locally private release of
play

Locally Private Release of Marginal Statistics Graham Cormode - PowerPoint PPT Presentation

Mar 22, 2024 •253 likes •525 views

Locally Private Release of Marginal Statistics Graham Cormode g.cormode@warwick.ac.uk Tejas Kulkarni (Warwick) Divesh Srivastava (AT&T) 1 Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm: Scenario. Each

  1. Locally Private Release of Marginal Statistics Graham Cormode g.cormode@warwick.ac.uk Tejas Kulkarni (Warwick) Divesh Srivastava (AT&T) 1

  2. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc. 2

  3. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc.  Algorithm. Toss a (biased) coin, and – With probability p > ½, report the true answer – With probability 1-p, lie 2

  4. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc.  Algorithm. Toss a (biased) coin, and – With probability p > ½, report the true answer – With probability 1-p, lie  Aggregation. Collect responses from a large number N of users – Can ‘unbias’ the estimate (if we know p) of the population fraction – The error in the estimate is proportional to 1/√N 2

  5. Privacy with a coin toss Perhaps the simplest possible formal privacy algorithm:  Scenario. Each user has a single private bit of information – Encoding e.g. political/sexual/religious preference, illness, etc.  Algorithm. Toss a (biased) coin, and – With probability p > ½, report the true answer – With probability 1-p, lie  Aggregation. Collect responses from a large number N of users – Can ‘unbias’ the estimate (if we know p) of the population fraction – The error in the estimate is proportional to 1/√N  Analysis. Gives differential privacy with parameter ε = ln (p/(1-p)) – Works well in theory, but would anyone ever use this? 2

  6. Privacy in practice 3

  7. Privacy in practice  Differential privacy based on coin tossing is widely deployed – In Google Chrome browser, to collect browsing statistics – In Apple iOS and MacOS, to collect typing statistics – This yields deployments of over 100 million users 3

  8. Privacy in practice  Differential privacy based on coin tossing is widely deployed – In Google Chrome browser, to collect browsing statistics – In Apple iOS and MacOS, to collect typing statistics – This yields deployments of over 100 million users  The model where users apply differential privately and then aggregated is known as “ Local Differential Privacy ” – The alternative is to give data to a third party to aggregate – The coin tossing method is known as ‘randomized response’ 3

  9. Privacy in practice  Differential privacy based on coin tossing is widely deployed – In Google Chrome browser, to collect browsing statistics – In Apple iOS and MacOS, to collect typing statistics – This yields deployments of over 100 million users  The model where users apply differential privately and then aggregated is known as “ Local Differential Privacy ” – The alternative is to give data to a third party to aggregate – The coin tossing method is known as ‘randomized response’  Local Differential privacy is state of the art in 2017: Randomized response invented in 1965: five decade lead time! 3

  10. Going beyond 1 bit of data 1 bit can tell you a lot, but can we do more?  Recent work: materializing marginal distributions – Each user has d bits of data (encoding sensitive data) – We are interested in the distribution of combinations of attributes 4

  11. Going beyond 1 bit of data 1 bit can tell you a lot, but can we do more?  Recent work: materializing marginal distributions – Each user has d bits of data (encoding sensitive data) – We are interested in the distribution of combinations of attributes Gender Obese High BP Smoke Disease Alice 1 0 0 1 0 Bob 0 1 0 1 1 … Zayn 0 0 1 0 0 4

  12. Going beyond 1 bit of data 1 bit can tell you a lot, but can we do more?  Recent work: materializing marginal distributions – Each user has d bits of data (encoding sensitive data) – We are interested in the distribution of combinations of attributes Gender Obese High BP Smoke Disease Alice 1 0 0 1 0 Bob 0 1 0 1 1 … Zayn 0 0 1 0 0 Gender/Obese 0 1 Disease/Smoke 0 1 0 0.28 0.22 0 0.55 0.15 1 0.29 0.21 1 0.10 0.20 4

  13. Nail, meet hammer  Could apply Randomized Reponse to each entry of each marginal – To give an overall guarantee of privacy, need to change p – The more bits released by a user, the closer p gets to ½ (noise) 5

  14. Nail, meet hammer  Could apply Randomized Reponse to each entry of each marginal – To give an overall guarantee of privacy, need to change p – The more bits released by a user, the closer p gets to ½ (noise)  Need to design algorithms that minimize information per user 5

  15. Nail, meet hammer  Could apply Randomized Reponse to each entry of each marginal – To give an overall guarantee of privacy, need to change p – The more bits released by a user, the closer p gets to ½ (noise)  Need to design algorithms that minimize information per user  First observation: a sampling trick – If we release n bits of information per user, the error is n/√N – If we sample 1 out of n bits, the error is √(n/N) – Quadratically better to sample than to share! 5

  16. What to materialize? Different approaches based on how information is revealed 6

  17. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 6

  18. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 2. Or we could reveal information about the full distribution – There are 2 d entries in the d-dimensional distribution – Then aggregate results here (obtaining additional error) 6

  19. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 2. Or we could reveal information about the full distribution – There are 2 d entries in the d-dimensional distribution – Then aggregate results here (obtaining additional error)  Still using randomized response on each entry – Approach 1 (marginals): cost proportional to 2 3k/2 d k/2 /√N – Approach 2 (full): cost proportional to 2 (d+k)/2 /√N 6

  20. What to materialize? Different approaches based on how information is revealed 1. We could reveal information about all marginals of size k – There are (d choose k) such marginals, of size 2 k each 2. Or we could reveal information about the full distribution – There are 2 d entries in the d-dimensional distribution – Then aggregate results here (obtaining additional error)  Still using randomized response on each entry – Approach 1 (marginals): cost proportional to 2 3k/2 d k/2 /√N – Approach 2 (full): cost proportional to 2 (d+k)/2 /√N  If k is small (say, 2), and d is large (say 10s), Approach 1 is better – But there’s another approach to try… 6

  21. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply 7

  22. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply  Property 1: only (d choose k) coefficients are needed to build any k-way marginal – Reduces the amount of information to release 7

  23. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply  Property 1: only (d choose k) coefficients are needed to build any k-way marginal – Reduces the amount of information to release  Property 2: Hadamard transform is a linear transform – Can estimate global coefficients by sampling and averaging 7

  24. Hadamard transform Instead of materializing the data, we can transform it  Via Hadamard transform (the discrete Fourier transform for the binary hypercube) – Simple and fast to apply  Property 1: only (d choose k) coefficients are needed to build any k-way marginal – Reduces the amount of information to release  Property 2: Hadamard transform is a linear transform – Can estimate global coefficients by sampling and averaging  Yields error proportional to 2 k/2 d k/2 /√N – Better than both previous methods (in theory) 7

  25. Empirical behaviour  Compare three methods: Hadamard based (Inp_HT), marginal materialization (Marg_PS), Expectation maximization (Inp_EM)  Measure sum of absolute error in materializing 2-way marginals  N = 0.5M individuals, vary privacy parameter ε from 0.4 to 1.4 8

  26. Applications – χ -squared test  Anonymized, binarized NYC taxi data  Compute χ -squared statistic to test correlation  Want to be same side of the line as the non-private value! 9

  27. Application – building a Bayesian model  Aim: build the tree with highest mutual information (MI)  Plot shows MI on the ground truth data for evaluation purposes 10

Recommend

CSC2412: Private Multiplicative Weights Sasho Nikolov 1 Query Release Reminder: Query Release

CSC2412: Private Multiplicative Weights Sasho Nikolov 1 Query Release Reminder: Query Release

CSC2412: Private Multiplicative Weights Sasho Nikolov 1 Query Release Reminder: Query Release 50,1 } . :D oh Recall the query release problem: q.lt/--tnEZ9ilx ) Workload Q = { q 1 , . . . , q k } of k counting queries . , Xu } teh x

496 views • 18 slides
Locally private learning without interaction requires separation Vitaly Feldman Research with

Locally private learning without interaction requires separation Vitaly Feldman Research with

Locally private learning without interaction requires separation Vitaly Feldman Research with Amit Daniely Hebrew University Local Differential Privacy (LDP) 1 [KLNRS 08] -LDP if for every user , message is sent using a

532 views • 14 slides
Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con

Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con

Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con Consi sistency Tianhao Wang Purdue University Joint work with Milan Lopuha-Zwakenberg, Zitao Li, Boris Skoric, Ninghui Li 1 Privacy in

336 views • 14 slides
Building Blocks of Privacy: Differentially Private Mechanisms Graham Cormode graham@cormode.org

Building Blocks of Privacy: Differentially Private Mechanisms Graham Cormode graham@cormode.org

Building Blocks of Privacy: Differentially Private Mechanisms Graham Cormode graham@cormode.org The data release scenario 2 Data Release Much interest in private data release Practical: release of AOL, Netflix data etc. Research:

606 views • 42 slides
MEDIA RELEASE 9 April 2013 Raising the Bar for Quality in Private Education 1. More than 300

MEDIA RELEASE 9 April 2013 Raising the Bar for Quality in Private Education 1. More than 300

MEDIA RELEASE 9 April 2013 Raising the Bar for Quality in Private Education 1. More than 300 participants from the private education industry gathered today at the inaugural Private Education Conference - "Raising the Bar on Quality - to

356 views • 24 slides
Communication Complexity in Locally Private Distribution Estimation and Heavy Hitters ICML 2019,

Communication Complexity in Locally Private Distribution Estimation and Heavy Hitters ICML 2019,

Communication Complexity in Locally Private Distribution Estimation and Heavy Hitters ICML 2019, Long Beach June 11th, 2019 Jayadev Acharya, Cornell University Ziteng Sun, Cornell University Distribution Learning [ k ] = { 0 , 1 , 2 , ...,

359 views • 23 slides
For personal use only AND EQUITY RAISING CREATION OF A GROWING, LARGE SCALE NATIONAL PRIVATE

For personal use only AND EQUITY RAISING CREATION OF A GROWING, LARGE SCALE NATIONAL PRIVATE

ACQUISITION OF OPTICOMM For personal use only AND EQUITY RAISING CREATION OF A GROWING, LARGE SCALE NATIONAL PRIVATE FIBRE CHALLENGER 15 JUNE 2020 NOT FOR RELEASE TO US WIRE SERVICES OR DISTRIBUTION IN THE UNITED STATES NOT FOR RELEASE TO US

623 views • 39 slides
Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems

Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems

Locally tabular polymodal logics Ilya Shapirovsky Institute for Information Transmission Problems of the Russian Academy of Sciences, Moscow June 30, 2017 Locally tabular (or locally finite ) logics A logic L is locally tabular if, for any

608 views • 46 slides
Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT

Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT

Hands-On Getting ready... Run a task that accesses ESD Locally Locally with ROOT PROOF Modify it... Run a task that accesses MC PROOF Reading log files, resetting session, etc. Running the tasks from

679 views • 19 slides
The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big data, big problem? The big data meme has taken root Organizations jumped on the bandwagon Funding agencies have given out grants But

697 views • 37 slides
The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big data, big problem? The big data meme has taken root Organizations jumped on the bandwagon Entered the public vocabulary But this data

666 views • 31 slides
The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big

The confounding problem of private data release Graham Cormode g.cormode@warwick.ac.uk 1 Big data, big problem? The big data meme has taken root Organizations jumped on the bandwagon Entered the public vocabulary But this data

427 views • 26 slides
PIT Release Date Functionality 15-May CAB Release

PIT Release Date Functionality 15-May CAB Release

PIT Release Date Functionality 15-May CAB Release Enumeration alignment 24-May Batching Payroll Submission SOAP Bug fixes 19-Jun Agent access Returns Reconciliation

623 views • 26 slides
MINNESOTA SUPER BOWL HOST COMMITTEE Who are we? We are a 501(c)6 non-profit, raising private

MINNESOTA SUPER BOWL HOST COMMITTEE Who are we? We are a 501(c)6 non-profit, raising private

MINNESOTA SUPER BOWL HOST COMMITTEE Who are we? We are a 501(c)6 non-profit, raising private funds to host the game, including free and open to the public events. We are not the NFL. We are a locally run organization who live and work in this

333 views • 32 slides
PIT Release

PIT Release

PIT Release Date Functionality 15-May CAB Release Enumeration alignment 24-May Batching Payroll Submission SOAP Bug fixes 19-June

506 views • 21 slides
Non locally modular reducts of ACF Dmitry Sustretov Hebrew University Neostability theory,

Non locally modular reducts of ACF Dmitry Sustretov Hebrew University Neostability theory,

Non locally modular reducts of ACF Dmitry Sustretov Hebrew University Neostability theory, Oaxaca sustretov@ma.huji.ac.il July 13, 2015 Non locally modular reducts of ACF D. Sustretov Non locally modular strongly minimal sets Let M be a

420 views • 13 slides
ARGOS EPSILON INDEX ____________ Release of 2006 benchmark for Euro zone mid-market private

ARGOS EPSILON INDEX ____________ Release of 2006 benchmark for Euro zone mid-market private

ARGOS EPSILON INDEX ____________ Release of 2006 benchmark for Euro zone mid-market private company market values Press conference, 27 March 2007 ARGOS EPSILON INDEX 1. Methodology 2. The 2006 Argos Epsilon Index 3. Trade buyers v. LBO funds

557 views • 30 slides
Locally injective homomorphisms are universal on connected graphs Jan Hubi cka Charles

Locally injective homomorphisms are universal on connected graphs Jan Hubi cka Charles

Universality Homomorphism order Locally injective homomorphisms Locally injective homomorphisms are universal on connected graphs Jan Hubi cka Charles University Prague Joint work with Jirka Fiala and Yangjing Long 2nd Workshop on

738 views • 56 slides
Compassionate Release and COVID-19 WHAT TO DO AND HOW TO WIN Compassionate Release 18 U.S.C.

Compassionate Release and COVID-19 WHAT TO DO AND HOW TO WIN Compassionate Release 18 U.S.C.

Compassionate Release and COVID-19 WHAT TO DO AND HOW TO WIN Compassionate Release 18 U.S.C. 3582 provides in relevant part: (c) M ODIFICATION OF AN I MPOSED T ERM OF I MPRISONMENT . The court may not modify a term of imprisonment once it

550 views • 32 slides
The Search for the possibility of a true global architecture *which ends up being locally

The Search for the possibility of a true global architecture *which ends up being locally

The Search for the possibility of a true global architecture *which ends up being locally produced architec- ture. Architecture for underdeveloped areas... and want to be kept that way* Design Division Architecture Locally

455 views • 12 slides
Thinking Globally, Thinking Globally, Acting Locally Acting Locally The Chicago Experience with

Thinking Globally, Thinking Globally, Acting Locally Acting Locally The Chicago Experience with

Thinking Globally, Thinking Globally, Acting Locally Acting Locally The Chicago Experience with a The Chicago Experience with a Universal Fare Card Universal Fare Card Michael Bolton Deputy Executive Director, Strategic Service Pace

510 views • 7 slides
Update July 7, 2016 1 O&M Updates Last Release Updates (June Release): P9

Update July 7, 2016 1 O&M Updates Last Release Updates (June Release): P9

North Carolina Department of Health & Human Services County DSS Directors Update July 7, 2016 1 O&M Updates Last Release Updates (June Release): P9 Transitional MA P3 Provider Portal Release Next

306 views • 8 slides
ELECTRONIC RELEASE and MANDATORY ELECTRONIC SUBMISSION MAY 2010 ELECTRONIC RELEASE BACKGROUND

ELECTRONIC RELEASE and MANDATORY ELECTRONIC SUBMISSION MAY 2010 ELECTRONIC RELEASE BACKGROUND

ELECTRONIC RELEASE and MANDATORY ELECTRONIC SUBMISSION MAY 2010 ELECTRONIC RELEASE BACKGROUND Implemented Saturday, 4 July 2009. Rules to Section 38 amended and published Covers electronic release of import and export goods declarations

591 views • 12 slides
Fast direct solvers for elliptic partial differential equations on locally-perturbed geometries

Fast direct solvers for elliptic partial differential equations on locally-perturbed geometries

The Basics Boundary Integral Equation The HBS Representation and Inversion Locally Perturbed Geometry Fast direct solvers for elliptic partial differential equations on locally-perturbed geometries Yabin Zhang (Joint work with Adrianna Gillman

494 views • 47 slides

More recommend