2,796 research outputs found
Optimizing Batch Linear Queries under Exact and Approximate Differential Privacy
Differential privacy is a promising privacy-preserving paradigm for
statistical query processing over sensitive data. It works by injecting random
noise into each query result, such that it is provably hard for the adversary
to infer the presence or absence of any individual record from the published
noisy results. The main objective in differentially private query processing is
to maximize the accuracy of the query results, while satisfying the privacy
guarantees. Previous work, notably \cite{LHR+10}, has suggested that with an
appropriate strategy, processing a batch of correlated queries as a whole
achieves considerably higher accuracy than answering them individually.
However, to our knowledge there is currently no practical solution to find such
a strategy for an arbitrary query batch; existing methods either return
strategies of poor quality (often worse than naive methods) or require
prohibitively expensive computations for even moderately large domains.
Motivated by this, we propose low-rank mechanism (LRM), the first practical
differentially private technique for answering batch linear queries with high
accuracy. LRM works for both exact (i.e., -) and approximate (i.e.,
(, )-) differential privacy definitions. We derive the
utility guarantees of LRM, and provide guidance on how to set the privacy
parameters given the user's utility expectation. Extensive experiments using
real data demonstrate that our proposed method consistently outperforms
state-of-the-art query processing solutions under differential privacy, by
large margins.Comment: ACM Transactions on Database Systems (ACM TODS). arXiv admin note:
text overlap with arXiv:1212.230
Individual Privacy vs Population Privacy: Learning to Attack Anonymization
Over the last decade there have been great strides made in developing
techniques to compute functions privately. In particular, Differential Privacy
gives strong promises about conclusions that can be drawn about an individual.
In contrast, various syntactic methods for providing privacy (criteria such as
kanonymity and l-diversity) have been criticized for still allowing private
information of an individual to be inferred. In this report, we consider the
ability of an attacker to use data meeting privacy definitions to build an
accurate classifier. We demonstrate that even under Differential Privacy, such
classifiers can be used to accurately infer "private" attributes in realistic
data. We compare this to similar approaches for inferencebased attacks on other
forms of anonymized data. We place these attacks on the same scale, and observe
that the accuracy of inference of private attributes for Differentially Private
data and l-diverse data can be quite similar
A Hypercontractive Inequality for Matrix-Valued Functions with Applications to Quantum Computing and LDCs
The Bonami-Beckner hypercontractive inequality is a powerful tool in Fourier
analysis of real-valued functions on the Boolean cube. In this paper we present
a version of this inequality for matrix-valued functions on the Boolean cube.
Its proof is based on a powerful inequality by Ball, Carlen, and Lieb. We also
present a number of applications. First, we analyze maps that encode
classical bits into qubits, in such a way that each set of bits can be
recovered with some probability by an appropriate measurement on the quantum
encoding; we show that if , then the success probability is
exponentially small in . This result may be viewed as a direct product
version of Nayak's quantum random access code bound. It in turn implies strong
direct product theorems for the one-way quantum communication complexity of
Disjointness and other problems. Second, we prove that error-correcting codes
that are locally decodable with 2 queries require length exponential in the
length of the encoded string. This gives what is arguably the first
``non-quantum'' proof of a result originally derived by Kerenidis and de Wolf
using quantum information theory, and answers a question by Trevisan.Comment: This is the full version of a paper that will appear in the
proceedings of the IEEE FOCS 08 conferenc
- …