[PPT] - with Constant Multiplicative Error Uri Stemmer Ben-Gurion PowerPoint Presentation

SLIDE 1

Differentially Private k-Means

with Constant Multiplicative Error

Uri Stemmer Ben-Gurion University

joint work with Haim Kaplan

SLIDE 2

What is 𝒍-Means Clustering?

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

SLIDE 3

What is 𝒍-Means Clustering?

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

✓ Probably the most well-studied clustering problem ✓ Tons of applications ✓ Super popular

SLIDE 4

What is 𝒍-Means Clustering?

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

What is Differentially Private 𝒍-Means?

[Dwork, McSherry, Nissim, Smith 06] (informal)

 Every data point 𝒚𝒋 represents the (private) information of one individual  Goal: the output (the set of centers) does not reveal information that is specific to any single individual

SLIDE 5

What is 𝒍-Means Clustering?

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

What is Differentially Private 𝒍-Means?

[Dwork, McSherry, Nissim, Smith 06] (informal)

 Every data point 𝒚𝒋 represents the (private) information of one individual  Goal: the output (the set of centers) does not reveal information that is specific to any single individual  Requirement: the output distribution is insensitive to any arbitrarily change of a single input point (an algorithm satisfying this requirement is differentially private)

SLIDE 6

What is 𝒍-Means Clustering?

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

What is Differentially Private 𝒍-Means?

[Dwork, McSherry, Nissim, Smith 06] (informal)

 Every data point 𝒚𝒋 represents the (private) information of one individual  Goal: the output (the set of centers) does not reveal information that is specific to any single individual  Requirement: the output distribution is insensitive to any arbitrarily change of a single input point (an algorithm satisfying this requirement is differentially private)

Why is that a good privacy definition?

Even if an observer knows all other data point but mine, and now she sees the outcome

f the computation, then she still cannot learn “anything” on my data point

SLIDE 7

Differentially Private 𝒍-Means Clustering

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

Requirement: the output distribution is insensitive to any arbitrarily change of a single input point

SLIDE 8

Differentially Private 𝒍-Means Clustering

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

Requirement: the output distribution is insensitive to any arbitrarily change of a single input point

Observe: With privacy we must have additive error

Assume 𝒍 = 𝒐 = 𝟒
OPT’s cost = 0

SLIDE 9

Differentially Private 𝒍-Means Clustering

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

Requirement: the output distribution is insensitive to any arbitrarily change of a single input point

Observe: With privacy we must have additive error

𝚳

Assume 𝒍 = 𝒐 = 𝟒
OPT’s cost = 0
Move one point
OPT’s cost = 0

SLIDE 10

Differentially Private 𝒍-Means Clustering

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

Requirement: the output distribution is insensitive to any arbitrarily change of a single input point

Observe: With privacy we must have additive error

𝚳

Assume 𝒍 = 𝒐 = 𝟒
OPT’s cost = 0
Move one point
OPT’s cost = 0
Each solution must remain approx. equally likely
On at least one of these inputs our cost is ≈ 𝚳𝟑

SLIDE 11

Differentially Private 𝒍-Means Clustering

Given: Data points 𝑻 = 𝒚𝟐, … , 𝒚𝒐 ∈ ℝ𝒆 𝒐 and parameter 𝒍 Identify 𝒍 centers 𝑫 = 𝒗𝟐, … , 𝒗𝒍 minimizing 𝐝𝐩𝐭𝐮 𝑫 = 𝐧𝐣𝐨ℓ 𝒚𝒋 − 𝒗ℓ 𝟑

𝒋

Requirement: the output distribution is insensitive to any arbitrarily change of a single input point

Observe: With privacy we must have additive error

𝚳

Assume 𝒍 = 𝒐 = 𝟒
OPT’s cost = 0
Move one point
OPT’s cost = 0
Each solution must remain approx. equally likely
On at least one of these inputs our cost is ≈ 𝚳𝟑

⟹ We assume that input points come from the unit ball

SLIDE 12

Ref Model Runtime Bounds GLMRT’10

differential privacy

𝒐𝒆 𝐏 𝟐 ⋅𝐏𝐐𝐔 + 𝑷 𝒍𝟑 ⋅ 𝒆 NCBN’16

differential privacy

𝐪𝐩𝐦𝐳 𝐏 𝐦𝐩𝐡 𝒍 ⋅𝐏𝐐𝐔 + 𝑷 𝒐 FXZR’17

differential privacy

𝐪𝐩𝐦𝐳 𝑷 𝒍 𝐦𝐩𝐡 𝒐 ⋅𝐏𝐐𝐔 + 𝑷 𝒍𝟒/𝟑 ⋅ 𝒆 BDLMZ’17

differential privacy

𝐪𝐩𝐦𝐳 𝑷 𝐦𝐩𝐡𝟒𝒐 ⋅𝐏𝐐𝐔 + 𝑷 𝒍𝟑 + 𝒆 NS’18

differential privacy

𝐪𝐩𝐦𝐳 𝑷 𝒍 ⋅𝐏𝐐𝐔 + 𝑷 𝒍𝟐.𝟔𝟐 ⋅ 𝒆𝟏.𝟔𝟐 New

differential privacy

𝐪𝐩𝐦𝐳 𝑷 𝟐 ⋅𝐏𝐐𝐔 + 𝑷 𝒍𝟐.𝟏𝟐 ⋅ 𝒆𝟏.𝟔𝟐 + 𝒍𝟒/𝟑

with Constant Multiplicative Error Uri Stemmer Ben-Gurion - - PowerPoint PPT Presentation

Differentially Private k-Means

with Constant Multiplicative Error

What is 𝒍-Means Clustering?

What is 𝒍-Means Clustering?

What is 𝒍-Means Clustering?

What is 𝒍-Means Clustering?

What is 𝒍-Means Clustering?

Differentially Private 𝒍-Means Clustering

Differentially Private 𝒍-Means Clustering

Differentially Private 𝒍-Means Clustering

Differentially Private 𝒍-Means Clustering

Differentially Private 𝒍-Means Clustering

Previous and New Bounds