locally private release of
play

Locally Private Release of Marginal Statistics Graham Cormode - PowerPoint PPT Presentation

Mar 22, 2024 •253 likes •525 views

Locally Private Release of Marginal Statistics Graham Cormode g.cormode@warwick.ac.uk Tejas Kulkarni (Warwick) Divesh Srivastava (AT&T) 1 Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm: Scenario. Each

  1. Locally Private Release of Marginal Statistics Graham Cormode g.cormode@warwick.ac.uk Tejas Kulkarni (Warwick) Divesh Srivastava (AT&T) 1

  2. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc. 2

  3. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc.  Algorithm. Toss a (biased) coin, and – With probability p > ½, report the true answer – With probability 1-p, lie 2

  4. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc.  Algorithm. Toss a (biased) coin, and – With probability p > ½, report the true answer – With probability 1-p, lie  Aggregation. Collect responses from a large number N of users – Can ‘unbias’ the estimate (if we know p) of the population fraction – The error in the estimate is proportional to 1/√N 2

  5. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc.  Algorithm. Toss a (biased) coin, and – With probability p > ½, report the true answer – With probability 1-p, lie  Aggregation. Collect responses from a large number N of users – Can ‘unbias’ the estimate (if we know p) of the population fraction – The error in the estimate is proportional to 1/√N  Analysis. Gives differential privacy with parameter ε = ln (p/(1-p)) – Works well in theory, but would anyone ever use this? 2

  6. Privacy in practice 3

  7. Privacy in practice  Differential privacy based on coin tossing is widely deployed – In Google Chrome browser, to collect browsing statistics – In Apple iOS and MacOS, to collect typing statistics – This yields deployments of over 100 million users 3

  8. Privacy in practice  Differential privacy based on coin tossing is widely deployed – In Google Chrome browser, to collect browsing statistics – In Apple iOS and MacOS, to collect typing statistics – This yields deployments of over 100 million users  The model where users apply differential privately and then aggregated is known as “ Local Differential Privacy ” – The alternative is to give data to a third party to aggregate – The coin tossing method is known as ‘randomized response’ 3

  9. Privacy in practice  Differential privacy based on coin tossing is widely deployed – In Google Chrome browser, to collect browsing statistics – In Apple iOS and MacOS, to collect typing statistics – This yields deployments of over 100 million users  The model where users apply differential privately and then aggregated is known as “ Local Differential Privacy ” – The alternative is to give data to a third party to aggregate – The coin tossing method is known as ‘randomized response’  Local Differential privacy is state of the art in 2017: Randomized response invented in 1965: five decade lead time! 3

  10. Going beyond 1 bit of data 1 bit can tell you a lot, but can we do more?  Recent work: materializing marginal distributions – Each user has d bits of data (encoding sensitive data) – We are interested in the distribution of combinations of attributes 4

  11. Going beyond 1 bit of data 1 bit can tell you a lot, but can we do more?  Recent work: materializing marginal distributions – Each user has d bits of data (encoding sensitive data) – We are interested in the distribution of combinations of attributes Gender Obese High BP Smoke Disease Alice 1 0 0 1 0 Bob 0 1 0 1 1 … Zayn 0 0 1 0 0 4

  12. Going beyond 1 bit of data 1 bit can tell you a lot, but can we do more?  Recent work: materializing marginal distributions – Each user has d bits of data (encoding sensitive data) – We are interested in the distribution of combinations of attributes Gender Obese High BP Smoke Disease Alice 1 0 0 1 0 Bob 0 1 0 1 1 … Zayn 0 0 1 0 0 Gender/Obese 0 1 Disease/Smoke 0 1 0 0.28 0.22 0 0.55 0.15 1 0.29 0.21 1 0.10 0.20 4

  13. Nail, meet hammer  Could apply Randomized Reponse to each entry of each marginal – To give an overall guarantee of privacy, need to change p – The more bits released by a user, the closer p gets to ½ (noise) 5

  14. Nail, meet hammer  Could apply Randomized Reponse to each entry of each marginal – To give an overall guarantee of privacy, need to change p – The more bits released by a user, the closer p gets to ½ (noise)  Need to design algorithms that minimize information per user 5

  15. Nail, meet hammer  Could apply Randomized Reponse to each entry of each marginal – To give an overall guarantee of privacy, need to change p – The more bits released by a user, the closer p gets to ½ (noise)  Need to design algorithms that minimize information per user  First observation: a sampling trick – If we release n bits of information per user, the error is n/√N – If we sample 1 out of n bits, the error is √(n/N) – Quadratically better to sample than to share! 5

  16. What to materialize? Different approaches based on how information is revealed 6

  17. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 6

  18. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 2. Or we could reveal information about the full distribution – There are 2 d entries in the d-dimensional distribution – Then aggregate results here (obtaining additional error) 6

  19. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 2. Or we could reveal information about the full distribution – There are 2 d entries in the d-dimensional distribution – Then aggregate results here (obtaining additional error)  Still using randomized response on each entry – Approach 1 (marginals): cost proportional to 2 3k/2 d k/2 /√N – Approach 2 (full): cost proportional to 2 (d+k)/2 /√N 6

  20. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 2. Or we could reveal information about the full distribution – There are 2 d entries in the d-dimensional distribution – Then aggregate results here (obtaining additional error)  Still using randomized response on each entry – Approach 1 (marginals): cost proportional to 2 3k/2 d k/2 /√N – Approach 2 (full): cost proportional to 2 (d+k)/2 /√N  If k is small (say, 2), and d is large (say 10s), Approach 1 is better – But there’s another approach to try… 6

  21. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply 7

  22. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply  Property 1: only (d choose k) coefficients are needed to build any k-way marginal – Reduces the amount of information to release 7

  23. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply  Property 1: only (d choose k) coefficients are needed to build any k-way marginal – Reduces the amount of information to release  Property 2: Hadamard transform is a linear transform – Can estimate global coefficients by sampling and averaging 7

  24. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply  Property 1: only (d choose k) coefficients are needed to build any k-way marginal – Reduces the amount of information to release  Property 2: Hadamard transform is a linear transform – Can estimate global coefficients by sampling and averaging  Yields error proportional to 2 k/2 d k/2 /√N – Better than both previous methods (in theory) 7

  25. Empirical behaviour  Compare three methods: Hadamard based (Inp_HT), marginal materialization (Marg_PS), Expectation maximization (Inp_EM)  Measure sum of absolute error in materializing 2-way marginals  N = 0.5M individuals, vary privacy parameter ε from 0.4 to 1.4 8

  26. Applications – χ -squared test  Anonymized, binarized NYC taxi data  Compute χ -squared statistic to test correlation  Want to be same side of the line as the non-private value! 9

  27. Application – building a Bayesian model  Aim: build the tree with highest mutual information (MI)  Plot shows MI on the ground truth data for evaluation purposes 10

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CSC2412: Private Multiplicative Weights Sasho Nikolov 1 Query Release Reminder: Query Release

CSC2412: Private Multiplicative Weights Sasho Nikolov 1 Query Release Reminder: Query Release

CSC2412: Private Multiplicative Weights Sasho Nikolov 1 Query Release Reminder: Query Release 50,1 } . :D oh Recall the query release problem: q.lt/--tnEZ9ilx ) Workload Q = { q 1 , . . . , q k } of k counting queries . , Xu } teh x

496 views • 18 slides
Locally private learning without interaction requires separation Vitaly Feldman Research with

Locally private learning without interaction requires separation Vitaly Feldman Research with

Locally private learning without interaction requires separation Vitaly Feldman Research with Amit Daniely Hebrew University Local Differential Privacy (LDP) 1 [KLNRS 08] -LDP if for every user , message is sent using a

532 views • 14 slides
Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con

Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con

Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con Consi sistency Tianhao Wang Purdue University Joint work with Milan Lopuha-Zwakenberg, Zitao Li, Boris Skoric, Ninghui Li 1 Privacy in

336 views • 14 slides
Building Blocks of Privacy: Differentially Private Mechanisms Graham Cormode graham@cormode.org

Building Blocks of Privacy: Differentially Private Mechanisms Graham Cormode graham@cormode.org

Building Blocks of Privacy: Differentially Private Mechanisms Graham Cormode graham@cormode.org The data release scenario 2 Data Release Much interest in private data release Practical: release of AOL, Netflix data etc. Research:

606 views • 42 slides
MEDIA RELEASE 9 April 2013 Raising the Bar for Quality in Private Education 1. More than 300

MEDIA RELEASE 9 April 2013 Raising the Bar for Quality in Private Education 1. More than 300

MEDIA RELEASE 9 April 2013 Raising the Bar for Quality in Private Education 1. More than 300 participants from the private education industry gathered today at the inaugural Private Education Conference - "Raising the Bar on Quality - to

356 views • 24 slides
Communication Complexity in Locally Private Distribution Estimation and Heavy Hitters ICML 2019,

Communication Complexity in Locally Private Distribution Estimation and Heavy Hitters ICML 2019,

Communication Complexity in Locally Private Distribution Estimation and Heavy Hitters ICML 2019, Long Beach June 11th, 2019 Jayadev Acharya, Cornell University Ziteng Sun, Cornell University Distribution Learning [ k ] = { 0 , 1 , 2 , ...,

359 views • 23 slides
For personal use only AND EQUITY RAISING CREATION OF A GROWING, LARGE SCALE NATIONAL PRIVATE

For personal use only AND EQUITY RAISING CREATION OF A GROWING, LARGE SCALE NATIONAL PRIVATE

ACQUISITION OF OPTICOMM For personal use only AND EQUITY RAISING CREATION OF A GROWING, LARGE SCALE NATIONAL PRIVATE FIBRE CHALLENGER 15 JUNE 2020 NOT FOR RELEASE TO US WIRE SERVICES OR DISTRIBUTION IN THE UNITED STATES NOT FOR RELEASE TO US

623 views • 39 slides
Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems

Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems

Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems of the Russian Academy of Sciences, Moscow June 30, 2017 Locally tabular (or locally finite ) logics A logic L is locally tabular if, for any

608 views • 46 slides
Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT

Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT

Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT PROOF Modify it... Run a task that accesses MC PROOF Reading log files, resetting session, etc. Running the tasks from

679 views • 19 slides
The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big data, big problem? The big data meme has taken root Organizations jumped on the bandwagon Funding agencies have given out grants But

697 views • 37 slides
The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big data, big problem? The big data meme has taken root Organizations jumped on the bandwagon Entered the public vocabulary But this data

666 views • 31 slides
The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big data, big problem? The big data meme has taken root Organizations jumped on the bandwagon Entered the public vocabulary But this data

427 views • 26 slides
PIT Release Date Functionality 15-May CAB Release

PIT Release Date Functionality 15-May CAB Release

PIT Release Date Functionality 15-May CAB Release Enumeration alignment 24-May Batching Payroll Submission SOAP Bug fixes 19-Jun Agent access Returns Reconciliation

623 views • 26 slides
MINNESOTA SUPER BOWL HOST COMMITTEE Who are we? We are a 501(c)6 non-profit, raising private

MINNESOTA SUPER BOWL HOST COMMITTEE Who are we? We are a 501(c)6 non-profit, raising private

MINNESOTA SUPER BOWL HOST COMMITTEE Who are we? We are a 501(c)6 non-profit, raising private funds to host the game, including free and open to the public events. We are not the NFL. We are a locally run organization who live and work in this

333 views • 32 slides
PIT Release

PIT Release

PIT Release Date Functionality 15-May CAB Release Enumeration alignment 24-May Batching Payroll Submission SOAP Bug fixes 19-June

506 views • 21 slides
Non locally modular reducts of ACF Dmitry Sustretov Hebrew University Neostability theory,

Non locally modular reducts of ACF Dmitry Sustretov Hebrew University Neostability theory,

Non locally modular reducts of ACF Dmitry Sustretov Hebrew University Neostability theory, Oaxaca sustretov@ma.huji.ac.il July 13, 2015 Non locally modular reducts of ACF D. Sustretov Non locally modular strongly minimal sets Let M be a

420 views • 13 slides
Large-Scale Data Engineering Modern SQL-on-Hadoop Systems event.cwi.nl/lsde2015 Analytical

Large-Scale Data Engineering Modern SQL-on-Hadoop Systems event.cwi.nl/lsde2015 Analytical

Large-Scale Data Engineering Modern SQL-on-Hadoop Systems event.cwi.nl/lsde2015 Analytical Database Systems Parallel (MPP): Teradata Paraccel Pivotal Vertica Redshift Oracle (IMM) Netteza DB2-BLU InfoBright SQLserver

1.1k views • 56 slides
choco Marc de Falco (IML) The GoI of Differential Nets LiCS08 1 / 22 Outline We study

choco Marc de Falco (IML) The GoI of Differential Nets LiCS08 1 / 22 Outline We study

The Geometry of Interaction of Differential Interaction Nets Marc de Falco Institut de Math ematiques de Luminy Logic in Computer Science 08 choco Marc de Falco (IML) The GoI of Differential Nets LiCS08 1 / 22 Outline We study

1.3k views • 72 slides
Complexity of Well-Quasi-Orderings and Well-Structured Transition Systems Part IV: Complexity of

Complexity of Well-Quasi-Orderings and Well-Structured Transition Systems Part IV: Complexity of

Complexity of Well-Quasi-Orderings and Well-Structured Transition Systems Part IV: Complexity of WSTS Verification Philippe Schnoebelen LSV, CNRS & ENS Cachan + Oxford 1-year visitor Oxford Dept. Comp. Sci, Mar. 9th, 2012 Part IV.a: Upper

774 views • 53 slides
Attila Szegedi, Software Engineer @asz Thursday, October 13, 11 Everything I ever learned about

Attila Szegedi, Software Engineer @asz Thursday, October 13, 11 Everything I ever learned about

Attila Szegedi, Software Engineer @asz Thursday, October 13, 11 Everything I ever learned about JVM performance tuning @twitter Thursday, October 13, 11 Everything More than I ever wanted to learned about JVM performance tuning @twitter

798 views • 62 slides
Lecture 5 Channel Coding over Continuous Channels I-Hsiang Wang Department of Electrical

Lecture 5 Channel Coding over Continuous Channels I-Hsiang Wang Department of Electrical

Mutual Information and Differential Entropy Channel Coding with Input Cost Gaussian Channel Capacity Summary Lecture 5 Channel Coding over Continuous Channels I-Hsiang Wang Department of Electrical Engineering National Taiwan University

600 views • 34 slides
Chapter 26 Compression, Information and Entropy Huffmans coding CS 573: Algorithms, Fall

Chapter 26 Compression, Information and Entropy Huffmans coding CS 573: Algorithms, Fall

Chapter 26 Compression, Information and Entropy Huffmans coding CS 573: Algorithms, Fall 2013 December 3, 2013 26.1 Huffman coding 26.1.0.1 Codes... (A) : alphabet. (B) binary code : assigns a string of 0s and 1s to each character

594 views • 6 slides
Todays meeting: Early Steps into Inferotemporal Cortex Lecturer: Carlos R. Ponce, M.D., Ph.D.

Todays meeting: Early Steps into Inferotemporal Cortex Lecturer: Carlos R. Ponce, M.D., Ph.D.

Todays meeting: Early Steps into Inferotemporal Cortex Lecturer: Carlos R. Ponce, M.D., Ph.D. Postdoctoral research fellow in Neurobiology, HMS crponce@gmail.com Agenda A brief recap: what you have seen so far in the course. Todays theme:

767 views • 40 slides
A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder Aaron Hutchinson

A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder Aaron Hutchinson

A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder Aaron Hutchinson 1 Koray Karabina 2,3 1 University of Waterloo a5hutchinson@uwaterloo.ca 2 Florida Atlantic University kkarabina@fau.edu 3 National Research Council

535 views • 50 slides

More recommend