Abstract
ε-differential privacy is the state-of-the-art model for releasing sensitive information while protecting privacy. Numerous methods have been proposed to enforce ε-differential privacy in various analytical tasks, e.g., regression analysis. Existing solutions for regression analysis, however, are either limited to non-standard types of regression or unable to produce accurate regression results. Motivated by this, we propose the Functional Mechanism, a differentially private method designed for a large class of optimization-based analyses. The main idea is to enforce ε-differential privacy by perturbing the objective function of the optimization problem, rather than its results. As case studies, we apply the functional mechanism to address two most widely used regression models, namely, linear regression and logistic regression. Both theoretical analysis and thorough experimental evaluations show that the functional mechanism is highly effective and efficient, and it significantly outperforms existing solutions.
- T. Apostol. Calculus. Jon Wiley & Sons, 1967.Google Scholar
- B. Barak, K. Chaudhuri, C. Dwork, S. Kale, F. McSherry, and K. Talwar. Privacy, accuracy, and consistency too: a holistic solution to contingency table release. In Proceedings of the 27th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pages 273--282, 2007. Google ScholarDigital Library
- R. Bhaskar, S. Laxman, A. Smith, and A. Thakurta. Discovering frequent patterns in sensitive data. In Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 503--512, 2010. Google ScholarDigital Library
- K. Chaudhuri and C. Monteleoni. Privacy-preserving logistic regression. In Proceedings of the 20th Annual Conference on Neural Information Processing Systems, pages 289--296, 2008.Google Scholar
- K. Chaudhuri, C. Monteleoni, and A. D. Sarwate. Differentially private empirical risk minimization. Journal of Machine Learning Research, 12:1069--1109, 2011. Google ScholarDigital Library
- G. Cormode, C. M. Procopiuc, E. Shen, D. Srivastava, and T. Yu. Differentially private spatial decompositions. In Proceedings of the 28th International Conference on Data Engineering, 2012. Google ScholarDigital Library
- G. Cormode, C. M. Procopiuc, D. Srivastava, and T. T. L. Tran. Differentially private publication of sparse data. In Proceedings of the 15th International Conference on Database Theory, 2012. Google ScholarDigital Library
- B. Ding, M. Winslett, J. Han, and Z. Li. Differentially private data cubes: optimizing noise sources and consistency. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 217--228, 2011. Google ScholarDigital Library
- C. Dwork, F. McSherry, K. Nissim, and A. Smith. Calibrating noise to sensitivity in private data analysis. In Proceedings of the 3th Theory of Cryptography Conference, pages 265--284, 2006. Google ScholarDigital Library
- D. Feldman, A. Fiat, H. Kaplan, and K. Nissim. Private coresets. In Proceedings on 41th Annual ACM Symposium on Theory of Computing, pages 361--370, 2009. Google ScholarDigital Library
- A. Friedman and A. Schuster. Data mining with differential privacy. In Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD), pages 493--502, 2010. Google ScholarDigital Library
- M. Götz, A. Machanavajjhala, G. Wang, X. Xiao, and J. Gehrke. Publishing search logs - a comparative study of privacy guarantees. IEEE Transactions on Knowledge and Data Engineering, 24(3):520--532, 2012. Google ScholarDigital Library
- M. Hay, V. Rastogi, G. Miklau, and D. Suciu. Boosting the accuracy of differentially private histograms through consistency. Proceedings of the VLDB Endowment, 3(1):1021--1032, 2010. Google ScholarDigital Library
- A. E. Hoerl and R. W. Kennard. Ridge regression: Biased estimation for nonorthogonal problems. Technometrics, 42(1):80--86, 1970. Google ScholarDigital Library
- A. Korolova, K. Kenthapadi, N. Mishra, and A. Ntoulas. Releasing search queries and clicks privately. In Proceedings of the 18th International Conference on World Wide Web, pages 171--180, 2009. Google ScholarDigital Library
- J. Lei. Differentially private m-estimators. In Proceedings of the 23rd Annual Conference on Neural Information Processing Systems, 2011.Google Scholar
- C. Li, M. Hay, V. Rastogi, G. Miklau, and A. McGregor. Optimizing linear counting queries under differential privacy. In Proceedings of the 27th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, pages 123--134, 2010. Google ScholarDigital Library
- Y. D. Li, Z. Zhang, M. Winslett, and Y. Yang. Compressive mechanism: Utilizing sparse respresentation in differential privacy. In Proceedings of the ACM Workshop on Privacy in the Electronic Society, pages 177--182, 2011. Google ScholarDigital Library
- F. McSherry and R. Mahajan. Differentially-private network trace analysis. In Proceedings of the ACM SIGCOMM Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pages 123--134, 2010. Google ScholarDigital Library
- F. McSherry and I. Mironov. Differentially private recommender systems: Building privacy into the Netflix prize contenders. In Proceedings of the 1tth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 627--636, 2009. Google ScholarDigital Library
- F. McSherry and K. Talwar. Mechanism design via differential privacy. In Proceedings of 48th Annual IEEE Symposium on Foundations of Computer Science, pages 94--103, 2007. Google ScholarDigital Library
- Minnesota Population Center. Integrated public use microdata series -- international: Version 5.0. 2009. https://international.ipums.org.Google Scholar
- K. Nissim, S. Raskhodnikova, and A. Smith. Smooth sensitivity and sampling in private data analysis. In Proceedings on 39th Annual ACM Symposium on Theory of Computing, pages 75--84, 2007. Google ScholarDigital Library
- V. Rastogi and S. Nath. Differentially private aggregation of distributed time-series with transformation and encryption. In Proceedings of the ACM SIGMOD International Conference on Management of Data, pages 735--746, 2010. Google ScholarDigital Library
- B. I. P. Rubinstein, P. L. Bartlett, L. Huang, and N. Taft. Learning in a large function space: Privacy-preserving mechanisms for SVM learning. Journal of Privacy and Confidentiality, to appear 2012.Google Scholar
- W. Rudin. Principles of Mathematical Analysis (3rd Edition). McGraw-Hill, 1976.Google Scholar
- A. Smith. Privacy-preserving statistical estimation with optimal convergence rate. In Proceedings on 43th Annual ACM Symposium on Theory of Computing, pages 813--822, 2011. Google ScholarDigital Library
- G. Strang. Introduction to Linear Algebra. Addison Wesley, 4th edition, 1999.Google Scholar
- R. Tibshirani. Regression shrinkage and selection via the lasso. Journal of the Royal Statistical Society, 58(1):267--288, 1996.Google Scholar
- X. Xiao, G. Wang, and J. Gehrke. Differential privacy via wavelet transforms. In Proceedings of the 26th International Conference on Data Engineering, pages 225--236, 2010.Google ScholarCross Ref
- J. Xu, Z. Zhang, X. Xiao, Y. Yang, and G. Yu. Differentially private histogram publication. In Proceedings of the 28th International Conference on Data Engineering, 2012. Google ScholarDigital Library
Recommendations
An efficient privacy mechanism for electronic health records
Electronic health records (EHRs), digitization of patients' health record, offer many advantages over traditional ways of keeping patients' records, such as easing data management and facilitating quick access and real-time treatment. EHRs are a rich ...
Equivalent mechanism: Releasing location data with errors through differential privacy
AbstractLocation-based services are raising remarkable convenience to our daily life while seriously threatening the location privacy of individuals. Differential privacy provides a promising privacy definition for location data. It is ...
Highlights- We determine the impact of data errors on the indistinguishability to address the abovementioned issue.
Differentially Private Functional Mechanism for Generative Adversarial Networks
2019 IEEE Global Communications Conference (GLOBECOM)In recent years, generative adversarial network (GAN) has attracted great attention due to its impressive performance and potential numerous applications, such as data augmentation, real-like image synthesis, image compression improvement, etc. The ...
Comments