Calibrating Noise to Sensitivity in Private Data Analysis

@inproceedings{Dwork2006CalibratingNT,
  title={Calibrating Noise to Sensitivity in Private Data Analysis},
  author={Cynthia Dwork and Frank McSherry and Kobbi Nissim and Adam D. Smith},
  booktitle={Theory of Cryptography Conference},
  year={2006}
}
We continue a line of research initiated in [10, 11] on privacy-preserving statistical databases. [] Key Result Additionally, we obtain separation results showing the increased value of interactive sanitization mechanisms over non-interactive.

Lower Bounds in Differential Privacy

This paper combines the techniques of Hardt and Talwar [11] and McGregor et al.

Smooth sensitivity and sampling in private data analysis

This is the first formal analysis of the effect of instance-based noise in the context of data privacy, and shows how to do this efficiently for several different functions, including the median and the cost of the minimum spanning tree.

Security of Random Output Perturbation for Statistical Databases

  • Daniel Z. Zanger
  • Computer Science, Mathematics
    Privacy in Statistical Databases
  • 2012
We prove that, with respect to a database query response privacy mechanism employing output perturbation with i.i.d. random noise addition, an adversary can, allowed a sufficiently large number of

Privacy of Aggregated Data without Noise

This paper investigates when the aggregated data (without adding noise) does not devastate privacy of users and shows when the data has enough ``uncertainty'' to be self-secured without any statistical perturbation.

Our Data, Ourselves: Privacy Via Distributed Noise Generation

This work provides efficient distributed protocols for generating shares of random noise, secure against malicious participants, and introduces a technique for distributing shares of many unbiased coins with fewer executions of verifiable secret sharing than would be needed using previous approaches.

Differential Privacy for Sum Queries without External Noise ∗ † Yitao

It is shown that for some types of queries, when the dataset is sufficiently large, the inherent uncertainty associated with unknown quantities is enough to provide similar perturbation and the same privacy can be obtained without external noise.

Privacy-Preserving Parametric Inference: A Case for Robust Statistics

It is demonstrated that differential privacy is a weaker stability requirement than infinitesimal robustness, and it is shown that robust M-estimators can be easily randomized to guarantee both differential privacy and robustness toward the presence of contaminated data.

Noiseless Privacy for Some Classes of Dependent Data

This paper considers the problem of revealing aggregated sensitive data without adding noise in a way that the privacy of individuals is preserved in terms of differential privacy and gives detailed results which is motivated by practical reasons.

Geometric Noise for Locally Private Counting Queries

This paper focuses on the problem of estimating the counting queries on numerical data, and proposes a variant of LDP based on the addition of geometric noise, which is universally optimal for DP, i.e., it provides the best utility for a given level of DP, regardless of the side knowledge of the attacker.

Privacy Against Many Arbitrary Low-sensitivity Queries

This paper describes the first solution for large setsQ of arbitrary queries for which the presence or absence of a single datum has small effect on the outcome.
...

References

SHOWING 1-10 OF 25 REFERENCES

Smooth sensitivity and sampling in private data analysis

This is the first formal analysis of the effect of instance-based noise in the context of data privacy, and shows how to do this efficiently for several different functions, including the median and the cost of the minimum spanning tree.

Practical privacy: the SuLQ framework

This work considers a statistical database in which a trusted administrator introduces noise to the query responses with the goal of maintaining privacy of individual database entries, and modify the privacy analysis to real-valued functions f and arbitrary row types, greatly improving the bounds on noise required for privacy.

Our Data, Ourselves: Privacy Via Distributed Noise Generation

This work provides efficient distributed protocols for generating shares of random noise, secure against malicious participants, and introduces a technique for distributing shares of many unbiased coins with fewer executions of verifiable secret sharing than would be needed using previous approaches.

A Statistical Framework for Differential Privacy

This work studies a general privacy method, called the exponential mechanism, introduced by McSherry and Talwar (2007), and shows that the accuracy of this method is intimately linked to the rate at which the probability that the empirical distribution concentrates in a small ball around the true distribution.

Privacy: Theory meets Practice on the Map

In this paper, we propose the first formal privacy analysis of a data anonymization process known as the synthetic data generation, a technique becoming popular in the statistics community. The

Toward Privacy in Public Databases

An important contribution of this work is a definition of privacy (and privacy compromise) for statistical databases, together with a method for describing and comparing the privacy offered by specific sanitization techniques.

On the Utility of Privacy-Preserving Histograms

This work develops a method for computing a privacy-preserving histogram sanitization of “round” distributions, such as the uniform distribution over a high-dimensional ball or sphere, and develops techniques for randomizing the histogram constructions both for the hypercube and the hypersphere.

Limiting privacy breaches in privacy preserving data mining

This paper presents a new formulation of privacy breaches, together with a methodology, "amplification", for limiting them, and instantiate this methodology for the problem of mining association rules, and modify the algorithm from [9] to limit privacy breaches without knowledge of the data distribution.

Differential Privacy

  • C. Dwork
  • Computer Science
    Encyclopedia of Cryptography and Security
  • 2006
A general impossibility result is given showing that a formalization of Dalenius' goal along the lines of semantic security cannot be achieved, which suggests a new measure, differential privacy, which, intuitively, captures the increased risk to one's privacy incurred by participating in a database.

Composition attacks and auxiliary information in data privacy

This paper investigates composition attacks, in which an adversary uses independent anonymized releases to breach privacy, and provides a precise formulation of this property, and proves that an important class of relaxations of differential privacy also satisfy the property.