6 research outputs found
Local Obfuscation Mechanisms for Hiding Probability Distributions
We introduce a formal model for the information leakage of probability
distributions and define a notion called distribution privacy. Roughly, the
distribution privacy of a local obfuscation mechanism means that the attacker
cannot significantly gain any information on the distribution of the
mechanism's input by observing its output. Then we show that existing local
mechanisms can hide input distributions in terms of distribution privacy, while
deteriorating the utility by adding too much noise. For example, we prove that
the Laplace mechanism needs to add a large amount of noise proportionally to
the infinite Wasserstein distance between the two distributions we want to make
indistinguishable. To improve the tradeoff between distribution privacy and
utility, we introduce a local obfuscation mechanism, called a tupling
mechanism, that adds random dummy data to the output. Then we apply this
mechanism to the protection of user attributes in location based services. By
experiments, we demonstrate that the tupling mechanism outperforms popular
local mechanisms in terms of attribute obfuscation and service quality.Comment: under submissio
Local Obfuscation Mechanisms for Hiding Probability Distributions
We introduce a formal model for the information leakage of probability
distributions and define a notion called distribution privacy as the local
differential privacy for probability distributions. Roughly, the distribution
privacy of a local obfuscation mechanism means that the attacker cannot
significantly gain any information on the distribution of the mechanism's input
by observing its output. Then we show that existing local mechanisms can hide
input distributions in terms of distribution privacy, while deteriorating the
utility by adding too much noise. For example, we prove that the Laplace
mechanism needs to add a large amount of noise proportionally to the infinite
Wasserstein distance between the two distributions we want to make
indistinguishable. To improve the tradeoff between distribution privacy and
utility, we introduce a local obfuscation mechanism, called a tupling
mechanism, that adds random dummy data to the output. Then we apply this
mechanism to the protection of user attributes in location based services. By
experiments, we demonstrate that the tupling mechanism outperforms popular
local mechanisms in terms of attribute obfuscation and service quality.Comment: Full version of Proc. ESORICS 2019 (with a longer appendix
Statistical Epistemic Logic
We introduce a modal logic for describing statistical knowledge, which we
call statistical epistemic logic. We propose a Kripke model dealing with
probability distributions and stochastic assignments, and show a stochastic
semantics for the logic. To our knowledge, this is the first semantics for
modal logic that can express the statistical knowledge dependent on
non-deterministic inputs and the statistical significance of observed results.
By using statistical epistemic logic, we express a notion of statistical
secrecy with a confidence level. We also show that this logic is useful to
formalize statistical hypothesis testing and differential privacy in a simple
and abstract manner
Local Distribution Obfuscation via Probability Coupling
We introduce a general model for the local obfuscation of probability
distributions by probabilistic perturbation, e.g., by adding differentially
private noise, and investigate its theoretical properties. Specifically, we
relax a notion of distribution privacy (DistP) by generalizing it to
divergence, and propose local obfuscation mechanisms that provide divergence
distribution privacy. To provide f-divergence distribution privacy, we prove
that probabilistic perturbation noise should be added proportionally to the
Earth mover's distance between the probability distributions that we want to
make indistinguishable. Furthermore, we introduce a local obfuscation
mechanism, which we call a coupling mechanism, that provides divergence
distribution privacy while optimizing the utility of obfuscated data by using
exact/approximate auxiliary information on the input distributions we want to
protect.Comment: Full version of Allerton 2019 paper (This paper extends some part of
the unpublished v3 of arXiv:1812.00939, while v4 of arXiv:1812.00939 extends
the other part and is published in ESORICS'19.
Summary Statistic Privacy in Data Sharing
We study a setting where a data holder wishes to share data with a receiver,
without revealing certain summary statistics of the data distribution (e.g.,
mean, standard deviation). It achieves this by passing the data through a
randomization mechanism. We propose summary statistic privacy, a metric for
quantifying the privacy risk of such a mechanism based on the worst-case
probability of an adversary guessing the distributional secret within some
threshold. Defining distortion as a worst-case Wasserstein-1 distance between
the real and released data, we prove lower bounds on the tradeoff between
privacy and distortion. We then propose a class of quantization mechanisms that
can be adapted to different data distributions. We show that the quantization
mechanism's privacy-distortion tradeoff matches our lower bounds under certain
regimes, up to small constant factors. Finally, we demonstrate on real-world
datasets that the proposed quantization mechanisms achieve better
privacy-distortion tradeoffs than alternative privacy mechanisms