violations by sampling and optimization
play

Violations by Sampling and Optimization Dana Benjamin Bichsel - PowerPoint PPT Presentation

Mar 21, 2023 •687 likes •956 views

DP-Finder: Finding Differential Privacy Violations by Sampling and Optimization Dana Benjamin Bichsel Timon Gehr PetarTsankov Martin Vechev Drachsler-Cohen Differential Privacy Basic Setting # disease 7 2 Differential Privacy Basic

  1. DP-Finder: Finding Differential Privacy Violations by Sampling and Optimization Dana Benjamin Bichsel Timon Gehr PetarTsankov Martin Vechev Drachsler-Cohen

  2. Differential Privacy – Basic Setting # disease 7 2

  3. Differential Privacy – Basic Setting # disease 7.3 + noise What about my privacy? 3

  4. Differential Privacy - Intuition ? # disease or 7.3 + noise Change my data # disease 7.6 + noise 4

  5. Differential Privacy – More Abstractly 𝑦 Attacker check 𝐺 𝐺(𝑦) 𝐺(𝑦) ∈ Φ ? Neighboring 𝑦′ Attacker check 𝐺 𝐺(𝑦′) 𝐺(𝑦′) ∈ Φ ? 5

  6. Differential Privacy - Definition 𝑦 𝜁 -DP: Attacker check 𝐺 Pr[ 𝐺 𝑦 ∈ Φ ] 𝐺(𝑦) 𝐺(𝑦) ∈ Φ ? Pr[ 𝐺(𝑦 ′ ) ∈ Φ ] ≤ exp 𝜁 ≈ 1 + 𝜁 Neighbouring Challenges induced by DP: 𝑦′ • Proving/checking 𝜁 -DP is hard Attacker check 𝐺 (buggy algorithms) 𝐺(𝑦′) 𝐺(𝑦′) ∈ Φ ? • Proof strategies not complete • Proofs only provide upper bounds 6

  7. 𝜁 -DP Counterexamples ( , , ) Φ 𝑦 𝑦′ that violate 𝜁 - DP: Pr[𝐺 𝑦 ∈ Φ] Pr[𝐺(𝑦 ′ ) ∈ Φ] > exp 𝜁 ⟺ log Pr[ 𝐺 𝑦 ∈ Φ ] Pr[ 𝐺(𝑦 ′ ) ∈ Φ ] > 𝜁 7

  8. 𝜁 -DP Counterexamples ( , , ) Φ 𝑦 𝑦′ that violate 𝜁 - DP: Pr[𝐺 𝑦 ∈ Φ] Pr[𝐺(𝑦 ′ ) ∈ Φ] > exp 𝜁 ⟺ log Pr[ 𝐺 𝑦 ∈ Φ ] Maximize Pr[ 𝐺(𝑦 ′ ) ∈ Φ ] > 𝜁 ε(𝑦, 𝑦 ′ , Φ) 8

  9. Bounds on "true" 𝜁 Counterexample: Counterexample: Counterexample: 5% -DP 9.9% -DP 15% -DP Proven: 10% -DP ( 𝜁 = 10% = 0.1 ) Evaluation : We get precise and large ε , close to known upper bounds 9

  10. Ƹ Ƹ 𝜁 -DP Counterexamples Goal : Maximize ε(𝑦, 𝑦 ′ , Φ) Challenge 2 : Search space is Challenge 1 : Expensive to sparse: Few 𝑦, 𝑦 ′ , Φ lead to compute ε precisely large ε(𝑦, 𝑦 ′ , Φ) 𝜁 𝑒 𝜁 𝜁 Estimate 𝜁 𝜁 Make Ƹ by sampling differentiable 10

  11. Ƹ Step 1: Estimate 𝜁 𝜁 𝜁 Estimate 𝜁 by sampling 11

  12. Estimating 𝜁 𝜁 x, x ′ , Φ ≔ log Pr[ 𝐺 𝑦 ∈ Φ ] Pr[ 𝐺(𝑦 ′ ) ∈ Φ ] 12

  13. Estimating 𝜁 𝑜 Pr 𝐺(𝑦) ∈ Φ = 1 𝜁 x, x ′ , Φ ≔ log Pr[ 𝐺 𝑦 ∈ Φ ] 𝑗 ෢ check 𝐺,Φ (𝑦) 𝑜 ෍ Pr[ 𝐺(𝑦 ′ ) ∈ Φ ] 𝑗=1 𝑗 𝐺(𝑦) check 𝐺,Φ (𝑦) 𝑦 yes 𝐺 7.3 33% no 𝐺 7.6 67% yes 𝐺 6.8 13

  14. How precise is our estimate? Counterexample: 9.9% ± 10% -DP vs Counterexample: 9.9% ± 2 ∙ 10 −3 -DP Precision of Pr[ 𝐺 𝑦 ∈ Φ ] Sampling Precision of 𝜁 effort 𝑜 and Pr[ 𝐺 𝑦′ ∈ Φ ] Exponential search 14

  15. Estimating precisely is expensive Probabillstic guarantees Heuristic Efficient Heuristic 10 4 Estimating 𝜁 up to an error of 2 ∙ 10 −3 with confidence of 90% 15

  16. Applying the M-CLT (Correlation) yes 𝐺 7.3 𝑜 no 1 𝑗 𝐺 𝑜 ෍ check 𝐺,Φ 𝑦 7.6 𝑗=1 yes 𝐺 6.8 Follows 2D Gaussian distribution yes 𝐺 7.3 𝑜 1 no 𝑗 𝐺 𝑜 ෍ check 𝐺,Φ 𝑦′ 7.6 𝑗=1 no 𝐺 8.2 16

  17. Obtaining a Confidence Interval for 𝜁 Joint likelihood of Likelihood of Confidence Interval Pr[ 𝐺 𝑦 ∈ Φ ] ε(𝑦, x′, Φ) for ε(𝑦, x′, Φ) Pr[ 𝐺 𝑦′ ∈ Φ ] Distribution of Gauss Gauss (correlated): D. V. Hinkley. 1969. On the Ratio of Two Correlated Normal Random Variables. Biometrika 56, 3 (1969), 635 – 639. http://www.jstor.org/stable/2334671 17

  18. How precise is our estimate? Counterexample: 9.9% ± 10% -DP vs Counterexample: 9.9% ± 2 ∙ 10 −3 -DP 18

  19. Ƹ Ƹ Step 2: Finding Counterexamples 𝜁 𝑒 𝜁 𝜁 Make Ƹ differentiable 19

  20. Ƹ How can we optimize our estimate? 1 𝑜 𝑗 𝑜 σ 𝑗=1 check 𝐺,Φ (𝑦) Not differentiable 𝜗 𝑦, 𝑦 ′ , Φ = log maximize 1 𝑜 𝑗 𝑜 σ 𝑗=1 check 𝐺,Φ (𝑦′) Goals • Make differentiable ¬𝐶 ↝ 1 − 𝐶 • Preserve semantics 𝐶 1 ∧ 𝐶 2 ↝ 𝐶 1 ∙ 𝐶 2 if 𝐶 ∶ 𝑦 = 𝐹 1 else ∶ 𝑦 = 𝐹 2 ↝ 𝑦 = 𝐶 ∙ 𝐹 1 + (1 − 𝐶) ∙ 𝐹 2 20

  21. Ƹ How can we optimize our estimate? 1 𝑜 𝑗 𝑜 σ 𝑗=1 check 𝐺,Φ (𝑦) Not differentiable 𝜗 𝑦, 𝑦 ′ , Φ = log maximize 1 𝑜 𝑗 𝑜 σ 𝑗=1 check 𝐺,Φ (𝑦′) • Maximize using SLSQP (supports hard constraints for neighborhood) • Random starting point (+ restart) • What about division by zero? • What about very small denominators? 21

  22. Main differences to Ding et al. Dimension Ding et al. This work Problem statement ε 𝑦, 𝑦 ′ , Φ > ε 0 ? Maximize ε(𝑦, 𝑦 ′ , Φ) Approach Statistical tests Estimate + confidence interval Search By patterns Gradient descent (incremental) 22

  23. Evaluation Exact solver (PSI) • How precise is the differentiable estimate? for ground truth • How efficient is DP-Finder in finding violations compared to random search? 23

  24. Ƹ Precision of Differentiable Estimate 𝜁 𝜁 𝑒 𝜁 Algorithms 24

  25. Random vs Optimized Optimized Random start 25

  26. Ƹ Ƹ Ƹ Conclusion 𝜁 -DP Counterexamples Differential Privacy ( , , ) Estimate 𝜁 Finding Counterexamples 𝜁 𝑒 𝜁 𝜁 𝜁 26

Recommend

Optimization of a Sampling Plan using R Optimization of a Sampling Plan using R for Economic Data

Optimization of a Sampling Plan using R Optimization of a Sampling Plan using R for Economic Data

UseR Conference 2009 Agrocampus Rennes Optimization of a Sampling Plan using R Optimization of a Sampling Plan using R for Economic Data Collection for Economic Data Collection Application to the Atlantic French Fleet Application to the

443 views • 18 slides
Astronomical Tests Possible Violations of . . . Possible Violations of . . . of Relativity:

Astronomical Tests Possible Violations of . . . Possible Violations of . . . of Relativity:

Relativistic Celestial . . . Towards Extended . . . Possible Violations of . . . Astronomical Tests Possible Violations of . . . Possible Violations of . . . of Relativity: Possible Cosmological . . . Possible Effects of Torsion beyond

310 views • 12 slides
SAMPLING-BASED QUERY RE- OPTIMIZATION Wentao Wu Microsoft Research Background 2 Query

SAMPLING-BASED QUERY RE- OPTIMIZATION Wentao Wu Microsoft Research Background 2 Query

1 SAMPLING-BASED QUERY RE- OPTIMIZATION Wentao Wu Microsoft Research Background 2 Query optimization remains challenging despite of decades of efforts and progresses. Cardinality estimation is the key challenge. Selectivity of

400 views • 28 slides
Adaptive Sampling Strategies for Stochastic Optimization Raghu (Vijaya Raghavendra) Bollapragada 1

Adaptive Sampling Strategies for Stochastic Optimization Raghu (Vijaya Raghavendra) Bollapragada 1

Adaptive Sampling Strategies for Stochastic Optimization Raghu (Vijaya Raghavendra) Bollapragada 1 Richard Byrd 2 Jorge Nocedal 1 1 Northwestern University 2 University of Colorado Boulder January 8, 2018 11 th US - Mexico Workshop on Optimization

1.38k views • 113 slides
Monte Carlo methods for sampling-based Stochastic Optimization Gersende FORT LTCI CNRS &

Monte Carlo methods for sampling-based Stochastic Optimization Gersende FORT LTCI CNRS &

Monte Carlo methods for sampling-based Stochastic Optimization Monte Carlo methods for sampling-based Stochastic Optimization Gersende FORT LTCI CNRS & Telecom ParisTech Paris, France Joint works with B. Jourdain, T. Leli` evre, G.

608 views • 36 slides
Intentional Sampling by Goal Optimization with Decoupling by Stochastic Perturbation Why (not) to

Intentional Sampling by Goal Optimization with Decoupling by Stochastic Perturbation Why (not) to

Intentional Sampling by Goal Optimization with Decoupling by Stochastic Perturbation Why (not) to Randomize? Marcelo de Souza Lauretto + Fabio Nakano + Carlos Alberto de Bragana Pereira Julio Michael Stern , + EACH-USP and

571 views • 22 slides
SURE-based Optimization for Adaptive Sampling and Reconstruction Supplementary Materials Tzu-Mao

SURE-based Optimization for Adaptive Sampling and Reconstruction Supplementary Materials Tzu-Mao

SURE-based Optimization for Adaptive Sampling and Reconstruction Supplementary Materials Tzu-Mao Li Yu-Ting Wu Yung-Yu Chuang National Taiwan University PART I Equal-Time Comparison Compared Methods: Monte Carlo Greedy Error

1.13k views • 81 slides
AdaGeo: Adaptive Geometric Learning for Optimization and Sampling Gabriele Abbati 1 , Alessandra

AdaGeo: Adaptive Geometric Learning for Optimization and Sampling Gabriele Abbati 1 , Alessandra

AdaGeo: Adaptive Geometric Learning for Opti- mization and Sampling AdaGeo: Adaptive Geometric Learning for Optimization and Sampling Gabriele Abbati 1 , Alessandra Tosi 2 , Seth Flaxman 3 , Michael A Osborne 1 1 University of Oxford, 2

598 views • 30 slides
A National Perspective on Responding to Parole Violations Responses to Parole Violations

A National Perspective on Responding to Parole Violations Responses to Parole Violations

A National Perspective on Responding to Parole Violations Responses to Parole Violations Traditionally. Very little attention or visibility Very little policy Great discretion on the part of parole officers Monitor

553 views • 16 slides
Avoiding Antitrust Violations In Avoiding Antitrust Violations In Employment Recruiting Leveraging

Avoiding Antitrust Violations In Avoiding Antitrust Violations In Employment Recruiting Leveraging

Presenting a live 75 minute webinar with interactive Q&A Avoiding Antitrust Violations In Avoiding Antitrust Violations In Employment Recruiting Leveraging Guidance on Non Solicitation Agreements from Recent DOJ Consent Decree THURS

471 views • 20 slides
What is the strengths and weakness of these sampling methods? Sampling Strengths /

What is the strengths and weakness of these sampling methods? Sampling Strengths /

Session 6. Sampling and Sample size Sampling: What are the different sampling methods used? In PIA: Convenience sampling Purposive sampling Random sampling What is the strengths and weakness of these sampling methods? Sampling

219 views • 5 slides
TOP TEN TOP TEN HAZARDOUS WASTE HAZARDOUS WASTE GENERATOR VIOLATIONS GENERATOR VIOLATIONS And

TOP TEN TOP TEN HAZARDOUS WASTE HAZARDOUS WASTE GENERATOR VIOLATIONS GENERATOR VIOLATIONS And

TOP TEN TOP TEN HAZARDOUS WASTE HAZARDOUS WASTE GENERATOR VIOLATIONS GENERATOR VIOLATIONS And How To Avoid Them PRESENTED BY HERB NICHOLSON, P.G. ENVIRONMENTAL SPECIALIST STATE OF TENNESSEE MEMPHIS ENVIRONMENTAL FIELD OFFICE DIVISION OF

482 views • 45 slides
Graph Sketching, Sampling, Streaming, and Space Efficient Optimization (Part II) Sudipto Guha

Graph Sketching, Sampling, Streaming, and Space Efficient Optimization (Part II) Sudipto Guha

Graph Sketching, Sampling, Streaming, and Space Efficient Optimization (Part II) Sudipto Guha and Andrew McGregor Space Efficient Optimization for Graphs Impact of Dimensionality Reduction, Embeddings, L p L q , etc. Thesis : Graph

2.3k views • 198 slides
Optimization Part II: sampling theorems, multistage problems and other extensions Anupam Gupta

Optimization Part II: sampling theorems, multistage problems and other extensions Anupam Gupta

Approximation Algorithms for Stochastic Combinatorial Optimization Part II: sampling theorems, multistage problems and other extensions Anupam Gupta Carnegie Mellon University two-stage with recourse There are two stages of decision-making

652 views • 39 slides
Sampling Distributions Sampling Distribution of the Mean & Hypothesis Testing Sampling

Sampling Distributions Sampling Distribution of the Mean & Hypothesis Testing Sampling

Sampling Distributions Sampling Distribution of the Mean & Hypothesis Testing Sampling Remember sampling? Part 1 of definition Selecting a subset of the population to create a sample Generally random samplingusing

975 views • 55 slides
Optimistic Policy Optimization via Multiple Importance Sampling Matteo Papini Alberto Maria

Optimistic Policy Optimization via Multiple Importance Sampling Matteo Papini Alberto Maria

Optimistic Policy Optimization via Multiple Importance Sampling Matteo Papini Alberto Maria Metelli Lorenzo Lupo Marcello Restelli 11th June 2019 Thirty-sixth International Conference on Machine Learning, Long Beach, CA, USA 1 Policy

622 views • 28 slides
It is possible that vehicle violations, and safety compliance, and (vii) a crash management

It is possible that vehicle violations, and safety compliance, and (vii) a crash management

accidents, driver violations, maintenance, (vi) hazmat It is possible that vehicle violations, and safety compliance, and (vii) a crash management records, as indicator. Using 24 months of data can and will compared to the entire carrier

294 views • 4 slides
Newfound Water Quality Sampling: In Lake Sampling 8 Historic Sampling locations

Newfound Water Quality Sampling: In Lake Sampling 8 Historic Sampling locations

Newfound Water Quality Sampling: In Lake Sampling 8 Historic Sampling locations Initial Sampling in 1986 Standard Measurements include: Total Phosphorus, Chlorophyll and Secchi Disk Transparency Determine long term trends,

599 views • 26 slides
Overview of Sampling Topics (Shannon) sampling theorem Impulse-train sampling

Overview of Sampling Topics (Shannon) sampling theorem Impulse-train sampling

Overview of Sampling Topics (Shannon) sampling theorem Impulse-train sampling Interpolation (continuous-time signal reconstruction) Aliasing Relationship of CTFT to DTFT DT processing of CT signals DT sampling

848 views • 67 slides
Sampling Lecture 30 ME EN 575 Andrew Ning aning@byu.edu Outline Surrogate Based Optimization

Sampling Lecture 30 ME EN 575 Andrew Ning aning@byu.edu Outline Surrogate Based Optimization

Sampling Lecture 30 ME EN 575 Andrew Ning aning@byu.edu Outline Surrogate Based Optimization (SBO) Introduction Sampling Surrogate Based Optimization (SBO) Introduction What is a surrogate model? When might one use a surrogate model?

362 views • 9 slides
Sampling Methods CMSC 691 UMBC (Some) Learning Techniques MAP/MLE: Point estimation, basic EM

Sampling Methods CMSC 691 UMBC (Some) Learning Techniques MAP/MLE: Point estimation, basic EM

Approximate Inference: Sampling Methods CMSC 691 UMBC (Some) Learning Techniques MAP/MLE: Point estimation, basic EM Variational Inference: Functional Optimization Sampling/Monte Carlo today Outline Monte Carlo methods Sampling

985 views • 71 slides
SAMPLING Week 6 Slides ScWk 240 1 Purpose of Sampling Why sampling? - to

SAMPLING Week 6 Slides ScWk 240 1 Purpose of Sampling Why sampling? - to

SAMPLING Week 6 Slides ScWk 240 1 Purpose of Sampling Why sampling? - to study the whole popula5on? A major reason studying samples rather than the

288 views • 16 slides
Single dimensional optimization Importance sampling Biostatistics 615/815 Lecture 16: . .

Single dimensional optimization Importance sampling Biostatistics 615/815 Lecture 16: . .

. Minimization November 1st, 2012 Biostatistics 615/815 - Lecture 16 Hyun Min Kang November 1st, 2012 Hyun Min Kang Single dimensional optimization Importance sampling Biostatistics 615/815 Lecture 16: . . Summary . Root Finding .

678 views • 65 slides
Double, Multiple, and Sequential Sampling Double-sampling In a double-sampling plan, a first

Double, Multiple, and Sequential Sampling Double-sampling In a double-sampling plan, a first

ST 435/535 Statistical Methods for Quality and Productivity Improvement / Statistical Process Control Double, Multiple, and Sequential Sampling Double-sampling In a double-sampling plan, a first sample of size n 1 is inspected, revealing d 1

249 views • 13 slides

More recommend