Fast Differentially Private Matrix Factorization

Differentially private collaborative filtering is a challenging task, both in terms of accuracy and speed. We present a simple algorithm that is provably differentially private, while offering good performance, using a novel connection of differential privacy to Bayesian posterior sampling via Stochastic Gradient Langevin Dynamics. Due to its simplicity the algorithm lends itself to efficient implementation. By careful systems design and by exploiting the power law behavior of the data to maximize CPU cache bandwidth we are able to generate 1024 dimensional models at a rate of 8.5 million recommendations per second on a single PC

When and where do you want to hide? Recommendation of location privacy preferences with local differential privacy

In recent years, it has become easy to obtain location information quite precisely. However, the acquisition of such information has risks such as individual identification and leakage of sensitive information, so it is necessary to protect the privacy of location information. For this purpose, people should know their location privacy preferences, that is, whether or not he/she can release location information at each place and time. However, it is not easy for each user to make such decisions and it is troublesome to set the privacy preference at each time. Therefore, we propose a method to recommend location privacy preferences for decision making. Comparing to existing method, our method can improve the accuracy of recommendation by using matrix factorization and preserve privacy strictly by local differential privacy, whereas the existing method does not achieve formal privacy guarantee. In addition, we found the best granularity of a location privacy preference, that is, how to express the information in location privacy protection. To evaluate and verify the utility of our method, we have integrated two existing datasets to create a rich information in term of user number. From the results of the evaluation using this dataset, we confirmed that our method can predict location privacy preferences accurately and that it provides a suitable method to define the location privacy preference

Privacy Protection and Utility Trade-Off for Social Graph Embedding

In graph embedding protection, deleting the embedding vector of a node does not completelydisrupt its structural relationships. The embedding model must be retrained over the networkwithout sensitive nodes, which incurs a waste of computation and offers no protection forordinary users. Meanwhile, the edge perturbations do not guarantee good utility. This workproposed a new privacy protection and utility trade-off method without retraining. Firstly, sinceembedding distance reflects the closeness of nodes, we label and group user nodes into sensitive,near-sensitive, and ordinary regions to perform different strengths of privacy protection. Thenear-sensitive region can reduce the leaking risk of neighboring nodes connecting to sensitivenodes without sacrificing all of their utility. Secondly, we use mutual information to measureprivacy and utility while adapting a single model-based mutual information neural estimatorto vector pairs to reduce modeling and computational complexity. Thirdly, by keeping addingdifferent noise to the divided regions and reestimating the mutual information between theoriginal and noise-perturbed embeddings, our framework achieves a good trade-off betweenprivacy and utility. Simulation results show that the proposed framework is superior to state-of-the-art baselines like LPPGE and DPNE

Differentially Private Link Prediction With Protected Connections

Link prediction (LP) algorithms propose to each node a ranked list of nodes that are currently non-neighbors, as the most likely candidates for future linkage. Owing to increasing concerns about privacy, users (nodes) may prefer to keep some of their connections protected or private. Motivated by this observation, our goal is to design a differentially private LP algorithm, which trades off between privacy of the protected node-pairs and the link prediction accuracy. More specifically, we first propose a form of differential privacy on graphs, which models the privacy loss only of those node-pairs which are marked as protected. Next, we develop DPLP , a learning to rank algorithm, which applies a monotone transform to base scores from a non-private LP system, and then adds noise. DPLP is trained with a privacy induced ranking loss, which optimizes the ranking utility for a given maximum allowed level of privacy leakage of the protected node-pairs. Under a recently-introduced latent node embedding model, we present a formal trade-off between privacy and LP utility. Extensive experiments with several real-life graphs and several LP heuristics show that DPLP can trade off between privacy and predictive performance more effectively than several alternatives

Privacy Enhancing Machine Learning via Removal of Unwanted Dependencies

The rapid rise of IoT and Big Data has facilitated copious data driven applications to enhance our quality of life. However, the omnipresent and all-encompassing nature of the data collection can generate privacy concerns. Hence, there is a strong need to develop techniques that ensure the data serve only the intended purposes, giving users control over the information they share. To this end, this paper studies new variants of supervised and adversarial learning methods, which remove the sensitive information in the data before they are sent out for a particular application. The explored methods optimize privacy preserving feature mappings and predictive models simultaneously in an end-to-end fashion. Additionally, the models are built with an emphasis on placing little computational burden on the user side so that the data can be desensitized on device in a cheap manner. Experimental results on mobile sensing and face datasets demonstrate that our models can successfully maintain the utility performances of predictive models while causing sensitive predictions to perform poorly.Comment: 15 pages, 5 figures, submitted to IEEE Transactions on Neural Networks and Learning System