on the theory and practice of privacy preserving bayesian
play

On the Theory and Practice of Privacy-Preserving Bayesian Data - PowerPoint PPT Presentation

Aug 18, 2023 •111 likes •878 views

On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph Geumlek,* Max Welling, + Kamalika Chaudhuri* + University of Amsterdam *University of California, San Diego Overview Bayesian Privacy-preserving

  1. On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis James Foulds,* Joseph Geumlek,* Max Welling, + Kamalika Chaudhuri* + University of Amsterdam *University of California, San Diego

  2. Overview Bayesian Privacy-preserving data analysis data analysis 2

  3. Overview Privacy-preserving Bayesian Privacy-preserving Bayesian data analysis data analysis data analysis 3

  4. Overview (Dimitrakakis et al., 2014; Wang et al., 2015) Privacy-preserving Bayesian Privacy-preserving Bayesian data analysis data analysis data analysis “for free” via posterior sampling 4

  5. Overview (Dimitrakakis et al., 2014; Wang et al., 2015) Privacy-preserving Bayesian Privacy-preserving Bayesian data analysis data analysis data analysis “for free” via posterior sampling Limitations: data inefficiency, approximate inference We consider a very simple alternative technique to resolve this 5

  6. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 6

  7. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 7

  8. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 8

  9. Privacy and Machine Learning • As individuals and consumers we benefit from ML systems trained on OUR data – Internet search – Recommendations • products, movies, music, news, restaurants, email recipients – Mobile phones • Autocorrect, speech recognition, Siri, … 9

  10. The cost is our privacy http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/#b228dae34c62 10 ,Retrieved 6/16/2016

  11. Privacy and Machine Learning • Want the benefits of sharing our data while protecting our privacy – Have your cake and eat it too! 11

  12. Privacy and Machine Learning • Want the benefits of sharing our data while protecting our privacy – Have your cake Apple and eat it too! 12

  13. Privacy and Machine Learning • Want the benefits of sharing our data while protecting our privacy – Have your cake Apple and eat it too! 13

  14. “ We believe you should have great features and great privacy . You demand it and we're dedicated to providing it. ” • Craig Federighi, Apple senior vice president of Software Engineering. June 13 2016, WWDC16 Quote from http://appleinsider.com/articles/16/06/15/inside-ios-10-apple-doubles-down-on-security-with-cutting-edge-differential-privacy , retrieved 6/16/2016 14

  15. Statistical analysis of sensitive data [the Wikileaks disclosure] “ puts the lives of United States and its partners’ service members and civilians at risk. ” - Hillary Clinton 15

  16. Bayesian analysis of sensitive data • Bayesian inference widely and successfully used in application domains where privacy is invaluable – Text analysis (Blei et al., 2003; Goldwater and Griffiths, 2007) – Personalized recommender systems (Salakhutdinov and Mnih, 2008) – Medical informatics (Husmeier et al., 2006) – MOOCs (Piech et al., 2013). • Data scientists must balance benefits and potential insights vs privacy concerns (Daries et al., 2014). 16

  17. Anonymization? Alice Alice Bob Bob Claire Claire …. …. Anonymized Netflix data + public IMDB data = identified Netflix data 17 (Narayanan and Shmatikov, 2008)

  18. Anonymization? Alice Alice Bob Bob Claire Claire …. …. Anonymized Netflix data + public IMDB data = identified Netflix data 18 (Narayanan and Shmatikov, 2008)

  19. Anonymization? Alice Alice Bob Bob Claire Claire …. …. Anonymized Netflix data + public IMDB data = identified Netflix data 19 (Narayanan and Shmatikov, 2008)

  20. Aggregation? 20 https://www.buzzfeed.com/nathanwpyle/can-you-spot-all-26-letters-in-this-messy-room-369?utm_term=.gyRdVVvV5#.kkovLL1LE Retrieved 6/16/2016

  21. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? 21

  22. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? • Report average salary in CS dept. 22

  23. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? • Report average salary in CS dept. • Prof. X leaves. 23

  24. Hiding in the crowd • Only release statistics aggregated over many individuals. Does this ensure privacy? • Report average salary in CS dept. • Prof. X leaves. • Report avg salary again. – We can identify Prof. X’s salary 24

  25. Noise / data corruption • Release Prof. X’s salary + noise • Once we sufficiently obfuscate Prof. X’s salary, it is no longer useful 25

  26. Noise + crowd • Release mean salary + noise • Need much less noise to protect Prof. X’s salary 26

  27. Solution • “Noise + crowds” can provide both individual-level privacy , and accurate population-level queries • How to quantify privacy loss? – Answer: Differential privacy 27

  28. Differential privacy (Dwork et al., 2006) Queries Untrusted users Answers Individuals’ data Privacy-preserving interface: randomized algorithms • DP is a promise: – “If you add your data to the database, you will not be affected much” 28

  29. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much Individuals’ data 29

  30. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Individuals’ data 30

  31. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm Individuals’ data 31

  32. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm Individuals’ data 32

  33. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm + Individuals’ data 33

  34. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm + Randomized algorithm Individuals’ data 34

  35. Differential privacy (Dwork et al., 2006) • Consider randomized algorithm • DP guarantees that the likely output of is not greatly affected by any one data point • In particular, the distribution over the outputs of the algorithm will not change too much + Randomized algorithm Similar! + Randomized algorithm Individuals’ data 35

  36. Differential privacy (Dwork et al., 2006) Ratios of probabilities bounded by 36

  37. Properties of differential privacy • Immune to post-processing – Resists attacks using side information, as in the Netflix Prize linkage attack 37

  38. Properties of differential privacy • Immune to post-processing – Resists attacks using side information, as in the Netflix Prize linkage attack • Composition – If you run multiple DP queries, their epsilons add up. – Can think of this as a “privacy budget” we spend over all queries 38

  39. Laplace mechanism (Dwork et al., 2006) • Adding Laplace noise is sufficient to achieve differential privacy • The Laplace distribution is two exponential distributions, back-to-back • The noise level depends on a quantity called the L1 sensitivity of the query h : 39

  40. Exponential mechanism (McSherry and Talwar, 2007) • Aims to output responses of high utility • Given real-valued utility function , the exponential mechanism selects outputs r via Temperature depends on sensitivity, epsilon 40

Recommend

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My experience with biometrics and privacy Academic background on privacy Gradiants goal: transfer of knowledge to industry We bring state of

193 views • 6 slides
Paper review 1 Privacy is a Process, not a PET A Theory for Effective Privacy Practice

Paper review 1 Privacy is a Process, not a PET A Theory for Effective Privacy Practice

Paper review 1 Privacy is a Process, not a PET A Theory for Effective Privacy Practice Accepted at New Security Paradigms Workshop 2012 Paper review 2 Too Close for Comfort: A Study of the Effectiveness and Acceptability of

515 views • 18 slides
Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU Leuven - COSIC 20 November 2012 Privacy Preserving Protocols Introduction Cryptography in Daily Life RFID Privacy

1.04k views • 60 slides
Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro

Privacy-preserving Information Sharing: Crypto Tools and Applications Emiliano De Cristofaro University College London (UCL) https://emilianodc.com Privacy-preserving what ? Parties with limited mutual trust willing or required to share

1.1k views • 66 slides
Theory or Practice? Theory : Without theory, practice is but routine born out of habit.

Theory or Practice? Theory : Without theory, practice is but routine born out of habit.

Theory or Practice? Theory : Without theory, practice is but routine born out of habit. Theory alone can bring forth and develop the spirit of inventions Louis Pasteur, 1822-1895 Practice : It is a capital mistake to theorize before

548 views • 42 slides
New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of

New Directions in Privacy- preserving Machine Learning Kamalika Chaudhuri University of California, San Diego Sensitive Data Medical Records Genetic Data Search Logs AOL Violates Privacy AOL Violates Privacy Netflix Violates Privacy [NS08]

957 views • 92 slides
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore PETS 2017 Privacy-Preserving Computation with Trusted

477 views • 34 slides
Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No

Preserving the Privacy of Sensitive Relationships in Graph Data Motivation Valuable Data! No privacy breaches! Public Data Anonymization Data representation? Privacy breach? Value of data? Data publisher Privacy Analyst Work by: Elena

80 views • 3 slides
Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes

Collaborative Privacy Preserving Data Mining in Vertically Partitioned Databases Ehud Gudes Ben-Gurion University, Israel This talk presents joint work with Boris Rozenberg Talk Outline Motivation for Privacy-Preserving Distributed Data

1.48k views • 68 slides
Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong

Privacy preserving data mining randomized response and association rule hiding Li Xiong CS573 Data Privacy and Anonymity Partial slides credit: W. Du, Syracuse University, Y. Gao, Peking University Privacy Preserving Data Mining

659 views • 39 slides
Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start

Network Privacy Mostly issues of preserving privacy of data flowing through network Start with encryption With good encryption, data values not readable So whats the problem? Lecture 17 Page 1 CS 236 Online Traffic Analysis

532 views • 21 slides
Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security

Motivation Two-Cloud Setting PP k NN Classification Conclusion and Future Research Privacy-Preserving Query Processing over Encrypted Data in Cloud CS573 Data Privacy and Security Yousef M. Elmehdwi Department of Mathematics and Computer

919 views • 19 slides
DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining & Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining & Information Privacy:

DIMACS/PORTIA Workshop on Privacy Preserving Data Mining Data Mining & Information Privacy: New Problems and the Search for Solutions March 15 th , 2004 Tal Zarsky The Information Society Project, Yale Law School Introduction: Various

273 views • 25 slides
Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath,

Privacy-Preserving DNS Analysis of Broadcast, Range Queries and Mixes Hannes Federrath, Karl-Peter Fuchs, Dominik Herrmann , Christopher Piosecny University of Hamburg (Germany) 1 Agenda Missing Privacy in DNS Characteristics of DNS Traffic

559 views • 24 slides
Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex

Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex

Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Privacy-preserving KYC on Ethereum Introduction A decentralized KYC-compliant identity Alex Biryukov, Dmitry Khovratovich, Sergei Tikhomirov Conclusion and future work

828 views • 20 slides
P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

P 4 PCN: Privacy-Preserving Path Probing for Ruozhou Yu , Yinxin Wan, Vishnu Teja Kilari, Guoliang Xue, Jian Tang, Dejun Yang Payment Channel Networks P 4 PCN: Privacy-Preserving Path Probing for Payment Channel Networks Ruozhou Yu, Assistant

197 views • 5 slides
Privacy-Preserving Publish/Subscribe: Efficient Protocols in a

Privacy-Preserving Publish/Subscribe: Efficient Protocols in a

Privacy-Preserving Publish/Subscribe: Efficient Protocols in a Distributed Model Giovanni Di Crescenzo 1 Brian Coan 1 John Schultz 3 Simon Tsang 1 Rebecca N.

338 views • 14 slides
DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM International Workshop on Data Privacy Management 2013 Georg Neugebauer 1 , Lucas Brutschy 1 , Ulrike Meyer 1 and Susanne Wetzel 2 UMIC LuFG IT-Security,

212 views • 17 slides
Privacy-Preserving Statistical Data Analysis on Federated Databases Dan Bogdanov Liina Kamm

Privacy-Preserving Statistical Data Analysis on Federated Databases Dan Bogdanov Liina Kamm

Privacy-Preserving Statistical Data Analysis on Federated Databases Dan Bogdanov Liina Kamm Sven Laur Pille Pruulmann-Vengerfeldt Riivo Talviste Jan Willemson Annual Privacy Forum Athens, Greece May 20, 2014 UaESMC Problem Statement

429 views • 17 slides
Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li

Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li

CS573 Data Privacy and Security Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li Xiong Slides credit: Chris Clifton, Purdue University; Murat Kantarcioglu, UT Dallas Outline Overview Data

901 views • 42 slides
Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving

Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving

Back to the Drawing Board: Revisiting the Design of Optimal Location Privacy-preserving Mechanisms Simon Oya, Carmela Troncoso, Fernando Prez-Gonzlez 1 Motivation. Obfuscation-Based Location Privacy. Location information is sensitive.

521 views • 20 slides
Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der Meulen seminar Leuven, December 2011 1 Outline Security with noisy data - biometrics & privacy - Physical Unclonable Functions (PUFs)

828 views • 39 slides
Bayesian decision theory Andrea Passerini passerini@disi.unitn.it Machine Learning Bayesian

Bayesian decision theory Andrea Passerini passerini@disi.unitn.it Machine Learning Bayesian

Bayesian decision theory Andrea Passerini passerini@disi.unitn.it Machine Learning Bayesian decision theory Introduction Overview Bayesian decision theory allows to take optimal decisions in a fully probabilistic setting It assumes all

331 views • 29 slides
Building Blocks for Privacy- Preserving Decentralized Online Social Networks iSocial Summer

Building Blocks for Privacy- Preserving Decentralized Online Social Networks iSocial Summer

Building Blocks for Privacy- Preserving Decentralized Online Social Networks iSocial Summer School Sonja Buchegger, Assoc. Prof. Computer Science KTH ! Online Privacy Problematic Current services (FB, GMail, GCal, Flickr, Pinterest) are

398 views • 18 slides

More recommend