Sublinear r Space Pri rivate Algori rithms Under r the Sliding - PowerPoint PPT Presentation

Sublinear r Space Pri rivate Algori rithms Under r the Sliding Win Window M Mod odel Jalaj Upadhyay

Differential Privacy ! " ! # A ⋮ ! $ ! " & ! # A ⋮ ! $

Differential Privacy ! " queries/tasks ! # A ⋮ &(() ! $ private random coin ! " queries/tasks * ! # A ⋮ &((′) ! $ private random coin

Differential Privacy ! " queries/tasks ! # A ⋮ &(() ! $ Output private random coin distribution is close ! " queries/tasks * ! # A ⋮ &((′) ! $ private random coin

Differential Privacy ! and ! ’ are neighbor if " # they differ in one data point queries/tasks " $ A ⋮ '(!) " % Output private random coin distribution is close " # queries/tasks * " $ A ⋮ '(!′) " % private random coin

Differential Privacy ! and ! ’ are neighbor if . / they differ in one data point queries/tasks . 0 A ⋮ 3(!) Differential Privacy [DMNS06] . 1 Algorithm " is # -differentially private if Output private random coin • for all neighboring data sets ! and ! $ distribution • for all possible outputs % , is close . / Pr " ! ∈ S ≤ + , ⋅ Pr " ! $ ∈ % queries/tasks $ . 0 A ⋮ 3(!′) . 1 private random coin

Differential Privacy ! and ! ’ are neighbor if 0 1 they differ in one data point queries/tasks 0 2 A ⋮ 5(!) Differential Privacy [DMNS06] 0 3 Algorithm " is # -differentially private if Output private random coin • for all neighboring data sets ! and ! $ distribution • for all possible outputs % , is close 0 1 Pr " ! ∈ S ≤ + , ⋅ Pr " ! $ ∈ % queries/tasks $ 0 2 A # = 0 : perfect privacy no utility ⋮ 5(!′) As # increases, less privacy 0 3 more utility private random coin

Differential Privacy ! and ! ’ are neighbor if 0 1 they differ in one data point queries/tasks 0 2 A ⋮ 5(!) Differential Privacy [DMNS06] 0 3 Algorithm " is # -differentially private if Output private random coin • for all neighboring data sets ! and ! $ distribution • for all possible outputs % , is close 0 1 Pr " ! ∈ S ≤ + , ⋅ Pr " ! $ ∈ % queries/tasks $ 0 2 A # = 0 : perfect privacy no utility ⋮ 5(!′) As # increases, less privacy 0 3 more utility Allows utility- private random coin privacy trade-off

Differential Privacy Under Sliding Window • Differential privacy overview of Apple “ Apple retains the collected data for a maximum of three months”

Differential Privacy Under Sliding Window • Differential privacy overview of Apple “ Apple retains the collected data for a maximum of three months”

Differential Privacy Under Sliding Window • Differential privacy overview of Apple “ Apple retains the collected data for a maximum of three months” Goal of this paper Formalize privacy under • sliding window model Design sublinear space • private algorithms in the sliding window model

Problem Studied: Private ℓ " heavy hitters • # be an $ - dimensional vector • Output all indices % ∈ [$], # * ≥ , ∥ # ∥ " and estimate of # * • Allowed to accept % ∈ [$] if # * ≥ (, − 0) ∥ # ∥ "

Problem Studied: Private ℓ " heavy hitters • # be an $ - dimensional vector • Output all indices % ∈ [$], # * ≥ , ∥ # ∥ " and estimate of # * • Allowed to accept % ∈ [$] if # * ≥ (, − 0) ∥ # ∥ " Main Theorem There is an efficient 2(3) space (4, 5) -DP algorithm that returns a set of indices, ℐ , and estimates 7 # * for % ∈ ℐ , " If # * ≥ , ∥ # ∥ " , then # * − 7 # * ≤ 0 ∥ # ∥ " + : ; log 3 • A Does not include any % if # * < , − 3 0 ∥ # ∥ " + : • ; log 3

Problem Studied: Private ℓ " heavy hitters • # be an $ - dimensional vector • Output all indices % ∈ [$], # * ≥ , ∥ # ∥ " and estimate of # * • Allowed to accept % ∈ [$] if # * ≥ (, − 0) ∥ # ∥ " Main Theorem There is an efficient 2(3) space (4, 5) -DP algorithm that returns a set of indices, ℐ , and estimates 7 # * for % ∈ ℐ , Price of " privacy If # * ≥ , ∥ # ∥ " , then # * − 7 # * ≤ 0 ∥ # ∥ " + : ; log 3 • A Does not include any % if # * < , − 3 0 ∥ # ∥ " + : • ; log 3

Other Results and Open Problems • Algorithm extends to continual observation under sliding window • Current non-private framework do not extend to privacy • Lower bound using standard packing argument • Space lower bound on estimating ℓ " -heavy hitters • Reduction to communication complexity problem

Other Results and Open Problems • Algorithm extends to continual observation under sliding window • Current non-private framework do not extend to privacy • Lower bound using standard packing argument • Space lower bound on estimating ℓ " -heavy hitters • Reduction to communication complexity problem Characterize what is possible to compute privately under the sliding window model