Oblivious Mechanisms in Differential Privacy Experiments, - - PowerPoint PPT Presentation

oblivious mechanisms in differential privacy
SMART_READER_LITE
LIVE PREVIEW

Oblivious Mechanisms in Differential Privacy Experiments, - - PowerPoint PPT Presentation

Mar 07, 2024 275 likes •439 views

Oblivious Mechanisms in Differential Privacy Experiments, Conjectures, and Open Questions Chien-Lun Chen Joint work with Ranjan Pal and Leana Golubchik 1 5/27/2016 Quantitative Evaluation & Design (QED) Research Group Privacy Issues in

slide-1
SLIDE 1

Oblivious Mechanisms in Differential Privacy

Experiments, Conjectures, and Open Questions

Chien-Lun Chen Joint work with Ranjan Pal and Leana Golubchik

5/27/2016 1 Quantitative Evaluation & Design (QED) Research Group

slide-2
SLIDE 2

Quantitative Evaluation & Design (QED) Research Group 5/27/2016 2

Privacy Issues in Data Publishing

Governments and organizations publish anonymous personal information for research, analytics and services Privacy leak

– identify a person from internet databases

  • de-anonymize Netflix Price dataset [A. Narayanan ‘08]

– discover an individual’s record by comparing databases

  • your record was not in the database last month, but now it is…

www.netflix.com

slide-3
SLIDE 3

5/27/2016 3

Differential Privacy (DP)

Query

1

D

2

D

  • r ?

1

D

2

D

ε-Differential Privacy [C. Dwork ‘06]

– privacy  information loss

ε-DP Mechanisms

– DP Noise-adding mechanisms

  • Laplacian, Geometric

– other DP mechanisms

  • Matrix [C. Li ‘10], K-norm [M. Hardt ‘09]

– non-numeric DP mechanism

  • Exponential [F. McSherry ‘07]

1 2

[ ( ) ] [ ( ) ]

r r

P A D S e e P A D S

  

   

L

ε-DP Mechanism

A

ε-DP Mechanism

A

S j

Quantitative Evaluation & Design (QED) Research Group

slide-4
SLIDE 4

5/27/2016 4

DP Noise-Adding Mechanism

DP Noise-Adding Mechanism

( ) ( ) ( ) A D q D X D  

Query

1

D

2

D j

ε-DP Mechanism

A

ε-DP Mechanism

A

Query (q) Query (q)

k i L

+Noise (X) +Noise (X)

Oblivious Mechanism

, e e

   

ij kj

x x

,

GS

i k L i k     

𝒚𝒋𝒌 𝒚𝒍𝒌

  • r ?

i k

GS

Global Sensitivity

1 2 1 2

1 2 , : ( , ) 1

max ( ) ( )

n H

GS D D D d D D

q D q D

  

   L

Quantitative Evaluation & Design (QED) Research Group

slide-5
SLIDE 5

5/27/2016 5

Optimal DP Mechanism

Widely-used information loss function: ij

j i

l l  

Bayesian Model Risk-Averse Model s.t. s.t.

min max

i j ij j i

x l

min

i i ij ij j

x l p

 

DP Constraints DP Constraints

prior worst case

A DP mechanism is called optimal if it minimizes information loss and preserves DP. Data managers solve the optimization problem for mechanism ij

x

Objective:

min info. loss

( , , , )

ij i ij

x f p l L  

Quantitative Evaluation & Design (QED) Research Group

slide-6
SLIDE 6

5/27/2016 6

Presence of Side-Information

Side-information exists everywhere…

– auxiliary databases – research studies, common knowledge – mathematical theories

  • central limit theorem
  • transformations of random variables

The presence of side-information is important and cannot be neglected. Side-information  Prior probability

Quantitative Evaluation & Design (QED) Research Group

scienceblog.cancerresearchuk.org

Auxiliary Databases Research Studies

slide-7
SLIDE 7

5/27/2016 7

State-of-the-Art and Open Questions

A universally optimal mechanism is optimal for all priors and all loss functions .

i

p

ij

l

Optimal DP Mechanism (Risk-Averse, ∆= ∆𝐻𝑇) Optimal DP Mechanism (Bayesian, ∆= ∆𝐻𝑇) Optimal DP Mechanism (Bayesian) Optimal DP Mechanism (Risk-Averse) Universally Optimal DP Mechanism (L ∈ Z, ∆=1) Universally Optimal DP Mechanism :Staircase Mechanism [Q. Geng ‘14]

Optimal in Risk-Averse model Optimal for unbounded domain L

:Geometric Mechanism [M. Gupte ’10] [A. Ghosh ‘12]

Universally optimal in both Risk-Averse and Bayesian model (unknown)

solution space = ( , , , )

i ij

p L l  solution space = ( , , , )

ij i i j

L l p l    solution space = ( , , )

i

p L 

Quantitative Evaluation & Design (QED) Research Group

slide-8
SLIDE 8

5/27/2016 8

Main Contributions

For (Bayesian, ∆=∆𝐻𝑇), we propose a heuristic design

– optimal design for general priors is difficult – we start with heuristic design, and it surprisingly leads to significant improvement in utility-privacy tradeoffs

Show via experiments, the importance of the optimal Bayesian mechanism design

– optimal Bayesian design is non-trivial when side-information substantially narrows down the outputs of the query

Propose open questions in DP mechanism design

Quantitative Evaluation & Design (QED) Research Group

slide-9
SLIDE 9

Queries - Mean and Max Oblivious mechanism  database independent  synthetic data Global sensitivity = 10 Gaussian is truncated and normalized in 𝑀

5/27/2016 9

Experimental Context and Settings

– public information

  • known: domain 𝑀 ∈ [-10,10]
  • each entity is independent and uniformly distributed

– mathematical theories

  • central limit theorem

 mean value is approximately normal distributed

  • transformations of random variables

 the max value is scaled-beta distributed over 𝑀

Normal Scaled-Beta

Quantitative Evaluation & Design (QED) Research Group

slide-10
SLIDE 10

(1): Pre-rounding

5/27/2016 10

Our Heuristic DP Mechanism

(1) (2)

  • 10

10 Truncated 𝛽-Geometric mechanism

10

GS

 

Mechanism designed for low-variance priors

– only outputs {-10,0,10}

The heuristic mechanism satisfies ε-DP ( )

e  

(2): Add truncated 𝛽- Geometric Noise ( )

– Pr[X>10] goes to Pr [X=10] – Pr[X<-10] goes to Pr [X=-10]

e  

Quantitative Evaluation & Design (QED) Research Group

slide-11
SLIDE 11

Significant improvement in low & intermediate privacy regime (the red ‘x’). In the high privacy regime tend towards convergence

– DP mechanism adds extremely large noise to maintain privacy – noise dominates the performance

5/27/2016 11

Utility-Privacy Tradeoff Performance

Quantitative Evaluation & Design (QED) Research Group

slide-12
SLIDE 12

5/27/2016 12

Our Mechanism is Collusion-Proof !

Users collude in perturbed results (based on MLE) The heuristic design is collusion-proof (the red curve)

Quantitative Evaluation & Design (QED) Research Group

slide-13
SLIDE 13

5/27/2016 13

Design Insights

When query outputs are substantially narrowed down by side- information, discretizing the domain and adding truncated Geometric noise is a good idea A robust, simple, and efficient Bayesian design is possible! A collusion-proof Bayesian design is also feasible

Quantitative Evaluation & Design (QED) Research Group

slide-14
SLIDE 14

5/27/2016 14

Future Directions

Optimal Bayesian design mechanism

– so that we know how good our design is – new heuristic methods and design insights – studies of implementation complexity

Applications of the optimal Bayesian design

– applying Bayesian design to practical problems with side-information – many practical issues will be involved

Optimal Bayesian design in approximate DP

– more efficient, but less robust

Quantitative Evaluation & Design (QED) Research Group

slide-15
SLIDE 15

5/27/2016 15

Q&A Thank you!

Email: chienlun@usc.edu

Quantitative Evaluation & Design (QED) Research Group