Presentation is loading. Please wait.

Presentation is loading. Please wait.

Differential Privacy (1). Outline  Background  Definition.

Published byWinfred Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "Differential Privacy (1). Outline  Background  Definition."— Presentation transcript:

1 Differential Privacy (1)

2 Outline  Background  Definition

3 Background  Interactive database query A classical research problem for statistical databases Prevent query inferences – malicious users submit multiple queries to infer private information about some person Has been studied since decades ago  Non-interactive publishing statistics then destroy data micro-data publishing

4 4 Background: Database Privacy You Bob Alice Users (government, researchers, marketers, … ) “Census problem” Two conflicting goals  Utility: Users can extract “global” statistics  Privacy: Individual information stays hidden  How can these be formalized? Collection and “ sanitization ” 

5 5 Database Privacy Variations on model studied in  Statistics  Data mining  Theoretical CS  Cryptography Different traditions for what “privacy” means

6 Two types of privacy protection methods  Data sanitization  Anonymization

7 Sanitization approaches  Input perturbation Add noise to data Generalize data  Summary statistics Means, variances Marginal totals Model parameters  Output perturbation Add noise to summary statistics

8 Blending/hiding into a crowd  K-anonymity based approaches  Adversary may have various background knowledge to breach privacy  Privacy models often assume “the adversary’s background knowledge is given”

9 Classic intuition for privacy  Privacy means that anything can be learned about a respondent from the statistical database can be learned without access to the database A very strong definition Defined by T. Dalenius, 1977  Equivalent to security of encryption Anything about the plaintext that can be learned from a ciphertext can be learned without the ciphertext.

10 10 Impossibility result The Dalenius definition cannot be achieved. Example: If I know Alice’s height is 2 inches higher than the average American’s height, by looking at the census database, I can find the average and then calculate Alice’s exact height. Therefore, Alice’s privacy is breached. We need to revise the privacy definiton… Remove Gavison def?

11 Differential Privacy The risk to my privacy should not substantially increase as a result of participating in a statistical database. With or without including me in the database, my privacy risk should not change much (In contrast, the Dalenius definition requires that using the database will not increase my privacy risk, including the case that the database does not even include my record).

12 Definition Mechanism: K(x) = f(x) + D, D is some noise. It is an output perturbation method.

13 Sensitivity function  Captures how great a difference must be hidden by the additive noise How to design the noise D? It is actually linked back to the function f(x)

14 LAP distribution noise Using laplacian distribution to generate noise.

15 Similar to Guassian noise

16 Adding LAP noise Why does this work?

17 Proof sketch Let K(x) = f(x) + D =r. Thus, r-f(x) has Lap distribution with the scale df/e. Similarly, K(x’) = f(x’)+D=r, and r-f(x’) has the same distribution P(K(x) = r) = exp(-|f(x)-r|(e/df)) P(K(x’)= r) = exp(-|f(x’)-r|(e/df)) P(K(x)=r)/P(K(x’)=r) = exp( (|f(x’)-r|-|f(x)-r|)(e/df)) apply triangle inequality <= exp( |f(x’)-f(x)|(e/df)) = exp(e)

18 Delta_f=1, epsilon varies Noise samples

19 Delta_f=1 epsilon=0.01

20 Delta_f=1 epsilon=0.1

21 Delta_f=1 epsilon=1

22 Delta_f=1 epsilon=2

23 Delta_f=1 epsilon=10

24 Delta_f=2, epsilon varies

25 Delta_f=3, epsilon varies

26 Delta_f=10000, epsilon varies

27 Composition (in PINQ paper)  Sequential composition  Parallel composition --for disjoint sets, the ultimate privacy guarantee depends only on the worst of the guarantees of each analysis, not the sum.

Download ppt "Differential Privacy (1). Outline  Background  Definition."

Similar presentations

Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.

Cipher Techniques to Protect Anonymized Mobility Traces from Privacy Attacks Chris Y. T. Ma, David K. Y. Yau, Nung Kwan Yip and Nageswara S. V. Rao.
I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Publishing Set-Valued Data via Differential Privacy Rui Chen, Concordia University Noman Mohammed, Concordia University Benjamin C. M. Fung, Concordia.

Publishing Set-Valued Data via Differential Privacy Rui Chen, Concordia University Noman Mohammed, Concordia University Benjamin C. M. Fung, Concordia.
Differentially Private Recommendation Systems Jeremiah Blocki Fall 2009 18739A: Foundations of Security and Privacy.

Differentially Private Recommendation Systems Jeremiah Blocki Fall A: Foundations of Security and Privacy.
Simulatability “The enemy knows the system”, Claude Shannon CompSci 590.03 Instructor: Ashwin Machanavajjhala 1Lecture 6 : 590.03 Fall 12.

Simulatability “The enemy knows the system”, Claude Shannon CompSci Instructor: Ashwin Machanavajjhala 1Lecture 6 : Fall 12.
ITIS 6200/8200. 2 Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.
Raef Bassily Adam Smith Abhradeep Thakurta Penn State Yahoo! Labs Private Empirical Risk Minimization: Efficient Algorithms and Tight Error Bounds Penn.

Raef Bassily Adam Smith Abhradeep Thakurta Penn State Yahoo! Labs Private Empirical Risk Minimization: Efficient Algorithms and Tight Error Bounds Penn.
PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.

PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.
1 Privacy Preserving Data Publishing Prof. Ravi Sandhu Executive Director and Endowed Chair March 29, 2013 © Ravi.

1 Privacy Preserving Data Publishing Prof. Ravi Sandhu Executive Director and Endowed Chair March 29, © Ravi.
Privacy Enhancing Technologies

Privacy Enhancing Technologies
UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.

UTEPComputer Science Dept.1 University of Texas at El Paso Privacy in Statistical Databases Dr. Luc Longpré Computer Science Department Spring 2006.
Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.

Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.
Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.

Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.
Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.

Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.
Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)

Anatomy: Simple and Effective Privacy Preservation Israel Chernyak DB Seminar (winter 2009)
1 Pinning Down “Privacy” Defining Privacy in Statistical Databases Adam Smith Weizmann Institute of Science

1 Pinning Down “Privacy” Defining Privacy in Statistical Databases Adam Smith Weizmann Institute of Science
Privacy without Noise Yitao Duan NetEase Youdao R&D Beijing China CIKM 2009.

Privacy without Noise Yitao Duan NetEase Youdao R&D Beijing China CIKM 2009.
Calibrating Noise to Sensitivity in Private Data Analysis

Calibrating Noise to Sensitivity in Private Data Analysis
Privacy Preserving Data Mining: An Overview and Examination of Euclidean Distance Preserving Data Transformation Chris Giannella cgiannel AT acm DOT org.

Privacy Preserving Data Mining: An Overview and Examination of Euclidean Distance Preserving Data Transformation Chris Giannella cgiannel AT acm DOT org.
Privacy-Aware Computing Introduction. Outline  Brief introduction Motivating applications Major research issues  Tentative schedule  Reading assignments.

Privacy-Aware Computing Introduction. Outline  Brief introduction Motivating applications Major research issues  Tentative schedule  Reading assignments.

Similar presentations

Ads by Google