Oblivious Mechanisms in Differential Privacy Experiments, Conjectures, and Open Questions Chien-Lun Chen Joint work with Ranjan Pal and Leana Golubchik 1 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Privacy Issues in Data Publishing Governments and organizations publish anonymous personal information for research, analytics and services Privacy leak – identify a person from internet databases de-anonymize Netflix Price dataset [A. Narayanan ‘08 ] www.netflix.com – discover an individual’s record by comparing databases y our record was not in the database last month, but now it is… 2 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Differential Privacy (DP) ε -Differential Privacy [C. Dwork ‘06] D D 1 2 P A D [ ( ) S ] r 1 e e P A D [ ( ) S ] r 2 – privacy information loss ε -DP ε -DP Mechanism Mechanism ε -DP Mechanisms A A Query – DP Noise-adding mechanisms Laplacian, Geometric – other DP mechanisms L j S Matrix [C. Li ‘10] , K-norm [M. Hardt ‘09] or ? D D – non-numeric DP mechanism 1 2 Exponential [F. McSherry ‘07] 3 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
DP Noise-Adding Mechanism DP Noise-Adding Mechanism D D 1 2 A D ( ) q D ( ) X D ( ) Query (q) Query (q) Oblivious Mechanism ε -DP ε -DP x i k , L Mechanism Mechanism ij L e e , A A i k GS Query x i k kj GS +Noise (X) +Noise (X) 𝒚 𝒋𝒌 𝒚 𝒍𝒌 Global Sensitivity L max q D ( ) q D ( ) j GS 1 2 n D D , D : 1 2 d ( D D , ) 1 or ? H 1 2 k i 4 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Optimal DP Mechanism l l Widely-used information loss function: ij j i A DP mechanism is called optimal if it minimizes information loss and preserves DP. x Data managers solve the optimization problem for mechanism ij Bayesian Model Risk-Averse Model min p x l min max x l Objective: ij i j i ij ij i min info. loss j i j prior worst case s.t. s.t. DP Constraints DP Constraints x f ( p l , , , L ) ij i ij 5 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Presence of Side-Information Auxiliary Databases Side- information exists everywhere… – auxiliary databases – research studies, common knowledge – mathematical theories Research Studies central limit theorem transformations of random variables The presence of side-information is important and cannot be neglected. Side-information Prior probability scienceblog.cancerresearchuk.org 6 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
State-of-the-Art and Open Questions p L solution space = ( solution space = ( solution space = ( p p L , , , , , ) , , , L l l ) l ) Optimal DP Mechanism (Bayesian) i i i ij ij j i Optimal DP Mechanism (Risk-Averse) Optimal DP Mechanism (Bayesian, ∆= ∆ 𝐻𝑇 ) Optimal DP Mechanism (Risk-Averse, ∆= ∆ 𝐻𝑇 ) :Staircase Mechanism [Q. Geng ‘14] Optimal in Risk-Averse model Optimal for unbounded domain L Universally Optimal DP Mechanism (unknown) Universally Optimal DP Mechanism ( L ∈ Z , ∆=1) :Geometric Mechanism [M. Gupte ’10] [A . Ghosh ‘12] Universally optimal in both Risk-Averse and Bayesian model p A universally optimal mechanism is optimal for all priors i l and all loss functions . ij 7 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Main Contributions Propose open questions in DP mechanism design For (Bayesian, ∆=∆ 𝐻𝑇 ), we propose a heuristic design – optimal design for general priors is difficult – we start with heuristic design, and it surprisingly leads to significant improvement in utility-privacy tradeoffs Show via experiments, the importance of the optimal Bayesian mechanism design – optimal Bayesian design is non-trivial when side-information substantially narrows down the outputs of the query 8 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Experimental Context and Settings Queries - Mean and Max Oblivious mechanism database independent synthetic data – public information Normal known: domain 𝑀 ∈ [-10,10] each entity is independent and uniformly distributed – mathematical theories central limit theorem Scaled-Beta mean value is approximately normal distributed transformations of random variables the max value is scaled- beta distributed over 𝑀 Global sensitivity = 10 Gaussian is truncated and normalized in 𝑀 9 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Our Heuristic DP Mechanism (1): Pre-rounding – only outputs {-10,0,10} 10 GS (2): Add truncated 𝛽 - e Geometric Noise ( ) – P r [X>10] goes to P r [X=10] – P r [X<-10] goes to P r [X=-10] (1) 0 10 -10 The heuristic mechanism e (2) Truncated 𝛽 -Geometric mechanism satisfies ε -DP ( ) Mechanism designed for low-variance priors 10 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Utility-Privacy Tradeoff Performance Significant improvement in low & intermediate privacy regime (the red ‘ x ’ ) . In the high privacy regime tend towards convergence – DP mechanism adds extremely large noise to maintain privacy – noise dominates the performance 11 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Our Mechanism is Collusion-Proof ! Users collude in perturbed results (based on MLE) The heuristic design is collusion-proof (the red curve) 12 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Design Insights When query outputs are substantially narrowed down by side- information, discretizing the domain and adding truncated Geometric noise is a good idea A robust, simple, and efficient Bayesian design is possible! A collusion-proof Bayesian design is also feasible 13 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Future Directions Optimal Bayesian design mechanism – so that we know how good our design is – new heuristic methods and design insights – studies of implementation complexity Applications of the optimal Bayesian design – applying Bayesian design to practical problems with side-information – many practical issues will be involved Optimal Bayesian design in approximate DP – more efficient, but less robust 14 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Q&A Thank you! Email: chienlun@usc.edu 15 5/27/2016 Quantitative Evaluation & Design (QED) Research Group
Recommend
More recommend
