differential privacy li xiong outline differential
play

Differential Privacy Li Xiong Outline Differential Privacy - PowerPoint PPT Presentation

Feb 23, 2023 •500 likes •1.15k views

CS573 Data Privacy and Security Differential Privacy Li Xiong Outline Differential Privacy Definition Basic techniques Composition theorems Statistical Data Privacy Non-interactive vs interactive Privacy goal: individual is

  1. CS573 Data Privacy and Security Differential Privacy Li Xiong

  2. Outline • Differential Privacy Definition • Basic techniques • Composition theorems

  4. Statistical Data Privacy • Non-interactive vs interactive • Privacy goal: individual is protected • Utility goal: statistical information useful for analysis Queries Privacy Original Mechanism Data Statistics/ Data Synthetic analyst data Data curator

  5. Recap • Anonymization or de-identification (input perturbation) – Linkage attacks, homogeneity attacks • Query auditing/restriction – Query denial is itself disclosive, computationally infeasible • Summary statistics – Differencing attacks

  6. Differential Privacy • Promise: an individual will not be affected, adversely or otherwise, by allowing his/her data to be used in any study or analysis, no matter what other studies, datasets, or information sources, are available ” • Paradox: learning nothing about an individual while learning useful statistical information about a population

  7. Differential Privacy • Statistical outcome is indistinguishable regardless whether a particular user (record) is included in the data

  8. Differential Privacy • Statistical outcome is indistinguishable regardless whether a particular user (record) is included in the data

  9. Differential privacy: an example Perturbed histogram Original records Original histogram with differential privacy

  15. Differential Privacy: Some Qualitative Properties • Protection against presence/participation of a single record • Quantification of privacy loss • Composition • Post-processing

  16. Differential Privacy: Additional Remarks • Correlations between records • Granularity of a single record (difference for neighboring database) – Group privacy – Graph database (eg social networks): node vs edge – Movie rating database: user vs event (movie)

  17. Outline • Differential Privacy Definition • Basic techniques – Laplace mechanism – Exponential mechanism – Random Response • Composition theorems

  19. Can deterministic algorithms satisfy differential privacy? Module 2 Tutorial: Differential Privacy in the Wild 19

  20. Non trivial deterministic algorithms do not satisfy differential privacy Space of all inputs Space of all outputs (at least 2 distinct outputs) Module 2 Tutorial: Differential Privacy in the Wild 20

  21. Non-trivial deterministic algorithms do not satisfy differential privacy Each input mapped to a distinct output. Module 2 Tutorial: Differential Privacy in the Wild 21

  22. There exist two inputs that differ in one entry mapped to different outputs. Pr > 0 Pr = 0 Module 2 Tutorial: Differential Privacy in the Wild 22

  23. Output Randomization Query Database Add noise to true answer Researcher • Add noise to answers such that: – Each answer does not leak too much information about the database. – Noisy answers are close to the original answers. Module 2 Tutorial: Differential Privacy in the Wild 23

  24. [DMNS 06] Laplace Mechanism Query q Database True answer q(D) + η q(D) Researcher η Laplace Distribution – Lap(S/ ε ) 0.6 0.4 0.2 0 Module 2 Tutorial: Differential Privacy in the Wild 24 -10 -8 -6 -4 -2 0 2 4 6 8 10

  25. Laplace Distribution • PDF: • Denoted as Lap(b) when u=0 • Mean u • Variance 2b 2

  26. How much noise for privacy? [Dwork et al., TCC 2006] Sensitivity : Consider a query q: I  R. S(q) is the smallest number s.t. for any neighboring tables D, D’, | q(D) – q (D’ ) | ≤ S(q) Theorem : If sensitivity of the query is S , then the algorithm A(D) = q(D) + Lap(S(q)/ ε ) guarantees ε - differential privacy Module 2 Tutorial: Differential Privacy in the Wild 26

  27. Example: COUNT query D Disease • Number of people having disease (Y/N) Y • Sensitivity = 1 Y N • Solution: 3 + η , Y where η is drawn from Lap(1/ ε ) N – Mean = 0 – Variance = 2/ ε 2 N Module 2 Tutorial: Differential Privacy in the Wild 27

  28. Example: SUM query • Suppose all values x are in [a,b] • Sensitivity = b Module 2 Tutorial: Differential Privacy in the Wild 28

  29. Privacy of Laplace Mechanism • Consider neighboring databases D and D’ • Consider some output O Module 2 Tutorial: Differential Privacy in the Wild 29

  30. Utility of Laplace Mechanism • Laplace mechanism works for any function that returns a real number • Error: E(true answer – noisy answer) 2 = Var( Lap(S(q)/ ε ) ) = 2*S(q) 2 / ε 2 • Error bound: very unlikely the result has an error greater than a factor (Roth book Theorem 3.8) Module 2 Tutorial: Differential Privacy in the Wild 30

  31. Outline • Differential Privacy Definition • Basic techniques – Laplace mechanism – Exponential mechanism – Random Response • Composition theorems

  32. Exponential Mechanism • For functions that do not return a real number … – “what is the most common nationality in this room”: Chinese/Indian/American… • When perturbation leads to invalid outputs … – To ensure integrality/non-negativity of output Module 2 Tutorial: Differential Privacy in the Wild 32

  33. [MT 07] Exponential Mechanism Consider some function f (can be deterministic or probabilistic): Inputs Outputs How to construct a differentially private version of f? Module 2 Tutorial: Differential Privacy in the Wild 33

  34. Exponential Mechanism Theorem For a database D, output space R and a utility score function u : D× R → R , the algorithm A Pr[ A ( D ) = r ] ∝ exp ( ε × u ( D, r )/ 2Δ u ) satisfies ε -differential privacy, where Δ u is the sensitivity of the utility score function Δ u = max r & D,D’ | u ( D, r ) - u ( D’, r )|

  35. Example: Exponential Mechanism • Scoring/utility function w: Inputs x Outputs  R • D: nationalities of a set of people • f(D) : most frequent nationality in D • u (D, O) = #(D, O) the number of people with nationality O Module 2 Tutorial: Differential Privacy in the Wild 35

  36. Privacy of Exponential Mechanism The exponential mechanism outputs an element r with probability Pr[ A ( D ) = r ] ∝ exp ( ε × u ( D, r )/ 2Δ u ) Δ u = max r & D,D’ | u ( D, r ) - u ( D’, r )| Approximately Pr[ A ( D ) = r ] /Pr[ A ( D’ ) = r ] <= ε (Exact proof with normalization factor: Roth Book page 39)

  37. Privacy of Exponential Mechanism

  38. Utility of Exponential Mechanism • Can give strong utility guarantees, as it discounts outcomes exponentially based on utility score • Highly unlikely that returned element r has a utility score inferior to max r u(D,r) by an additive factor of (Theorem 3.11 Roth book)

  39. Outline • Differential Privacy Definition • Basic techniques – Laplace mechanism – Exponential mechanism – Random Response • Composition theorems

  40. [W 65] Randomized Response (a.k.a. local randomization) D O Disease Disease (Y/N) (Y/N) Y Y With probability p, Report true value Y N With probability 1-p, Report flipped value N N Y N N Y N N Module 2 Tutorial: Differential Privacy in the Wild 40

  41. Differential Privacy Analysis • Consider 2 databases D, D’ (of size M) that differ in the j th value – D[j] ≠ D’[j]. But, D[ i ] = D’[ i], for all i ≠ j • Consider some output O Module 2 Tutorial: Differential Privacy in the Wild 41

  42. Utility Analysis • Suppose n1 out of n people replied “yes”, and rest said “no” • What is the best estimate for π = fraction of people with disease = Y? π hat = {n1/n – (1-p)}/(2p-1) • E( π hat ) = π • Var( π hat ) = Sampling Variance due to coin flips Module 2 Tutorial: Differential Privacy in the Wild 42

  43. Laplace Mechanism vs Randomized Response Privacy • Provide the same ε -differential privacy guarantee • Laplace mechanism assumes data collector is trusted • Randomized Response does not require data collector to be trusted – Also called a Local Algorithm, since each record is perturbed Module 2 Tutorial: Differential Privacy in the Wild 43

  44. Laplace Mechanism vs Randomized Response Utility • Suppose a database with N records where μN records have disease = Y. • Query: # rows with Disease=Y • Std dev of Laplace mechanism answer: O(1/ ε ) • Std dev of Randomized Response answer: O(√N) Module 2 Tutorial: Differential Privacy in the Wild 44

  45. Outline • Differential Privacy • Basic Algorithms – Laplace – Exponential Mechanism – Randomized Response • Composition Theorems Module 2 Tutorial: Differential Privacy in the Wild 45

  46. Why Composition? • Reasoning about privacy of a complex algorithm is hard. • Helps software design – If building blocks are proven to be private, it would be easy to reason about privacy of a complex algorithm built entirely using these building blocks. Module 2 Tutorial: Differential Privacy in the Wild 46

  47. A bound on the number of queries • In order to ensure utility, a statistical database must leak some information about each individual • We can only hope to bound the amount of disclosure • Hence, there is a limit on number of queries that can be answered Module 2 Tutorial: Differential Privacy in the Wild 47

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong

CS573 Data Privacy and Security Differential Privacy Real World Deployments Li Xiong Applying Differential Privacy Real world deployments of differential privacy OnTheMap RAPPOR Module 4 Tutorial: Differential Privacy in the Wild

617 views • 30 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New

Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New

Differential Privacy and Fairness: Foundations and New Frontiers Toniann Pitassi Outline 1. Differential Privacy: The Basics 2. Differential Privacy in New Settings - Pan Privacy - Privacy in multi-party settings - Fairness Outline

947 views • 49 slides
Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor

Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor

Differential Privacy Techniques Beyond Differential Privacy Steven Wu Assistant Professor University of Minnesota 1 Differential privacy? Isnt it just adding noise? How to add smart noise to guarantee privacy without sacrificing

592 views • 57 slides
Differential Privacy Tabular Data Li Xiong Outline Tabular data and histogram/range

Differential Privacy Tabular Data Li Xiong Outline Tabular data and histogram/range

CS573 Data Privacy and Security Differential Privacy Tabular Data Li Xiong Outline Tabular data and histogram/range queries Algorithms for low dimensional data Algorithms for high dimensional data Example: statistics/synthetic

758 views • 55 slides
Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine

CS573 Data Privacy and Security Differential Privacy Machine Learning Li Xiong Big Data + Machine Learning + Machine Learning Under Adversarial Settings Data privacy/confidentiality attacks membership attacks, model inversion

3.44k views • 63 slides
Mobile Data Collection and Analysis with Local Differential Privacy - Part 1 Ninghui Li (Purdue

Mobile Data Collection and Analysis with Local Differential Privacy - Part 1 Ninghui Li (Purdue

Mobile Data Collection and Analysis with Local Differential Privacy - Part 1 Ninghui Li (Purdue University) 1 Outline Motivation of Differential Privacy and Local Differential Privacy (LDP) Frequency Oracles in LDP Tradeoff between

821 views • 53 slides
Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin

Implementing Differential Privacy &amp; Side-channel attacks CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 14 : 590.03 Fall 12 1 Outline Differential Privacy Implementations PINQ: Privacy Integrated Queries [McSherry SIGMOD

1.22k views • 40 slides
Differential Privacy Privacy &amp; Fairness in Data Science CS848 Fall 2019 2 Outline

Differential Privacy Privacy &amp; Fairness in Data Science CS848 Fall 2019 2 Outline

Differential Privacy Privacy &amp; Fairness in Data Science CS848 Fall 2019 2 Outline Problem Differential Privacy Basic Algorithms 3 Statistical Databases Person 1 Person 2 Person 3 Person N Individuals with r 1 r 2 r 3 r N

1.01k views • 70 slides
CS573 Data Privacy and Security Differential Privacy tabular data and range queries Li Xiong

CS573 Data Privacy and Security Differential Privacy tabular data and range queries Li Xiong

CS573 Data Privacy and Security Differential Privacy tabular data and range queries Li Xiong Outline Tabular data and histogram/range queries Algorithms for low dimensional data Algorithms for high dimensional data Example:

692 views • 57 slides
A Short Tutorial on Differential Privacy Borja Balle Amazon Research Cambridge The Alan Turing

A Short Tutorial on Differential Privacy Borja Balle Amazon Research Cambridge The Alan Turing

A Short Tutorial on Differential Privacy Borja Balle Amazon Research Cambridge The Alan Turing Institute January 26, 2018 Outline 1. We Need Mathematics to Study Privacy? Seriously? 2. Differential Privacy: Definition, Properties and Basic

868 views • 75 slides
Algorithms for Differential Privacy: Exponential &amp; Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential &amp; Median Mechanism CompSci 590.03

Algorithms for Differential Privacy: Exponential &amp; Median Mechanism CompSci 590.03 Instructor: Ashwin Machanavajjhala Lecture 7 : 590.03 Fall 12 1 Recap: Differential Privacy For every pair of inputs For every output that differ in one

445 views • 29 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law &amp; Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law &amp; Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law &amp; Policy Alexandra Wood Berkman Klein Center for Internet &amp; Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka

Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka

Data Mining with Differential Privacy Arik Friedman and Assal Schuster by Slawomir Goryczka Differential Privacy A randomized computation M provides -differential privacy if for any datasets A and B that differ by 1 record and any set of

193 views • 17 slides
Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 ,

Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 ,

Introduction Differential Privacy under Dependent Data Conclusion and Future Work Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 , Supriyo Chakraborty 2 , Prateek Mittal 1 Email: 1 { cl12, pmittal }

512 views • 38 slides
Global Sensitivity Analysis in Stochastic Systems Olivier Le Matre, Omar Knio LIMSI CNRS,

Global Sensitivity Analysis in Stochastic Systems Olivier Le Matre, Omar Knio LIMSI CNRS,

Variance-Based Sensitivity Analysis for SODEs Stochastic Simulators Conclusions Global Sensitivity Analysis in Stochastic Systems Olivier Le Matre, Omar Knio LIMSI CNRS, Orsay, France KAUST, Saudi-Arabia Duke University, Durham, North

981 views • 49 slides
Building sensitive forecast models and common forecast assumptions Victoria Clark CGMA

Building sensitive forecast models and common forecast assumptions Victoria Clark CGMA

DataCamp Financial Forecasting in Python FINANCIAL FORECASTING IN PYTHON Building sensitive forecast models and common forecast assumptions Victoria Clark CGMA Financial Analyst DataCamp Financial Forecasting in Python Considerations when

306 views • 16 slides
Multicore OS Benchmarks: We Can Do Better Ihor Kuz* , Zachary Anderson, Pravin Shinde, Timothy

Multicore OS Benchmarks: We Can Do Better Ihor Kuz* , Zachary Anderson, Pravin Shinde, Timothy

Multicore OS Benchmarks: We Can Do Better Ihor Kuz* , Zachary Anderson, Pravin Shinde, Timothy Roscoe Systems Group, ETH Zurich * NICTA Australia 1 Multicore OS benchmarks do not evaluate performance isolation between independent apps. 2

214 views • 10 slides
Precision-Guided Context Sensitivity for Pointer Analysis Yue Li, Tian Tan, Anders Mller,

Precision-Guided Context Sensitivity for Pointer Analysis Yue Li, Tian Tan, Anders Mller,

Precision-Guided Context Sensitivity for Pointer Analysis Yue Li, Tian Tan, Anders Mller, Yannis Smaragdakis OOPSLA 2018 1 A New Pointer Analysis T echnique for Object-Oriented Programs 2 Pointer Analysis Determines which

841 views • 64 slides
ESP - - Path Path- -Sensitive Sensitive ESP Program Verification in Program Verification in

ESP - - Path Path- -Sensitive Sensitive ESP Program Verification in Program Verification in

ESP - - Path Path- -Sensitive Sensitive ESP Program Verification in Program Verification in Polynomial Time Polynomial Time M. Das, S. Lerner, M. Seigle M. Das, S. Lerner, M. Seigle PLDI '02 PLDI '02 Partial program verification

705 views • 24 slides
Content of the lecture n Definition sensitivity and uncertainty n Sensitivity o Areas of the

Content of the lecture n Definition sensitivity and uncertainty n Sensitivity o Areas of the

IAEA Safety Assessment Education and Training (SAET) Programme Joint ICTP-IAEA Essential Knowledge Workshop on Deterministic Safety Assessment and Engineering Aspects Important to Safety Sensitivity and uncertainty Marin Kri tof, NNEES

380 views • 33 slides
Improving the Sensitivity to Low-Mass WIMPs with XENON Detectors Moritz v. Sivers LHEP, AEC

Improving the Sensitivity to Low-Mass WIMPs with XENON Detectors Moritz v. Sivers LHEP, AEC

Improving the Sensitivity to Low-Mass WIMPs with XENON Detectors Moritz v. Sivers LHEP, AEC Universitt Bern 30.11.-1.12. 2015, Prospects in Low-Mass Dark Matter Liquid Xenon TPCs &gt; 3D position reconstruction fiducialization ER/NR

478 views • 29 slides
Storm surge model sensitivity to uncertain inputs Simon Warder 1 , Kevin Horsburgh 2 , Matthew

Storm surge model sensitivity to uncertain inputs Simon Warder 1 , Kevin Horsburgh 2 , Matthew

Storm surge model sensitivity to uncertain inputs Simon Warder 1 , Kevin Horsburgh 2 , Matthew Piggott 1 1 Imperial College London 2 National Oceanography Centre, Liverpool 2nd International Workshop on Waves, Storm Surges and Coastal Hazards

336 views • 18 slides

More recommend