Mining

3.1. Differential Privacy

Differential privacy [2] has become a de facto principle for privacy-preserving data analysis. In general, it requires an algorithm to be insensitive to the changes in any individual’s record. Two databases D₁, D₂ are considered as neighboring databases iff they differ by at most one input record (by adding or removing an individual record). Formally, differential privacy is defined as follows.

Definition 1. (ϵ-differential privacy). A randomized algorithm $\mathcal{A}$ satisfies ϵ-differential privacy iff for any neighboring databases D₁ and D₂, and for any possible output S ∈ Range($\mathcal{A}$),

A fundamental concept for achieving differential privacy is sensitivity [11]. It is used to measure the largest difference in the outputs over any two neighboring databases.

Definition 2. (Sensitivity). For any function $f:D\to {\mathbb{R}}^n$, and any neighboring databases D₁ and D₂, the sensitivity of f is:

Laplace mechanism [11] is a widely used approach for designing algorithms to achieve differential privacy. It adds random noise drawn from the Laplace distribution to the true outputs of a function. The Laplace distribution with magnitude λ, i.e., Lap(λ), follows the probability density function as $\text{Pr}[x\mid \lambda ]=\frac{1}{2\lambda }{e}^{-\mid x\mid ∕\lambda }$, where $\lambda =\frac{\Delta f}{ϵ}$ is determined by the sensitivity Δf and the privacy budget ϵ.

Theorem 1. For any function $f:D\to {\mathbb{R}}^n$ with sensitivity Δf, the algorithm $\mathcal{A}$

achieves ϵ-differential privacy.

Another widely adopted mechanism for designing algorithms to achieve differential privacy is exponential mechanism [6]. Given the whole output space, the exponential mechanism assigns each possible output a utility score, and draw a sample from the output space based on the assigned utility scores.

Theorem 2. For a database D, output space $\mathcal{R}$ and a utility score function $u:D\times \mathcal{R}\to \mathbb{R}$, the algorithm $\mathcal{A}$

satisfies ϵ-differential privacy, where Δu is the sensitivity of the utility score function.

As proved in [11], a sequence of differentially private computations also satisfies differential privacy. This is called the composition property of differential privacy.

Theorem 3. (Sequential Composition). Let f₁, … f_t be t computations, each provides ϵ_i-differential privacy. A sequence of f_i(D) over database D provides (Σϵ_i)-differential privacy.

Theorem 4. (Parallel Composition). Let f₁, …, f_t be t computations, each provides ϵ_i-differential privacy. A sequence of f_i (D_i) over disjoint databases D₁, …, D_t provides max(ϵ_i)-differential privacy.

3.2. Frequent Subgraph Mining

A graph G = (V, E) consists of a set of vertices V and a set of edges E. Each vertex is associated with a label, which is drawn from a set of vertex labels. The label of each vertex is not required to be unique and multiple vertices can have the same label. The size of a graph is defined to be the number of edges in this graph. A graph is called an i-graph if its size is i. Take the graph G₁ in Fig. 1 as an example. Since G₁ has 5 edges, G₁ is a 5-graph. In this paper, we consider that each edge in a graph is undirected and not associated with a label. However, our solution can be extended to the case of graphs with directed and labeled edges.

Suppose there are two graphs G_x = (V_x, E_x) and G_y = (V_y, E_y). Let L(u) denote the label of vertex u. We say that G_x is contained in G_y if there exists a function f: V_x → V_y, such that, ∀ (u, v) ∈ E_x, we have (f(u), f(v)) ∈ E_y, L(u) = L(f(u)) and L(v) = L(f(v)). If G_x is contained in G_y, we say that G_x is a subgraph of G_y, and G_y is a supergraph of G_x, denoted by G_x ⊆ G_y. For the collection D of graphs in Fig. 1, it’s not hard to find that G₂ is a subgraph of G₁ and G₁ is a supergraph of G₂ (i.e., G₂ ⊆ G₁).

A graph database is a collection of graphs, where each graph represents an individual record. The support of a subgraph is the number of input graphs containing it. Given a threshold, a subgraph is called frequent if its support is no less than this threshold. Fig. 1 shows a frequent 3-subgraph in D for the given threshold 2. The problem of frequent subgraph mining (FSM) can be formalized as follows.

Definition 3. (Frequent Subgraph Mining). Given a graph database D and a threshold θ, frequent subgraph mining (FSM) aims to find all frequent subgraphs that have support no less than θ in D, and also report the support of each frequent subgraph.

In FSM, to count the support of graphs, a basic operation is to determine whether a graph is a subgraph (or supergraph) of another graph. The computational problem of determining whether a graph is a subgraph (or supergraph) of another graph is called the subgraph isomorphism problem. The subgraph isomorphism problem is known to be NP-complete [26]. Therefore, the FSM problem is also NP-complete.

FSM takes as input a graph database consisting of the records (e.g., trajectory graphs) contributed by a group of individuals, and produces as output the frequent subgraphs and their supports. However, releasing such results directly may pose considerable threat to individuals’ privacy. In this paper, we adopt differential privacy to solve this problem, and study the differentially private FSM problem. In the context of differentially private FSM, we consider two graph databases as neighboring databases iff they differ by at most one input record (i.e., graph). By applying differential privacy in FSM, adversaries cannot infer the presence or absence of any individual record from the results. Therefore, the privacy of individuals can be protected through the results.

3.3. Notations

We summarize the commonly used notations in this paper in Table 1.

Privacy Analysis.

Let Q_i denote the support computations of the candidate i-subgraphs. The amount of noise added to the support of candidate i-subgraphs is determined by the allocated privacy budget and the sensitivity of Q_i. Here, we denote the sensitivity of Q_i by Δ_i. In particular, since the maximum size of frequent subgraphs is M_g, we uniformly assign Q_i a privacy budget $\frac{ϵ}{M_g}$. Moreover, since a single input graph can affect the support of each candidate i-subgraph by at most one, the sensitivity of Q_i (i.e., Δ_i) is the number of candidate i-subgraphs. Thus, adding Laplace noise $Lap(\frac{M_g\times {\Delta }_i}{ϵ})$ in Q_i achieves $\frac{ϵ}{M_g}-\text{differential}$ privacy. Overall, the mining process can be considered as a series of computations Q₁,Q₂, …, Q_Mg. Based on the sequential composition property [11], this approach satisfies ϵ-differential privacy.

Limitation.

The above approach, however, results in poor performance. The main reason can be explained as follows. In this approach, the amount of perturbation noise is proportional to the number of generated candidate subgraphs. During the mining process, a large number of candidate subgraphs are generated, which leads to a large amount of noise added to the support of each candidate subgraph. As a result, the utility of the results is drastically decreased.

To make FSM satisfy ϵ-differential privacy, another potential approach is to leverage the exponential mechanism. Specifically, for mining frequent i-subgraphs, we can first utilize the exponential mechanism to privately select subgraphs from the candidate i-subgraphs, and then compute the noisy support of each selected subgraph. In this way, the amount of perturbation noise is just proportional to the number of selected subgraphs. However, it is hard to know how many subgraphs we need to select from the candidate i-subgraphs (i.e., the number of frequent i-subgraphs). Moreover, in the mining process, a large number of candidate subgraphs are generated. It causes a large candidate set from which this approach has to select, making the selections inaccurate.

In the following four sections, we will introduce our DFG algorithm, which utilizes both the Laplace mechanism and the exponential mechanism to improve the utility of the results.

6.1. Binary Estimation Method

Given the candidate i-subgraphs, to estimate the number of frequent i-subgraphs, a simple method is to perturb the support of each candidate subgraph, and count the number of candidate subgraphs which have noisy support above the threshold. However, as shown in Sec. 4, it will cause a large perturbation noise.

Inspired by the method proposed in [8] for estimating the maximum size of frequent itemsets, we propose a binary estimation method to estimate the number of frequent i-subgraphs. Both of the binary estimation method and the method proposed in [8] use the idea of binary search to reduce the amount of added noise. Alg. 2 shows the details of our binary estimation method. It has O(|C_i| · ⌈log₂|C_i|⌉) time complexity, where |C_i| is the number of candidate i-subgraphs. In Alg. 2, we first obtain the noisy support of the candidate i-subgraph with the m-th largest support, where m = ⌊(|C_i|−1)/2⌋ (line 5). If this noisy support is larger than the threshold, it means the candidate i-subgraphs in the upper half are all above the threshold, and we only need to consider the candidate i-subgraphs in the lower half in the next iteration. Similarly, if this noisy support is smaller than the threshold, we only need to further search the candidate i-subgraphs in the upper half in the next iteration. This process continues until the number of candidate i-subgraphs that have noisy support above the threshold is determined.

Theorem 5. The binary estimation method (i.e., Algorithm 2) satisfies ϵ_b-differential privacy.

Proof. In our binary estimation method, we first obtain the noisy support of the candidate i-subgraph with the m-th

largest support, where m = ⌊(|C_i|−1)/2⌋ and |C_i| is the number of candidate i-subgraphs. Since adding (removing) an input graph can affect the result of such computation by at most one, the sensitivity of such computation is one. Thus, adding Laplace noise Lap(⌈log₂ |C_i|⌉/ϵ_b) in this computation satisfies (ϵ_b/⌈log₂ |C_i|⌉)-differential privacy.

In this method, like the binary search, we only need to obtain the support of at most ⌈log₂ |C_i| candidate i-subgraphs. Based on the sequential composition property [11], we can see our binary estimation method satisfies ϵ_b-differential privacy. ◻

6.2. Conditional Exponential Method

After getting the estimated number of frequent i-subgraphs, to identify frequent i-subgraphs from candidate i-subgraphs, a simple method is to directly use exponential mechanism to select frequent graphs from candidate subgraphs. However, this simple method might result in poor performance. The reason is explained as follows. For real-world datasets, the number of real frequent subgraphs is typically much smaller then that of candidate subgraphs generated by using the downward closure property, which makes the selections of real frequent subgraphs inaccurate. To solve this problem, we propose a conditional exponential method. The main idea of this method is to use the noisy support of candidate subgraphs to prune those obviously infrequent candidate subgraphs, such that the candidate set can be considerably reduced and the probabilities of selecting real frequent subgraphs can be significantly improved.

Alg. 3 shows the details of the conditional exponential method. It has O(n_i · |C_i|) time complexity, where n_i is the number of frequent i-subgraphs and |C_i| is the number of candidate i-subgraphs. In Alg. 3, we divide the privacy budget ϵ_c into two parts ϵ_c1 and ϵ_c2, which are used to perturb the support of candidate subgraphs and privately select frequent graphs, respectively. Given the candidate i-subgraphs, we first add Laplace noise $Lap(\frac{2n_i}{{ϵ}_{c1}})$ to the true support of each candidate i-subgraph (line 5). Then, we prune those candidate i-subgraphs that have noisy support below the threshold. Next, for each remaining candidate i-subgraph, we use its true support as its utility score. Based on the assigned scores, we

privately select a subgraph from the remaining candidate i-subgraphs, and output it as a frequent i-subgraph (line 11). The above steps iterate until we select n_i subgraphs from the candidate i-subgraphs. Notice that, in this method, we output only the selected i-subgraphs (i.e., the identified frequent i-subgraphs), and do not output their noisy supports.

Theorem 6. The conditional exponential method (i.e., Algorithm 3) satisfies ϵ_c-differential privacy.

Proof. In this method, we first use the noisy support of candidate subgraphs to prune the obviously infrequent candidate subgraphs. Then, we select a subgraph from the remaining candidate subgraphs. Overall, the utility score we assigned to each candidate subgraph can be considered as

where n_i is the number of frequent i-subgraphs, and s_g(D) and ns_g (D) are the true support and noisy support of subgraph g in database D, respectively.

Suppose D₁ and D₂ are two neighboring databases. For each candidate subgraph g, we have −1≤s_g(D₂)-s_g(D₁)≤1. Let $f(g,D)=\text{exp}(\frac{{ϵ}_{c2}\times s_g(D)}{2n_i})$. Then, we can prove that

To prune candidate subgraphs, we add Laplace noise $Lap(\frac{2n_i}{{ϵ}_{c1}})$ to the support of each candidate subgraph. Let noise denote the amount of added noise. Based on the definition of Laplace mechanism, we have

Similarly, we also have

Based on equations (2) and (3), given any subgraph g, for its noisy support ns_g(D₁) = s_g(D₁) + noise in D₁ and its noisy support ns_g(D₂) = s_g(D₂) + noise in D₂, we can prove

That is, we have

Moreover, we can also prove

That is, we also have

In a similar way, we can see that

and

At last, based on equations (1), (4), (5), (6) and (7), we can prove that

Based on the above analysis, we can see that, in our conditional exponential method, selecting a frequent i-subgraph from the candidate i-subgraphs guarantees $\frac{{ϵ}_c}{n_i}-\text{differential}$ privacy. In this method, we iteratively select n_i frequent i-subgraphs from the candidate i-subgraphs without replacement. Based on the sequential composition property [11], this method overall satisfies ϵ_c-differential privacy. ◻

As shown in the proof of Thm. 6, in the conditional exponential method, selecting a frequent i-subgraph from the candidate i-subgraphs satisfies $\frac{{ϵ}_c}{n_i}-\text{differential}$ privacy. It indicates that, the overall amount of added noise in this method is proportional to the number of frequent i-subgraph (i.e., n_i). Notice that, in this method, before each selection of the frequent i-subgraphs, we add Laplace noise to the support of the candidate i-subgraphs for candidate pruning. In particular, the added noise to each candidate i-subgraph (i.e., $Lap(\frac{2n_i}{{ϵ}_{c1}})$) is proportional to n_i, although all the candidate i-subgraphs are involved. The rationale behind it is that, we do not output the noisy supports of the candidate i-subgraphs and use them only for candidate pruning. In addition, as shown in the proof of Thm. 6, adding such amount of noise to each candidate i-subgraph for candidate pruning can make each selection of the frequent i-subgraphs satisfies $\frac{{ϵ}_c}{n_i}-\text{differential}$ privacy.

7.1. Count Accumulation Method

For a path in a given lattice, we propose a count accumulation method to compute the noisy support of the graphs on this path. The main idea is to leverage the inclusion relations between the discovered frequent subgraphs and the parallel composition property of differential privacy to improve the accuracy of the results. Suppose a path p in the lattice contains |p| nodes, and these nodes represent |p| graphs g₁, g₂, …, g_|p|, where g₁ ⊆ g₂ … ⊆ g_|p|. For the input database D, we can utilize these |p| graphs to divide D into mutually disjoint subdatabases. Specifically, as shown in Fig. 4, we first divide D into two sub-databases based on graph g_|p|: the sub-database D_|p| that is consisted of all the input graphs containing g_|p| and the sub-database $\overline{D_{\mid p\mid }}$ that is consisted of the remaining input graphs. Then, we further divide $\overline{D_{\mid p\mid }}$ based on graph g_|p|−1. This process continues until D is partitioned into |p|+1 mutually disjoint sub-databases $\overline{D_1}$, D₁, …, D_|p|.

For graphs g_j, g_i on p, where j>i, we have g_j⊇g_i. Obviously, if an input graph contains g_j, it also contains g_i. Thus, the input graphs containing g_i are distributed across subdatabases D_|p|, D_|p|−1, …, D_i. Let δ_x be the number of input graphs in D_x. Then, the support of g_i is equal to ${\Sigma }_{k=i}^{\mid p\mid }{\delta }_k$. Thus, based on δ_|p|, δ_|p|−1, …, δ₁, we can derive the support of each graph on p. Suppose the privacy budget allocated to p is ϵ_p. To satisfy differential privacy, we add Laplace noise Lap(1/ϵ_p) to each δ_x, where 1≤x≤|p|.

In the count accumulation method, we divide the input database D into mutually disjoint sub-databases based on the graphs on each path. Such process involves dealing the subgraph isomorphism problem. Therefore, the count accumulation method has exponential time complexity.

Theorem 7. Our count accumulation method guarantees ϵ_p-differential privacy.

Proof. In this method, we compute the noisy values of δ_|p|, δ_|p|−1, …, δ₁. For i from 1 to |p|, as an input graph can affect δ_i by at most one, the sensitivity of computing δ_i is one. Thus, adding Laplace noise Lap(1/ϵ_p) to δ_i satisfies ϵ_p-differential privacy. Moreover, as sub-databases D₁, D₂, …, D_|p| are mutually disjoint, by the parallel composition property [11], the privacy budgets used in computing δ₁, δ₂, …, δ_|p| do not need to accumulate. For the graphs on path p, as their noisy supports are obtained based on the noisy values of δ₁, δ₂, …, δ_|p|, we can safely use them without privacy implications. Therefore, our count accumulation method satisfies ϵ_p-differential privacy. ◻

We will now show that, compared with directly perturbing the support of each graph on a path, our count accumulation method can significantly improve the accuracy of the noisy supports. In particular, we use the noise variance to measure the accuracy of the noisy supports. Continue from the above example, if we directly perturb the support of the | p| graphs on path p, as an input graph can affect the support of a graph by at most one, the sensitivity of computing the support of a graph is one. For each graph on p, we uniformly assign it a privacy budget ϵ_p/|p|, and add noise Lap(|p|/ϵ_p) to its support, which has variance $2\mid p{\mid }^2∕{ϵ}_p^2$. We can see the error of the noisy support of each graph is quadratic to the depth of path p. In contrast, in our count accumulation method, we add Laplace noise Lap(1/ϵ_p) to δ_x (1≤x≤|p|), which has variance $2∕{ϵ}_p^2$. For the i-th graph g_i on path p, its noisy support sup_i is equal to the sum of the noisy values of δ_i, δ_i+1, …, δ_|p|. Since the noise added to δ_i, δ_i+1, …, δ_|p| is generated independently, the noise variance of sup_i is the sum of the noise variances of δ_i, δ_i+1, …, δ_|p|, which is $2(\mid p\mid -i+1)∕{ϵ}_p^2$. We can see, in our count accumulation method, the error of the noisy support of a graph is proportional to the depth of this graph on path p. Thus, our count accumulation method can significantly improve the accuracy of the noisy supports.

Given a set of paths which cover all the nodes in the lattice, we can use our count accumulation method to calculate the noisy support of the graphs on each path. When a node in the lattice is covered by more than one path, we will get multiple noisy supports of the graph represented by this node. In this case, similar to [7], we combine the noisy supports of a graph to obtain a more accurate support. Specifically, if a node representing graph g is covered by two paths, we can get two noisy supports of g. Suppose ns_g with variance η and $n{s}_g^{\prime }$ with variance η′ are the two noisy supports of g, we can combine ns_g and $n{s}_g^{\prime }$ to get a more accurate support $\frac{{\eta }^{\prime }\times n{s}_g+\eta \times n{s}_g^{\prime }}{\eta +{\eta }^{\prime }}$ with variance $\frac{\eta \times {\eta }^{\prime }}{\eta +{\eta }^{\prime }}$. If a node representing graph g is covered by more than two paths, we can iteratively combine the noisy supports of g in a similar way.

7.2. Error-aware Path Construction Method

Given a set of paths which cover all the nodes in the lattice, we can utilize the count accumulation method to obtain the noisy support of the graphs on each path. In addition, we can use the noise variance to measure the accuracy of the noisy supports. Assume the set of paths is P = {p₁, p₂, …, p_z} and

the privacy budget is ϵ₃. We allocate each path in P a privacy budget ϵ₃/z. For the i-th graph g_i on a path p, based on the count accumulation method, the noise variance of its noisy support is $2z^2(\mid p\mid -i+1)∕{ϵ}_3^2$. If g_i is on more than one path, its noise variance can be also computed as we discussed in the previous section. Clearly, different sets of paths will result in different data utilities. Therefore, to improve the accuracy of the noisy supports, we should find the path set, where the sum of the noise variances of all the noisy supports derived from the path set is minimal. We formulate this problem as follows.

Problem 1. (Path Construction): Given a lattice L_a, where each node v represents a frequent subgraph, the set of nodes in L_a is V_La and the set of nodes in a path p is V_p. Find a path set P, such that U_p∈P V_p = V_La, and Σ_v∈VLa v.η is minimized, where v.η is the noise variance of node v’s noisy support.

Considering the complexity of the above problem, we propose a heuristic method, called error-aware path construction, to construct the set of paths which are taken as input by the count accumulation method. The main idea of this method is to iteratively use the nodes in the lattice to construct the path set while ensuring that the noise variance introduced by each node is minimal. Alg. 5 shows the details of this method. It has O(|V_La|²) time complexity, where |V_La| is the number of nodes in the lattice L_a.

Specifically, given the lattice L_a, we incrementally construct the set P of paths by using the nodes in La in descending

order of their size (i.e., the size of the frequent subgraphs the nodes represent). Suppose the set of nodes that represent frequent i-subgraphs is V_i. We use each node in V_i to update P. For a node v in V_i, we first initialize v as a new path and add it into a copy of the current path set P (line 9). We denote the resulting path set by P₀, which is a candidate for the update of P. We add P₀ into a candidate set C_P (line 10). We then try to insert v into each path in P to get other candidates. For a path p in P, we make a copy of the current path set P (denoted by P′) (line 12). We consider the node with the smallest size in p as the tail node of p and denote it by p.tail. If v is reachable from p.tail and the size of p.tail is larger than the size of v, we first append v at the end of the path p in P′ and then add P′ into C_P (lines 13 - 16). Otherwise if v is reachable from the parent node of p.tail and the size of p.tail is equal to the size of v, we make a copy of p (denoted by p′) (line 19). Then, we replace the tail node of p′ by v and add p′ into P′ (lines 20 - 21). At last, we add P′ into C_P (line 22). After we get all the candidates for the update of P by using v, we take the candidate path set with minimal noise variance (i.e., the candidate path set where the sum of the noise variances of all the noisy supports derived from it is minimal) in C_P to update P (line 25). The path construction process is finished until all the nodes in L_a are considered.

8.1. Algorithm Description

Our DFG algorithm is shown in Alg. 6. In DFG, we first estimate the maximum size M_g of frequent subgraphs. We use the method proposed in [8] to estimate M_g. In particular, we first compute an array ζ = {ζ₁, …, ζ_n}, where ζ_i is the maximum support of i-subgraphs (line 1). We then compute the number of elements in ζ larger than θ by using binary search, and set M_g to this number (line 2). Notice that, since it is infeasible to exactly compute every element in ζ, in practice, we choose a very small threshold and run the non-private FSM algorithm FSG to get ζ. Moreover, the computation of ζ can be done in an offline manner, as it is irrelevant to the input threshold θ and needs to be performed only once for a database.

After that, we utilize our frequent subgraph identification approach to identify frequent subgraphs from the input database (line 3). At last, we adopt our lattice-based noisy support computation approach to calculate the noisy support of each identified frequent subgraph (line 4).

8.2. Privacy Analysis

Theorem 8. Our DFG algorithm is ϵ-differentially private.

Proof. In our DFG algorithm, based on the binary estimation method, we first estimate the maximum size M_g of frequent subgraphs by using ϵ₁. According to Thm. 5, we can see that estimating M_g satisfies ϵ₁-differential privacy.

Then, we utilize our frequent subgraph identification (FI₁) approach to privately identify frequent subgraphs in order of increasing size. In the FI₁ approach, to privately identify frequent i-subgraphs, we first use our binary estimation method to estimate the number of frequent i-subgraphs, which achieves ϵ_b-differential privacy. After that, we use our conditional exponential method to privately select frequent i-subgraphs. According to Thm. 6, it guarantees ϵ_c-differential privacy. Based on the sequential composition property [11], we can see that our FI₁ approach satisfies ϵ₂-differential privacy, where ϵ₂ = (ϵ_b+ϵ_c)×M_g.

At last, we use our lattice-based noisy support computation (NC₂) approach to calculate the noisy support of identified frequent subgraphs. In our NC₂ approach, we first build a lattice based on the identified frequent subgraphs. We only utilize the inclusion relations between identified frequent subgraphs without accessing the input database. Thus, we can safely use this lattice. Moreover, to construct a set of paths which can cover all the nodes in the lattice, we do not use any other information but only rely on the lattice. Thus, the constructed path set does not breach the privacy either. Suppose the resulting path set is P = {p₁, p₂, …, p_z}. We uniformly assign each path in P a privacy budget ϵ₃/z. Then, we use our count accumulation method to obtain the noisy support of the graphs on each path. As shown in Thm. 7, it achieves ϵ₃/z-differential privacy for each path. For each of the graphs which have multiple noisy supports, we combine all its noisy supports to get a more accurate result. Since this is done without reference to the input database, the results still satisfy differential privacy. Based on the sequential composition property [11], our NC₂ approach overall satisfies ϵ₃-differential privacy.

In summary, based on the sequential composition property [11], we can conclude our DFG algorithm achieves ϵ-differential privacy, where ϵ = ϵ₁+ϵ₂+ϵ₃. ◻

8.3. Generality of The DFG Algorithm

We will now discuss the generality of our DFG algorithm. The DFG algorithm consists of a frequent subgraph identification phase and a noisy support computation phase. In the frequent subgraph identification phase, we first estimate the number of frequent i-subgraphs, and then privately select frequent i-subgraphs. Two methods (i.e., the binary estimation and conditional exponential methods) are employed to achieve this task. Since these two methods utilize only the support (or noisy support) information of the pattern being mined, they can also be applied for privately mining other frequent patterns. In the noisy support computation phase, leveraging the inclusion relations of discovered frequent patterns (i.e., the downward closure property of frequent patterns), we first build a lattice for the discovered frequent subgraphs. Obviously, for other types of frequent patterns, we can build the corresponding lattices in a similar way. Then, the error-aware path construction and count accumulation methods are used to calculate the noisy support of frequent subgraphs. Since these two methods are designed based on the lattice and do not use any structural properties of graphs, they can be utilized to compute the noisy support of other frequent patterns.

Overall, since our DFG algorithm does not use any structural properties of graphs (except support counting) and relies only on the downward closure property of frequent patterns and the properties of differential privacy, it can be easily extended to mine other types of frequent patterns (e.g., frequent itemsets and frequent sequences).

8.4. Further Optimization of Noisy Support Computation for Frequent Itemset Mining

Observing that, in frequent itemset mining, both the discovered frequent patterns and records in the input database are sets of items, we propose an optimized approach for computing the noisy support of frequent itemsets. The main idea of this approach is to utilize a set of trees to cover all the nodes in the lattice L_a, and then use the idea of count accumulation to derive the noisy support of frequent itemsets. This approach consists of three main steps: 1) tree construction; 2) subdatabase generation; 3) noisy support computation.

Specifically, in the first step, we first find the set V₀ of nodes with zero in-degree in L_a. Then, considering each node in V₀ as the root of a tree, we can get the set T of trees which are used to cover all the nodes in L_a.

In the second step, for each tree t in T, we first perform a breadth-first traversal on t and record the node visiting order. According to such order, we then divide the input database D into mutually disjoint sub-databases in the following manner. Suppose the node visiting order is v₁, v₂, …, v_|t|, where |t| denotes the number of nodes in T, and the corresponding itemsets are X₁, X₂, …, X_|t|. We first divide D into two subdatabases based on X₁: the sub-database D₁ that is consisted of all the records containing X₁ and the sub-database $\overline{D_1}$ that is consisted of the remaining records. Then, we further divide $\overline{D_1}$ based on X₂. This process is terminated until D is partitioned into |t| + 1 mutually disjoint sub-databases, i.e., $D_1,D_2,\dots ,\overline{D_{\mid t\mid }}$.

In the third step, we compute the noisy support of the itemsets represented by the nodes in each tree t. Suppose v_i is a tree node of t, and the set of all its ancestors in t is A_i. We denote the itemset represented by v_i by X_i, and denote the the set of itemsets represented by A_i by I_i. Obviously, X_i is contained in each itemset in I_i, i.e., $X_i\subseteq X_i^j(X_i^jϵI_i)$. The support of X_i is equal to $\mid D_i\mid +{\Sigma }_{j=1}^{\mid A_i\mid }\mid D_i^j\mid$, where |D_i| denotes the number of records in the sub-database corresponding to X_i, and $\mid D_i^j\mid$ denotes the number of records in the subdatabase corresponding to $X_i^j$. Suppose the privacy budget allocated to t is ϵ_t. To guarantee differential privacy, we add Laplace noise Lap(1/ϵ_t) to the number of records in each subdatabase. For the itemsets having multiple noisy supports, we use the method proposed in Sec. 7.1 to combine the noisy supports of each of them.

In this optimized approach, we use trees to cover the nodes in the lattice L_a instead of using paths. As the number of used trees is always less than the number of used paths, for a given privacy budget, we can allocate a larger portion of the privacy budget to each tree. Therefore, in this optimized approach, less noise is added to the support of each frequent itemset compared to the approach proposed previously.

Notice that this optimized approach cannot be used to compute the noisy support of frequent sequences (or frequent subgraphs). The following example explains this. Suppose “abc” is a frequent sequence, and there is a record “abbcdefg” in the input database. The frequent sequence “abc” is not contained in the record, but its subsequences “ab” and “bc”, which are also frequent, are both contained in the record. In this case, if the optimized approach is applied, we will get a wrong support of subsequence “ab” (or “bc”) before adding noise.

Datasets.

Three publicly available real datasets are used in our experiments. Specifically, dataset Cancer includes structures of human tumor cell lines [30], dataset HIV contains molecules tested against HIV virus [30], and dataset SPL contains structures of FDA-approved clinical drugs [31]. Their characteristics are summarized in Tab. 2.

Utility Measures.

In the experiments, we employ two widely used metrics to evaluate the performance of the algorithms. The first is F-score [8], which is used to measure the utility of discovered frequent subgraphs. The second is Relative Error (RE) [7], which is used to measure the error with respect to the true supports.

9.1. Frequent Subgraph Mining

Fig. 5(a) – 5(f) show the performance of DFG, DFPM and Naive for different values of threshold on the three datasets. For DFPM, it only guarantees the weaker (ϵ, δ)-differential privacy. Moreover, DFPM is designed for top-k FSM. In this experiment, we consider the scenario where DFPM sets k to be the number of frequent subgraphs for the given threshold. Notice that, such setting might violate the privacy. However, even with these privacy relaxations, we observe DFG significantly outperforms DFPM. In DFPM, to find a frequent subgraph, it first randomly generates a graph and then performs random walk in the output space. The transition is determined based on the support of the current graph and its neighboring graphs. However, if the first generated graph is in a region where the support of all neighboring graphs is very low, the random walk will seldom move and an infrequent subgraph will be output, which negatively affects the utility of the results.

For the algorithm Naive, as its results for RE are always orders of magnitudes larger than the other comparison algorithms, we omit it to ensure the readability of the figures. Fig. 5(a) – 5(f) show DFG significantly outperforms Naive. In Naive, it perturbs the support of all candidate subgraphs. However, as discussed in Sec. 4, a large number of candidate subgraphs are generated in the mining process, causing a large amount of perturbation noise. For example, in dataset SPL, the number of vertex labels is 104 and the number of candidate 1-subgraphs (i.e., all possible single-edge graphs) is $C_{104}^2=5356$. Thus, Naive gets poor performance in terms of both F-score and RE.

We also compare the performance of these algorithms for top-k FSM. To extend DFG and Naive to discover the k most frequent subgraphs, we adapt them by setting the threshold to be the support of the k-th frequent subgraph. To avoid privacy breach, we add Laplace noise to that computation as the sensitivity of such computation is one. Fig. 5(g) – 5(l) show the results by varying the parameter k from 20 to 100. We can see our DFG algorithm achieves the best performance.

9.2. Effect of Privacy Budget

Fig. 6 shows the performance of the three algorithms for mining top-50 frequent subgraphs under varying privacy budget ϵ on datasets Cancer and HIV. We can see DFG consistently achieves the best performance at the same level of privacy. All these algorithms perform in a similar way: the utility of the results is improved when e increases. This is because, when e increases, a smaller amount of noise is required and a lower degree of privacy is guaranteed.

9.3. Efficiency of DFG

Fig. 7 shows the running time of our DFG algorithm and the non-private FSM algorithm FSG [25] for finding top-k frequent subgraphs in datasets Cancer and HIV by varying k from 20 to 100. For DFG, the running time does not include computing the array ζ (i.e., the step of Alg. 6), as the computation of ζ can be done offline. We can see that, although DFG runs slower than FSG, it achieves comparable performance to FSG. In both FSG and DFG, computing the support of graphs is the most time-consuming part, which has exponential time complexity. For DFG, it needs an extra phase (i.e., the noisy support computation phase) to compute the noisy support of the frequent subgraphs. This is the main reason that DFG is slower than DFG. However, as the number of frequent subgraphs is typically much smaller than that of candidate subgraphs, such phase does not introduce too much computation cost. In addition, as shown earlier, most of the key components in DFG have polynomial time complexity, and thus they also do not introduce too much computation cost. These are the reasons that DFG can obtain comparable performance to FSG.

9.4. Effect of FI₁ Approach

In this experiment, we study the effectiveness of our frequent subgraph identification approach (denoted by FI₁) on datasets Cancer and HIV. We compare FI₁ with two algorithms. Specifically, the first one is the straightforward algorithm proposed in Sec. 4 (denoted by Naive), which first perturbs the support of candidate subgraphs by using the Laplace mechanism, and then outputs the candidate subgraphs which have support above the threshold. The second one first utilizes our binary estimation method to estimate the number of frequent subgraphs, and then uses the exponential mechanism to select frequent subgraphs from candidate subgraphs. Here, we denote the second algorithm by Exponential. From Fig. 8, we can see, our FI₁ approach gets the best performance in terms of F-score. This is because FI₁ uses the conditional exponential method to identify frequent subgraphs, which can improve the accuracy of the private selections of frequent subgraphs by candidate pruning.

9.5. Effect of NC₂ Approach

We also evaluate the effectiveness of our lattice-based noisy support computation approach (denoted by NC₂) on datasets HIV and SPL. We compare NC₂ with two algorithms. The first one is the straightforward algorithm proposed in Sec. 4 (denoted by Naive), where the noisy supports of identified frequent subgraphs are obtained by directly perturbing their true supports. The second one calculates the noisy support of identified frequent subgraphs by using the noisy support derivation approach (denoted by ND₂) proposed in our conference paper [24]. The difference between NC₂ and ND₂ is that NC₂ utilizes the error-aware path construction method to construct the set of paths, while ND2 uses the path construction and path extension methods to construct that set of paths. Fig. 9 shows that our NC₂ approach achieves the best performance in terms of RE. In particular, we observe that NC₂ obtains better results than ND₂, especially when the threshold is relatively low. The reasons can be explained as follows. First, while the path construction and extension methods used in ND₂ attempt to minimize the number of paths which is correlated with the overall error, the error-aware path construction method used in NC₂ can directly reduce the errors of noisy supports. Second, to extend a constructed path, the path extension method used in ND₂ inserts nodes only at the start and end positions of the path without considering the positions in the middle of the path.

9.6. Extending DFG for Mining Frequent Itemsets

To demonstrate the generality of our DFG algorithm, we extend it to mine frequent itemsets under ϵ-differential privacy. In particular, we denote the extended algorithm which adopts the general approach (i.e., NC₂) to compute the noisy support of frequent itemsets by DFI, and denote the extended algorithm which adopts the optimized approach proposed in Sec. 8.4 to compute the noisy support of frequent itemsets by DFI-OPT. We compare DFI and DFI-OPT with the following two algorithms: 1) the PFP-Growth algorithm proposed in [14], which privately finds the itemsets based on FP-growth; 2) the PrivBasis algorithm proposed in [7], which privately finds the k most frequent itemsets by constructing the basis set. In the experiments, we use two real datasets. A summary of the characteristics of the datasets is illustrated in Tab. 3.

Fig. 10 shows the performance of DFI, DFI-OPT, PFP-Growth and PrivBasis for different values of threshold on the two datasets. For the top-k FIM algorithm PrivBasis, we consider the scenario where PrivBasis sets k to be the number of frequent itemsets for a given threshold. We want to emphasize that this setting might create privacy concerns. As DFI and DFI-OPT use the same approach to find frequent itemsets (i.e., FI₁), for the metric F-score, we only report the experimental results of DFI. From Fig. 10, we can observe that DFI outperforms PFP-Growth and PrivBasis in terms of F-score. In addition, we can also observe that both DFI and DFI-OPT gets the good performance in terms of RE. In particular, DFI-OPT gets better results than DFI, as it injects less noise into the support of frequent itemsets than DFI.

9.7. Extending DFG for Mining Frequent Sequences

We also extend our DFG algorithm to mine frequent sequences under ϵ-differential privacy. We denote this extended algorithm by DFS. We compare DFS against a state-of-the-art algorithm called PFS² [9], which privately finds the sequences whose support exceeds a given threshold via sampling-based candidate pruning. In the experiments, we also use two real datasets. A summary of the characteristics of the datasets is illustrated in Tab. 4.

Fig. 11 shows the performance of DFS and PFS² for different values of threshold on the two datasets. From Fig. 11, we can observe that DFS achieves comparable performance to PFS² in terms of F-score. However, for the metric RE, DFS obtains much better results than PFS².