Download Differential Privacy

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
Document related concepts
no text concepts found
Transcript 
Differential Privacy
Xintao Wu
Oct 31, 2012
Sanitization approaches
• Input perturbation
– Add noise to data
– Generalize data
• Summary statistics
– Means, variances
– Marginal totals
– Model parameters
• Output perturbation
– Add noise to summary statistics
Blending/hiding into a crowd
• K-anonymity based approaches
• Adversary may have various background
knowledge to breach privacy
• Privacy models often assume “the
adversary’s background knowledge is
given”
Classic intuition for privacy
• Privacy means that anything can be
learned about a respondent from the
statistical database can be learned without
access to the database.
• Security of encryption
– Anything about the plaintext that can be
learned from a ciphertext can be learned
without the ciphertext.
• Prior and posterior views about an
individual should not change much
Motivation
• Publicly release statistical information
about a dataset without compromising the
privacy of any individual
Requirement
• Anything that can be learned about a
respondent from a statistical database should be
learnable without access to the database
• Reduce the knowledge gain of joining the
database
• Require that the probability distribution on the
public results is essentially the same
independent of whether any individual opts in to,
or opts out of the dataset
Definition
Sensitivity function
• Captures how great a difference must be
hidden by the additive noise
LAP distribution noise
Guassian noise
Adding LAP noise
Proof sketch
Delta_f=1, epsilon varies
Delta_f=1 epsilon=0.01
Delta_f=1 epsilon=0.1
Delta_f=1 epsilon=1
Delta_f=1 epsilon=2
Delta_f=1 epsilon=10
Delta_f=2, epsilon varies
Delta_f=3, epsilon varies
Delta_f=10000, epsilon varies
Composition
• Sequential composition
• Parallel composition
--for disjoint sets, the ultimate privacy
guarantee depends only on the worst of
the guarantees of each analysis, not the
sum.
Example
• Let us assume a table with 1000 customers and each
record has attributes: name, gender, city, cancer, salary.
–
–
–
–
For attribute city, we assume the domain size is 10;
for attribute cancer, we only record Yes or No for each customer;
for attribute salary, the domain range is 0-10k.
The privacy threshold \epsilon is a constant 0.1 set by data
owner.
• For one single query “How many customers got cancer?”
• The adversary is allowed to ask three times of the query
shown the above.
Example (continued)
• “How many customers got cancer in each
city?”
• For one single query “What is the sum of
salaries across all customers?”
Type of computing (query)
•
•
•
•
•
some are very sensitive, others are not
single query vs. query sequence
query on disjoint sets or not
outcome expected: number vs. arbitrary
interactive vs. not interactive
Sensitivity
• Global sensitivity
• Local sensitivity
• Smooth sensitivity
Different areas of DP
• PINQ
• DM with DP
• Optimizing linear counting queries under
differential privacy.
-Matrix mechanism for answering a
workload of predicate counting queries
PPDM interface--PINQ
• A programmable privacy preserving layer
• Add calibrated noise to each query
• Need to assign privacy cost budget
Data Mining with DP
• Previous study—privacy preserving interface
ensures everything about DP
• Problems—inferior results if the interface is
utilized simply during data mining
• Solution—consider both together
• DP ID3
—noisy count
—evaluate all attributes in one exponential
mechanism query using entire budget instead of
splitting budget among multiple
DP in Social Networks
• Page 97-120 of pakdd11 tutorial
Related documents
Homework #2 - U.I.U.C. Math
Homework #2 - U.I.U.C. Math
Differential Privacy
Differential Privacy
Merenje koncentracije i trzisne moci privrednih
Merenje koncentracije i trzisne moci privrednih
DIRECT MARKETING
DIRECT MARKETING
Data Privacy and Security
Data Privacy and Security
THE USE OF THE INTERNET IN DIRECT MARKETING
THE USE OF THE INTERNET IN DIRECT MARKETING
Orthodontic Patient Information - Lavrin and Lawrence Orthodontics
Orthodontic Patient Information - Lavrin and Lawrence Orthodontics
Orthodontic Patient Information - Lavrin and Lawrence Orthodontics
Orthodontic Patient Information - Lavrin and Lawrence Orthodontics
management sciences - Tippie College of Business
management sciences - Tippie College of Business
Reason for Visit? (Check all that apply)
Reason for Visit? (Check all that apply)
6.897 Advanced Data Structures (Spring`05) Prof. Erik Demaine
6.897 Advanced Data Structures (Spring`05) Prof. Erik Demaine
Orthodontic Patient Information - Lavrin and Lawrence Orthodontics
Orthodontic Patient Information - Lavrin and Lawrence Orthodontics
A parallel database system seeks to improve performance through
A parallel database system seeks to improve performance through
Real vs. Floating Point - Computer Science & Engineering
Real vs. Floating Point - Computer Science & Engineering
Epsilon glutathione transferases possess a unique class
Epsilon glutathione transferases possess a unique class
The Epsilon Calculus
The Epsilon Calculus
with Floating-point Number Coefficients
with Floating-point Number Coefficients
Electro Magnetic Field - Text of NPTEL IIT Video Lectures
Electro Magnetic Field - Text of NPTEL IIT Video Lectures
Single component and binary mixtures of BECs in double
Single component and binary mixtures of BECs in double