dependence makes you vulnerable differential privacy
play

Dependence Makes You Vulnerable: Differential Privacy Under - PowerPoint PPT Presentation

Introduction Differential Privacy under Dependent Data Conclusion and Future Work Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 , Supriyo Chakraborty 2 , Prateek Mittal 1 Email: 1 { cl12, pmittal }


  1. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Dependence Makes You Vulnerable: Differential Privacy Under Dependent Tuples Changchang Liu 1 , Supriyo Chakraborty 2 , Prateek Mittal 1 Email: 1 { cl12, pmittal } @princeton.edu, 2 supriyo@us.ibm.com, 1 Princeton University, 2 IBM T.J. Watson Research Center February 23, 2016 1 / 21

  2. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Data Privacy • Privacy is important! - Snowden case - G20 summit breach - iCloud photo breach ··· 2 / 21

  3. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Direct Release Data Would Compromise Privacy! Applications Researchers Raw Data Query Results Data Provider Data Recipients Individuals 3 / 21

  4. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Direct Release Data Would Compromise Privacy! Raw Data Query Results Data Provider Data Recipients Individuals 3 / 21

  5. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Obfuscate Data before Release to Protect Privacy Applications Researchers Perturbed Raw Data Query Results Query Results Data Obfuscation Data Provider Data Recipients Individuals 3 / 21

  6. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Existing Privacy Metrics – Differential Privacy [ICALP ’06] – Pufferfish Privacy [PODS ’12] – Membership Privacy [CCS ’13] – Blowfish Privacy [SIGMOD ’14] 4 / 21

  7. Introduction Differential Privacy under Dependent Data Conclusion and Future Work ε -Differential Privacy (DP) D Neighboring Databases D ¢ The adversary’s ability to infer the individual’s information is bounded! 5 / 21

  8. Introduction Differential Privacy under Dependent Data Conclusion and Future Work ε -Differential Privacy (DP) Neighboring Databases Differential Privacy requires: D D ¢ The adversary’s ability to infer the individual’s information is bounded! 5 / 21

  9. Introduction Differential Privacy under Dependent Data Conclusion and Future Work ε -Differential Privacy (DP) Neighboring Differential Privacy requires: Databases Probability D D ¢ S Query Output The adversary’s ability to infer the individual’s information is bounded! 5 / 21

  10. � � � Introduction Differential Privacy under Dependent Data Conclusion and Future Work Laplace Perturbation Mechanism æ e x ö ( ) = - noise b , p b x ~ exp ç 1 ÷ D Q è ø ( ) Q D S ( ) = + b ( ( ( ( D D D D ) ) ) ) Q Q Q D Q Raw Data ε is the privacy budget Q is the query function ∆ Q is the global sensitivity of Q : max D , D ′ � Q ( D ) − Q ( D ′ ) � 1 6 / 21

  11. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Limitations for Differential Privacy (DP) Mechanisms Implicitly assume independent tuples 7 / 21

  12. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Limitations for Differential Privacy (DP) Mechanisms In reality, however, tuples are correlated • large volume • rich semantics • complex structure 8 / 21

  13. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Data correlation exists almost everywhere (b) business data (a) social network data (c) mobility data (d) medical data 9 / 21

  14. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Data correlation exists almost everywhere friendships interactions (b) business data (a) social network data (c) mobility data (d) medical data 9 / 21

  15. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Data correlation exists almost everywhere friendships financial interactions transactions (b) business data (a) social network data (c) mobility data (d) medical data 9 / 21

  16. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Data correlation exists almost everywhere friendships financial interactions transactions (b) business data (a) social network data communication records (c) mobility data (d) medical data 9 / 21

  17. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Data correlation exists almost everywhere friendships financial interactions transactions (b) business data (a) social network data communication disease records transmission (c) mobility data (d) medical data 9 / 21

  18. Introduction Differential Privacy under Dependent Data Conclusion and Future Work Our Objective Incorporate correlated data in differential privacy 10 / 21

  19. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Differential Privacy under Dependent Data Inference Attack for DP based on Correlated Tuples Dependent Differential Privacy (DDP) Experimental Results 10 / 21

  20. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Correlation in Gowalla Location Dataset Gowalla location dataset : 6 , 969 users, 98 , 802 location records Gowalla social dataset : 6 , 969 users, 47 , 502 edges Manhattan, NewYork Pasadena, Los Angeles Brooklyn, NewYork San Jose, San Francisco Beverly Hills, Los Angeles Queens, NewYork Oakland, San Francisco Long Beach, Los Angeles 11 / 21

  21. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Inference Attack on DP via K-Means Query Differentially Private K -means for Gowalla Location Dataset Inference Attack Perturbation Raw Data K-means Differentially Private Clustering K-means Clustering Individuals Data Provider Data Recipients 12 / 21

  22. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Inference Attack Social Inference Attack Relationships Check-in Community 13 / 21

  23. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Inference results by using correlation 8 with social relationships Leaked Information w/o social relationships 6 security guarantee by DP 4 2 0 0 0.5 1 1.5 2 2.5 3 Privacy Budget ε Exploiting correlation, one can infer more information! Exploiting correlation can break DP security guarantees! 14 / 21

  24. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Inference results by using correlation 8 with social relationships Leaked Information w/o social relationships 6 security guarantee by DP 4 2 0 0 0.5 1 1.5 2 2.5 3 Privacy Budget ε Exploiting correlation, one can infer more information! Exploiting correlation can break DP security guarantees! 14 / 21

  25. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results Differential Privacy under Dependent Data Inference Attack for DP based on Correlated Tuples Dependent Differential Privacy (DDP) Experimental Results 14 / 21

  26. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results ε -Dependent Differential Privacy (DDP) Neighboring Databases • R is probabilistic dependence relationship among the L dependent tuples • The adversary’s ability to infer the individual’s information is bounded even if the adversary has access to data correlation R . 15 / 21

  27. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results ε -Dependent Differential Privacy (DDP) Neighboring Databases Dependent Differential Privacy requires: • R is probabilistic dependence relationship among the L dependent tuples • The adversary’s ability to infer the individual’s information is bounded even if the adversary has access to data correlation R . 15 / 21

  28. Introduction Inference Attack for DP based on Correlated Tuples Differential Privacy under Dependent Data Dependent Differential Privacy (DDP) Conclusion and Future Work Experimental Results ε -Dependent Differential Privacy (DDP) Neighboring Dependent Differential Databases Privacy requires: Probability S Query Output • R is probabilistic dependence relationship among the L dependent tuples • The adversary’s ability to infer the individual’s information is bounded even if the adversary has access to data correlation R . 15 / 21

Recommend


More recommend