APDPk-Means: A New Differential Privacy Clustering Algorithm Based on Arithmetic Progression Privacy Budget Allocation

For data analysis with differential privacy, an analysis task usually requires multiple queries to complete, and the total budget needs to be divided into different parts and allocated to each query. However, at present, the budget allocation in differential privacy lacks efficient and general allocation strategies, and most of the research tends to adopt an average or exclusive allocation method. In this paper, we propose two series strategies for budget allocation: the geometric series and the Taylor series. We show the different characteristics of the two series and provide a calculation method for selecting the key parameters. To better reflect a user’s preference of noise during the allocation, we explored the relationship between sensitivity and noise in detail, and, based on this, we propose an optimization for the series strategies. Finally, to prevent collusion attacks and improve security, we provide three ideas for protecting the budget sequence. Both the theoretical analysis and experimental results show that our methods can support more queries and achieve higher utility. This shows that our series allocation strategies have a high degree of flexibility which can meet the user’s need and allow them to be better applied to differentially private algorithms to achieve high performance while maintaining the security.

Download Full-text

Privacy Budget Allocation Technique Based on Variable Length Window for Traffic Data Publishing with Differential Privacy in Road Networks

Journal of KIISE ◽

10.5626/jok.2018.45.9.957 ◽

2018 ◽

Vol 45 (9) ◽

pp. 957-968

Author(s):

Gunhyung Jo ◽

Kangsoo Jung ◽

Seog Park

Keyword(s):

Differential Privacy ◽

Road Networks ◽

Budget Allocation ◽

Variable Length ◽

Data Publishing ◽

Traffic Data ◽

Privacy Budget

Download Full-text

An Arithmetic Differential Privacy Budget Allocation Method for the Partitioning and Publishing of Location Information

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) ◽

10.1109/trustcom50675.2020.00188 ◽

2020 ◽

Author(s):

Yan Yan ◽

Xin Gao ◽

Adnan Mahmood ◽

Yang Zhang ◽

Shuang Wang ◽

...

Keyword(s):

Differential Privacy ◽

Budget Allocation ◽

Location Information ◽

Allocation Method ◽

Privacy Budget

Download Full-text

Differential Privacy Stochastic Gradient Descent with Adaptive Privacy Budget Allocation

2021 IEEE International Conference on Consumer Electronics and Computer Engineering (ICCECE) ◽

10.1109/iccece51280.2021.9342525 ◽

2021 ◽

Author(s):

Yun Xie ◽

Peng Li ◽

Chao Wu ◽

Qiuling Wu

Keyword(s):

Gradient Descent ◽

Differential Privacy ◽

Budget Allocation ◽

Stochastic Gradient ◽

Stochastic Gradient Descent ◽

Privacy Budget

Download Full-text

Optimal Distribution of Privacy Budget in Differential Privacy

Lecture Notes in Computer Science - Risks and Security of Internet and Systems ◽

10.1007/978-3-030-12143-3_18 ◽

2019 ◽

pp. 222-236

Author(s):

Anis Bkakria ◽

Aimilia Tasidou ◽

Nora Cuppens-Boulahia ◽

Frédéric Cuppens ◽

Fatma Bouattour ◽

...

Keyword(s):

Differential Privacy ◽

Optimal Distribution ◽

Privacy Budget

Download Full-text

Privacy-Preserving Gradient Boosting Decision Trees

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v34i01.5422 ◽

2020 ◽

Vol 34 (01) ◽

pp. 784-791 ◽

Cited By ~ 1

Author(s):

Qinbin Li ◽

Zhaomin Wu ◽

Zeyi Wen ◽

Bingsheng He

Keyword(s):

Machine Learning ◽

Differential Privacy ◽

Training Data ◽

Gradient Boosting ◽

Training Algorithm ◽

Model Accuracy ◽

Machine Learning Model ◽

Improve Model ◽

Privacy Budget ◽

Privacy Level

The Gradient Boosting Decision Tree (GBDT) is a popular machine learning model for various tasks in recent years. In this paper, we study how to improve model accuracy of GBDT while preserving the strong guarantee of differential privacy. Sensitivity and privacy budget are two key design aspects for the effectiveness of differential private models. Existing solutions for GBDT with differential privacy suffer from the significant accuracy loss due to too loose sensitivity bounds and ineffective privacy budget allocations (especially across different trees in the GBDT model). Loose sensitivity bounds lead to more noise to obtain a fixed privacy level. Ineffective privacy budget allocations worsen the accuracy loss especially when the number of trees is large. Therefore, we propose a new GBDT training algorithm that achieves tighter sensitivity bounds and more effective noise allocations. Specifically, by investigating the property of gradient and the contribution of each tree in GBDTs, we propose to adaptively control the gradients of training data for each iteration and leaf node clipping in order to tighten the sensitivity bounds. Furthermore, we design a novel boosting framework to allocate the privacy budget between trees so that the accuracy loss can be further reduced. Our experiments show that our approach can achieve much better model accuracy than other baselines.

Download Full-text

Privacy-Preserving Data Aggregation Framework for Mobile Service Based Multiuser Collaboration

The International Arab Journal of Information Technology ◽

10.34028/iajit/17/4/3 ◽

2019 ◽

Vol 17 (4) ◽

pp. 450-460

Author(s):

Hai Liu ◽

Zhenqiang Wu ◽

Changgen Peng ◽

Feng Tian ◽

Laifeng Lu

Keyword(s):

Nash Equilibrium ◽

Theoretical Analysis ◽

Expected Utility ◽

Data Aggregation ◽

Experimental Evaluation ◽

Differential Privacy ◽

Privacy Preserving ◽

Mobile Service ◽

Utility Factor ◽

Privacy Budget

Considering the untrusted server, differential privacy and local differential privacy has been used for privacy-preserving in data aggregation. Through our analysis, differential privacy and local differential privacy cannot achieve Nash equilibrium between privacy and utility for mobile service based multiuser collaboration, which is multiuser negotiating a desired privacy budget in a collaborative manner for privacy-preserving. To this end, we proposed a Privacy-Preserving Data Aggregation Framework (PPDAF) that reached Nash equilibrium between privacy and utility. Firstly, we presented an adaptive Gaussian mechanism satisfying Nash equilibrium between privacy and utility by multiplying expected utility factor with conditional filtering noise under expected privacy budget. Secondly, we constructed PPDAF using adaptive Gaussian mechanism based on negotiating privacy budget with heuristic obfuscation. Finally, our theoretical analysis and experimental evaluation showed that the PPDAF could achieve Nash equilibrium between privacy and utility. Furthermore, this framework can be extended to engineering instances in a data aggregation setting

Download Full-text

Budget sharing for multi-analyst differential privacy

Proceedings of the VLDB Endowment ◽

10.14778/3467861.3467870 ◽

2021 ◽

Vol 14 (10) ◽

pp. 1805-1817

Author(s):

David Pujol ◽

Yikai Wu ◽

Brandon Fain ◽

Ashwin Machanavajjhala

Keyword(s):

Optimization Problem ◽

Differential Privacy ◽

Census Bureau ◽

Query Answering ◽

Multiple Stakeholders ◽

The Us ◽

Us Census ◽

Privacy Budget ◽

Summary Data ◽

Single Set

Large organizations that collect data about populations (like the US Census Bureau) release summary statistics that are used by multiple stakeholders for resource allocation and policy making problems. These organizations are also legally required to protect the privacy of individuals from whom they collect data. Differential Privacy (DP) provides a solution to release useful summary data while preserving privacy. Most DP mechanisms are designed to answer a single set of queries. In reality, there are often multiple stakeholders that use a given data release and have overlapping but not-identical queries. This introduces a novel joint optimization problem in DP where the privacy budget must be shared among different analysts. We initiate study into the problem of DP query answering across multiple analysts. To capture the competing goals and priorities of multiple analysts, we formulate three desiderata that any mechanism should satisfy in this setting - The Sharing Incentive, Non-interference, and Adaptivity - while still optimizing for overall error. We demonstrate how existing DP query answering mechanisms in the multi-analyst settings fail to satisfy at least one of the desiderata. We present novel DP algorithms that provably satisfy all our desiderata and empirically show that they incur low error on realistic tasks.

Download Full-text

Not All Attributes are Created Equal: dX -Private Mechanisms for Linear Queries

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2020-0007 ◽

2020 ◽

Vol 2020 (1) ◽

pp. 103-125

Author(s):

Parameswaran Kamalaruban ◽

Victor Perrier ◽

Hassan Jameel Asghar ◽

Mohamed Ali Kaafar

Keyword(s):

Machine Learning ◽

Data Analysis ◽

Differential Privacy ◽

Learning Algorithms ◽

Machine Learning Algorithms ◽

Trade Off ◽

Systematic Procedure ◽

Privacy Budget ◽

Sensitivity Vector

AbstractDifferential privacy provides strong privacy guarantees simultaneously enabling useful insights from sensitive datasets. However, it provides the same level of protection for all elements (individuals and attributes) in the data. There are practical scenarios where some data attributes need more/less protection than others. In this paper, we consider dX -privacy, an instantiation of the privacy notion introduced in [6], which allows this flexibility by specifying a separate privacy budget for each pair of elements in the data domain. We describe a systematic procedure to tailor any existing differentially private mechanism that assumes a query set and a sensitivity vector as input into its dX -private variant, specifically focusing on linear queries. Our proposed meta procedure has broad applications as linear queries form the basis of a range of data analysis and machine learning algorithms, and the ability to define a more flexible privacy budget across the data domain results in improved privacy/utility tradeoff in these applications. We propose several dX -private mechanisms, and provide theoretical guarantees on the trade-off between utility and privacy. We also experimentally demonstrate the effectiveness of our procedure, by evaluating our proposed dX -private Laplace mechanism on both synthetic and real datasets using a set of randomly generated linear queries.

Download Full-text

BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model

Journal of Privacy and Confidentiality ◽

10.29012/jpc.680 ◽

2019 ◽

Vol 9 (2) ◽

Author(s):

Brendan Avent ◽

Aleksandra Korolova ◽

David Zeber ◽

Torgeir Hovden ◽

Benjamin Livshits

Keyword(s):

Local Search ◽

Hybrid Model ◽

Differential Privacy ◽

Data Sets ◽

Privacy Model ◽

New Type ◽

Privacy Budget

We propose a hybrid model of differential privacy that considers a combination of regular and opt-in users who desire the differential privacy guarantees of the local privacy model and the trusted curator model, respectively. We demonstrate that within this model, it is possible to design a new type of blended algorithm that improves the utility of obtained data, while providing users with their desired privacy guarantees. We apply this algorithm to the task of privately computing the head of the search log and show that the blended approach provides significant improvements in the utility of the data compared to related work. Specifically, on two large search click data sets, comprising 1.75 and 16 GB, respectively, our approach attains NDCG values exceeding 95% across a range of privacy budget values.

Download Full-text