16 research outputs found
Fast Differentially Private Matrix Factorization
Differentially private collaborative filtering is a challenging task, both in
terms of accuracy and speed. We present a simple algorithm that is provably
differentially private, while offering good performance, using a novel
connection of differential privacy to Bayesian posterior sampling via
Stochastic Gradient Langevin Dynamics. Due to its simplicity the algorithm
lends itself to efficient implementation. By careful systems design and by
exploiting the power law behavior of the data to maximize CPU cache bandwidth
we are able to generate 1024 dimensional models at a rate of 8.5 million
recommendations per second on a single PC
When and where do you want to hide? Recommendation of location privacy preferences with local differential privacy
In recent years, it has become easy to obtain location information quite
precisely. However, the acquisition of such information has risks such as
individual identification and leakage of sensitive information, so it is
necessary to protect the privacy of location information. For this purpose,
people should know their location privacy preferences, that is, whether or not
he/she can release location information at each place and time. However, it is
not easy for each user to make such decisions and it is troublesome to set the
privacy preference at each time. Therefore, we propose a method to recommend
location privacy preferences for decision making. Comparing to existing method,
our method can improve the accuracy of recommendation by using matrix
factorization and preserve privacy strictly by local differential privacy,
whereas the existing method does not achieve formal privacy guarantee. In
addition, we found the best granularity of a location privacy preference, that
is, how to express the information in location privacy protection. To evaluate
and verify the utility of our method, we have integrated two existing datasets
to create a rich information in term of user number. From the results of the
evaluation using this dataset, we confirmed that our method can predict
location privacy preferences accurately and that it provides a suitable method
to define the location privacy preference
Privacy Protection and Utility Trade-Off for Social Graph Embedding
In graph embedding protection, deleting the embedding vector of a node does not completelydisrupt its structural relationships. The embedding model must be retrained over the networkwithout sensitive nodes, which incurs a waste of computation and offers no protection forordinary users. Meanwhile, the edge perturbations do not guarantee good utility. This workproposed a new privacy protection and utility trade-off method without retraining. Firstly, sinceembedding distance reflects the closeness of nodes, we label and group user nodes into sensitive,near-sensitive, and ordinary regions to perform different strengths of privacy protection. Thenear-sensitive region can reduce the leaking risk of neighboring nodes connecting to sensitivenodes without sacrificing all of their utility. Secondly, we use mutual information to measureprivacy and utility while adapting a single model-based mutual information neural estimatorto vector pairs to reduce modeling and computational complexity. Thirdly, by keeping addingdifferent noise to the divided regions and reestimating the mutual information between theoriginal and noise-perturbed embeddings, our framework achieves a good trade-off betweenprivacy and utility. Simulation results show that the proposed framework is superior to state-of-the-art baselines like LPPGE and DPNE
Differentially Private Link Prediction With Protected Connections
Link prediction (LP) algorithms propose to each node a ranked list of nodes
that are currently non-neighbors, as the most likely candidates for future
linkage. Owing to increasing concerns about privacy, users (nodes) may prefer
to keep some of their connections protected or private. Motivated by this
observation, our goal is to design a differentially private LP algorithm, which
trades off between privacy of the protected node-pairs and the link prediction
accuracy. More specifically, we first propose a form of differential privacy on
graphs, which models the privacy loss only of those node-pairs which are marked
as protected. Next, we develop DPLP , a learning to rank algorithm, which
applies a monotone transform to base scores from a non-private LP system, and
then adds noise. DPLP is trained with a privacy induced ranking loss, which
optimizes the ranking utility for a given maximum allowed level of privacy
leakage of the protected node-pairs. Under a recently-introduced latent node
embedding model, we present a formal trade-off between privacy and LP utility.
Extensive experiments with several real-life graphs and several LP heuristics
show that DPLP can trade off between privacy and predictive performance more
effectively than several alternatives
Privacy Enhancing Machine Learning via Removal of Unwanted Dependencies
The rapid rise of IoT and Big Data has facilitated copious data driven
applications to enhance our quality of life. However, the omnipresent and
all-encompassing nature of the data collection can generate privacy concerns.
Hence, there is a strong need to develop techniques that ensure the data serve
only the intended purposes, giving users control over the information they
share. To this end, this paper studies new variants of supervised and
adversarial learning methods, which remove the sensitive information in the
data before they are sent out for a particular application. The explored
methods optimize privacy preserving feature mappings and predictive models
simultaneously in an end-to-end fashion. Additionally, the models are built
with an emphasis on placing little computational burden on the user side so
that the data can be desensitized on device in a cheap manner. Experimental
results on mobile sensing and face datasets demonstrate that our models can
successfully maintain the utility performances of predictive models while
causing sensitive predictions to perform poorly.Comment: 15 pages, 5 figures, submitted to IEEE Transactions on Neural
Networks and Learning System