37,312 research outputs found
Renyi Differential Privacy
We propose a natural relaxation of differential privacy based on the Renyi
divergence. Closely related notions have appeared in several recent papers that
analyzed composition of differentially private mechanisms. We argue that the
useful analytical tool can be used as a privacy definition, compactly and
accurately representing guarantees on the tails of the privacy loss.
We demonstrate that the new definition shares many important properties with
the standard definition of differential privacy, while additionally allowing
tighter analysis of composite heterogeneous mechanisms
Heterogeneous Graph Neural Network for Privacy-Preserving Recommendation
Social networks are considered to be heterogeneous graph neural networks
(HGNNs) with deep learning technological advances. HGNNs, compared to
homogeneous data, absorb various aspects of information about individuals in
the training stage. That means more information has been covered in the
learning result, especially sensitive information. However, the
privacy-preserving methods on homogeneous graphs only preserve the same type of
node attributes or relationships, which cannot effectively work on
heterogeneous graphs due to the complexity. To address this issue, we propose a
novel heterogeneous graph neural network privacy-preserving method based on a
differential privacy mechanism named HeteDP, which provides a double guarantee
on graph features and topology. In particular, we first define a new attack
scheme to reveal privacy leakage in the heterogeneous graphs. Specifically, we
design a two-stage pipeline framework, which includes the privacy-preserving
feature encoder and the heterogeneous link reconstructor with gradients
perturbation based on differential privacy to tolerate data diversity and
against the attack. To better control the noise and promote model performance,
we utilize a bi-level optimization pattern to allocate a suitable privacy
budget for the above two modules. Our experiments on four public benchmarks
show that the HeteDP method is equipped to resist heterogeneous graph privacy
leakage with admirable model generalization
Learning from Data with Heterogeneous Noise using SGD
We consider learning from data of variable quality that may be obtained from
different heterogeneous sources. Addressing learning from heterogeneous data in
its full generality is a challenging problem. In this paper, we adopt instead a
model in which data is observed through heterogeneous noise, where the noise
level reflects the quality of the data source. We study how to use stochastic
gradient algorithms to learn in this model. Our study is motivated by two
concrete examples where this problem arises naturally: learning with local
differential privacy based on data from multiple sources with different privacy
requirements, and learning from data with labels of variable quality.
The main contribution of this paper is to identify how heterogeneous noise
impacts performance. We show that given two datasets with heterogeneous noise,
the order in which to use them in standard SGD depends on the learning rate. We
propose a method for changing the learning rate as a function of the
heterogeneity, and prove new regret bounds for our method in two cases of
interest. Experiments on real data show that our method performs better than
using a single learning rate and using only the less noisy of the two datasets
when the noise level is low to moderate
Decentralized Matrix Factorization with Heterogeneous Differential Privacy
Conventional matrix factorization relies on centralized collection of users'
data for recommendation, which might introduce an increased risk of privacy
leakage especially when the recommender is untrusted. Existing differentially
private matrix factorization methods either assume the recommender is trusted,
or can only provide a uniform level of privacy protection for all users and
items with untrusted recommender. In this paper, we propose a novel
Heterogeneous Differentially Private Matrix Factorization algorithm (denoted as
HDPMF) for untrusted recommender. To the best of our knowledge, we are the
first to achieve heterogeneous differential privacy for decentralized matrix
factorization in untrusted recommender scenario. Specifically, our framework
uses modified stretching mechanism with an innovative rescaling scheme to
achieve better trade off between privacy and accuracy. Meanwhile, by allocating
privacy budget properly, we can capture homogeneous privacy preference within a
user/item but heterogeneous privacy preference across different users/items.
Theoretical analysis confirms that HDPMF renders rigorous privacy guarantee,
and exhaustive experiments demonstrate its superiority especially in strong
privacy guarantee, high dimension model and sparse dataset scenario.Comment: Accepted by the 22nd IEEE International Conference on Trust, Security
and Privacy in Computing and Communications (TrustCom-2023
Private Distribution Testing with Heterogeneous Constraints: Your Epsilon Might Not Be Mine
Private closeness testing asks to decide whether the underlying probability
distributions of two sensitive datasets are identical or differ significantly
in statistical distance, while guaranteeing (differential) privacy of the data.
As in most (if not all) distribution testing questions studied under privacy
constraints, however, previous work assumes that the two datasets are equally
sensitive, i.e., must be provided the same privacy guarantees. This is often an
unrealistic assumption, as different sources of data come with different
privacy requirements; as a result, known closeness testing algorithms might be
unnecessarily conservative, "paying" too high a privacy budget for half of the
data. In this work, we initiate the study of the closeness testing problem
under heterogeneous privacy constraints, where the two datasets come with
distinct privacy requirements.
We formalize the question and provide algorithms under the three most widely
used differential privacy settings, with a particular focus on the local and
shuffle models of privacy; and show that one can indeed achieve better sample
efficiency when taking into account the two different "epsilon" requirements
Cohere: Privacy Management in Large Scale Systems
The need for a privacy management layer in today's systems started to
manifest with the emergence of new systems for privacy-preserving analytics and
privacy compliance. As a result, we began to see many independent efforts
emerge that try to provide system support for privacy. Recently, the scope of
privacy solutions used in systems has expanded to encompass more complex
techniques such as Differential Privacy (DP). The use of these solutions in
large-scale systems imposes new challenges and requirements. Careful planning
and coordination are necessary to ensure that privacy guarantees are maintained
across a wide range of heterogeneous applications and data systems. This
requires new solutions for managing shared application state and allocating
scarce and non-replenishable privacy resources. In this paper, we introduce
Cohere, a new data management system that simplifies the use of DP in
large-scale systems. Cohere implements a unified interface that allows
heterogeneous applications to operate on a unified view of users' data. Cohere
further extends existing accounting systems with the ability to manage and
optimally allocate shared privacy resources, i.e., budget, under complex
preferences. We show that Cohere can effectively enable advanced privacy
solutions in existing large-scale systems with minimal modifications to
existing data management systems and with moderate overhead
- …