on the theory and practice of privacy preserving bayesian
play

On the Theory and Practice of Privacy-Preserving Bayesian Data - PowerPoint PPT Presentation

Aug 18, 2023 •111 likes •878 views

On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph Geumlek,* Max Welling, + Kamalika Chaudhuri* + University of Amsterdam *University of California, San Diego Overview Bayesian Privacy-preserving

  1. On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph Geumlek,* Max Welling, + Kamalika Chaudhuri* + University of Amsterdam *University of California, San Diego

  2. Overview Bayesian Privacy-preserving data analysis data analysis 2

  3. Overview Privacy-preserving Bayesian Privacy-preserving Bayesian data analysis data analysis data analysis 3

  4. Overview (Dimitrakakis et al., 2014; Wang et al., 2015) Privacy-preserving Bayesian Privacy-preserving Bayesian data analysis data analysis data analysis “for free” via posterior sampling 4

  5. Overview (Dimitrakakis et al., 2014; Wang et al., 2015) Privacy-preserving Bayesian Privacy-preserving Bayesian data analysis data analysis data analysis “for free” via posterior sampling Limitations: data inefficiency, approximate inference We consider a very simple alternative technique to resolve this 5

  6. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 6

  7. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 7

  8. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 8

  9. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 9

  10. The cost is our privacy http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/#b228dae34c62 10 ,Retrieved 6/16/2016

  11. Privacy and Machine Learning • Want the benefits of sharing our data while protecting our privacy – Have your cake and eat it too! 11

  12. Privacy and Machine Learning • Want the benefits of sharing our data while protecting our privacy – Have your cake Apple and eat it too! 12

  13. Privacy and Machine Learning • Want the benefits of sharing our data while protecting our privacy – Have your cake Apple and eat it too! 13

  14. “ We believe you should have great features and great privacy . You demand it and we're dedicated to providing it. ” • Craig Federighi, Apple senior vice president of Software Engineering. June 13 2016, WWDC16 Quote from http://appleinsider.com/articles/16/06/15/inside-ios-10-apple-doubles-down-on-security-with-cutting-edge-differential-privacy , retrieved 6/16/2016 14

  15. Statistical analysis of sensitive data [the Wikileaks disclosure] “ puts the lives of United States and its partners’ service members and civilians at risk. ” - Hillary Clinton 15

  16. Bayesian analysis of sensitive data • Bayesian inference widely and successfully used in application domains where privacy is invaluable – Text analysis (Blei et al., 2003; Goldwater and Griffiths, 2007) – Personalized recommender systems (Salakhutdinov and Mnih, 2008) – Medical informatics (Husmeier et al., 2006) – MOOCs (Piech et al., 2013). • Data scientists must balance benefits and potential insights vs privacy concerns (Daries et al., 2014). 16

  17. Anonymization? Alice Alice Bob Bob Claire Claire …. …. Anonymized Netflix data + public IMDB data = identified Netflix data 17 (Narayanan and Shmatikov, 2008)

  18. Anonymization? Alice Alice Bob Bob Claire Claire …. …. Anonymized Netflix data + public IMDB data = identified Netflix data 18 (Narayanan and Shmatikov, 2008)

  19. Anonymization? Alice Alice Bob Bob Claire Claire …. …. Anonymized Netflix data + public IMDB data = identified Netflix data 19 (Narayanan and Shmatikov, 2008)

  20. Aggregation? 20 https://www.buzzfeed.com/nathanwpyle/can-you-spot-all-26-letters-in-this-messy-room-369?utm_term=.gyRdVVvV5#.kkovLL1LE Retrieved 6/16/2016

  21. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? 21

  22. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? • Report average salary in CS dept. 22

  23. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? • Report average salary in CS dept. • Prof. X leaves. 23

  24. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? • Report average salary in CS dept. • Prof. X leaves. • Report avg salary again. – We can identify Prof. X’s salary 24

  25. Noise / data corruption • Release Prof. X’s salary + noise • Once we sufficiently obfuscate Prof. X’s salary, it is no longer useful 25

  26. Noise + crowd • Release mean salary + noise • Need much less noise to protect Prof. X’s salary 26

  27. Solution • “Noise + crowds” can provide both individual-level privacy , and accurate population-level queries • How to quantify privacy loss? – Answer: Differential privacy 27

  28. Differential privacy (Dwork et al., 2006) Queries Untrusted users Answers Individuals’ data Privacy-preserving interface: randomized algorithms • DP is a promise: – “If you add your data to the database, you will not be affected much” 28

  29. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much Individuals’ data 29

  30. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Individuals’ data 30

  31. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm Individuals’ data 31

  32. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm Individuals’ data 32

  33. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm + Individuals’ data 33

  34. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm + Randomized algorithm Individuals’ data 34

  35. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm Similar! + Randomized algorithm Individuals’ data 35

  36. Differential privacy (Dwork et al., 2006) Ratios of probabilities bounded by 36

  37. Properties of differential privacy • Immune to post-processing – Resists attacks using side information, as in the Netflix Prize linkage attack 37

  38. Properties of differential privacy • Immune to post-processing – Resists attacks using side information, as in the Netflix Prize linkage attack • Composition – If you run multiple DP queries, their epsilons add up. – Can think of this as a “privacy budget” we spend over all queries 38

  39. Laplace mechanism (Dwork et al., 2006) • Adding Laplace noise is sufficient to achieve differential privacy • The Laplace distribution is two exponential distributions, back-to-back • The noise level depends on a quantity called the L1 sensitivity of the query h : 39

  40. Exponential mechanism (McSherry and Talwar, 2007) • Aims to output responses of high utility • Given real-valued utility function , the exponential mechanism selects outputs r via Temperature depends on sensitivity, epsilon 40

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My experience with biometrics and privacy Academic background on privacy Gradiants goal: transfer of knowledge to industry We bring state of

193 views • 6 slides
Paper review 1 Privacy is a Process, not a PET A Theory for Effective Privacy Practice

Paper review 1 Privacy is a Process, not a PET A Theory for Effective Privacy Practice

Paper review 1 Privacy is a Process, not a PET A Theory for Effective Privacy Practice Accepted at New Security Paradigms Workshop 2012 Paper review 2 Too Close for Comfort: A Study of the Effectiveness and Acceptability of

515 views • 18 slides
Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU Leuven - COSIC 20 November 2012 Privacy Preserving Protocols Introduction Cryptography in Daily Life RFID Privacy

1.04k views • 60 slides
Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro University College London (UCL) https://emilianodc.com Privacy-preserving what ? Parties with limited mutual trust willing or required to share

1.1k views • 66 slides
Theory or Practice? Theory : Without theory, practice is but routine born out of habit.

Theory or Practice? Theory : Without theory, practice is but routine born out of habit.

Theory or Practice? Theory : Without theory, practice is but routine born out of habit. Theory alone can bring forth and develop the spirit of inventions Louis Pasteur, 1822-1895 Practice : It is a capital mistake to theorize before

548 views • 42 slides
New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of California, San Diego Sensitive Data Medical Records Genetic Data Search Logs AOL Violates Privacy AOL Violates Privacy Netflix Violates Privacy [NS08]

957 views • 92 slides
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore PETS 2017 Privacy-Preserving Computation with Trusted

477 views • 34 slides
Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No privacy breaches! Public Data Anonymization Data representation? Privacy breach? Value of data? Data publisher Privacy Analyst Work by: Elena

80 views • 3 slides
Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes Ben-Gurion University, Israel This talk presents joint work with Boris Rozenberg Talk Outline Motivation for Privacy-Preserving Distributed Data

1.48k views • 68 slides
Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong CS573 Data Privacy and Anonymity Partial slides credit: W. Du, Syracuse University, Y. Gao, Peking University Privacy Preserving Data Mining

659 views • 39 slides
Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption With good encryption, data values not readable So whats the problem? Lecture 17 Page 1 CS 236 Online Traffic Analysis

532 views • 21 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining & Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining & Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining & Information Privacy: New Problems and the Search for Solutions March 15 th , 2004 Tal Zarsky The Information Society Project, Yale Law School Introduction: Various

273 views • 25 slides
Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath, Karl-Peter Fuchs, Dominik Herrmann , Christopher Piosecny University of Hamburg (Germany) 1 Agenda Missing Privacy in DNS Characteristics of DNS Traffic

559 views • 24 slides
Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex

Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex

Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex Biryukov, Dmitry Khovratovich, Sergei Tikhomirov Conclusion and future work

828 views • 20 slides
P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

P 4 PCN: Privacy-Preserving Path Probing for Ruozhou Yu , Yinxin Wan, Vishnu Teja Kilari, Guoliang Xue, Jian Tang, Dejun Yang Payment Channel Networks P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

197 views • 5 slides
Prediction Uncertainty in the Bornhuetter-Ferguson Claims Reserving Method Daniel Alai Michael

Prediction Uncertainty in the Bornhuetter-Ferguson Claims Reserving Method Daniel Alai Michael

Prediction Uncertainty in the Bornhuetter-Ferguson Claims Reserving Method Daniel Alai Michael Merz Mario W uthrich ETH Zurich August 1, 2009 D. H. Alai (ETH Zurich) Prediction Uncertainty in the BF Method August 1, 2009 1 / 18

665 views • 29 slides
Energy-efficient Trajectory Tracking for Mobile Devices Based on "Energy-efficient

Energy-efficient Trajectory Tracking for Mobile Devices Based on "Energy-efficient

Energy-efficient Trajectory Tracking for Mobile Devices Based on "Energy-efficient Trajectory Tracking for Mobile Devices" by M. B. Kjrgaard, Sourav Bhattacharya, Henrik Blunck, Petteri Nurmi Krzysztof Winiewski Trajectory

429 views • 40 slides
Improving on the Small Sample Size Inference Jim Harmon University of Washington February 25,

Improving on the Small Sample Size Inference Jim Harmon University of Washington February 25,

Improving on the Small Sample Size Inference Jim Harmon University of Washington February 25, 2015 Jim Harmon (University of Washington) Improving on the Small Sample Size Inference February 25, 2015 1 / 12 In the beginning . . . z-test

150 views • 12 slides
Some Markov models for direct observation of behavior James E. Pustejovsky Northwestern

Some Markov models for direct observation of behavior James E. Pustejovsky Northwestern

Some Markov models for direct observation of behavior James E. Pustejovsky Northwestern University May 29, 2013 2 Direct observation of behavior Quantities of interest Prevalence : proportion of time that a behavior occurs

742 views • 26 slides
Full bias-correction of spatial robust small area estimators Session: SAE Using Time Series or

Full bias-correction of spatial robust small area estimators Session: SAE Using Time Series or

Introduction Estimation methods Simulation study Summary and Outlook Full bias-correction of spatial robust small area estimators Session: SAE Using Time Series or Spatial Models SAE 2013, Bangkok Timo Schmid Monday, September 2, 2013 Timo

825 views • 31 slides
L1 attrition in a multidialectal setting: Input and Intake in L1 Spanish null and postverbal

L1 attrition in a multidialectal setting: Input and Intake in L1 Spanish null and postverbal

L1 attrition in a multidialectal setting: Input and Intake in L1 Spanish null and postverbal subjects Glyn Hicks and Laura Domnguez glyn.hicks@soton.ac.uk ldo@soton.ac.uk ICLA 3, University of Essex, July 5th 7th, 2016

306 views • 15 slides
zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA STATE

zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA STATE

zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA STATE zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA Ministry of Defense zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA O F ISRAEL / RAFAEL Armament Development Authority CEMA -

415 views • 26 slides
www.statistik.at Wir bewegen Informationen Official Statistics production: Where we come from

www.statistik.at Wir bewegen Informationen Official Statistics production: Where we come from

From price collection to Josef Auer Ingolf Boettcher price data analytics 2017 Ottawa Group www.statistik.at Wir bewegen Informationen Official Statistics production: Where we come from The statistical model The universe The statistical

419 views • 22 slides

More recommend