31 research outputs found
Hypothesis Testing Interpretations and Renyi Differential Privacy
Differential privacy is a de facto standard in data privacy, with
applications in the public and private sectors. A way to explain differential
privacy, which is particularly appealing to statistician and social scientists
is by means of its statistical hypothesis testing interpretation. Informally,
one cannot effectively test whether a specific individual has contributed her
data by observing the output of a private mechanism---any test cannot have both
high significance and high power.
In this paper, we identify some conditions under which a privacy definition
given in terms of a statistical divergence satisfies a similar interpretation.
These conditions are useful to analyze the distinguishability power of
divergences and we use them to study the hypothesis testing interpretation of
some relaxations of differential privacy based on Renyi divergence. This
analysis also results in an improved conversion rule between these definitions
and differential privacy
Federated Learning with Bayesian Differential Privacy
We consider the problem of reinforcing federated learning with formal privacy
guarantees. We propose to employ Bayesian differential privacy, a relaxation of
differential privacy for similarly distributed data, to provide sharper privacy
loss bounds. We adapt the Bayesian privacy accounting method to the federated
setting and suggest multiple improvements for more efficient privacy budgeting
at different levels. Our experiments show significant advantage over the
state-of-the-art differential privacy bounds for federated learning on image
classification tasks, including a medical application, bringing the privacy
budget below 1 at the client level, and below 0.1 at the instance level. Lower
amounts of noise also benefit the model accuracy and reduce the number of
communication rounds.Comment: Accepted at 2019 IEEE International Conference on Big Data (IEEE Big
Data 2019). 10 pages, 2 figures, 4 tables. arXiv admin note: text overlap
with arXiv:1901.0969