Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
97 tokens/sec
GPT-4o
53 tokens/sec
Gemini 2.5 Pro Pro
44 tokens/sec
o3 Pro
5 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Local Privacy-preserving Mechanisms and Applications in Machine Learning (2401.13692v1)

Published 8 Jan 2024 in cs.CR

Abstract: The emergence and evolution of Local Differential Privacy (LDP) and its various adaptations play a pivotal role in tackling privacy issues related to the vast amounts of data generated by intelligent devices, which are crucial for data-informed decision-making in the realm of crowdsensing. Utilizing these extensive datasets can provide critical insights but also introduces substantial privacy concerns for the individuals involved. LDP, noted for its decentralized framework, excels in providing strong privacy protection for individual users during the stages of data collection and processing. The core principle of LDP lies in its technique of altering each user's data locally at the client end before it is sent to the server, thus preventing privacy violations at both stages. There are many LDP variances in the privacy research community aimed to improve the utility-privacy tradeoff. On the other hand, one of the major applications of the privacy-preserving mechanisms is machine learning. In this paper, we firstly delves into a comprehensive analysis of LDP and its variances, focusing on their various models, the diverse range of its adaptations, and the underlying structure of privacy mechanisms; then we discuss the state-of-art privacy mechanisms applications in machine learning.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (79)
  1. European Parliament and Council of the European Union. Regulation (EU) 2016/679 of the European Parliament and of the Council. [Online]. Available: https://data.europa.eu/eli/reg/2016/679/oj
  2. R. MEYER. (2014) Facebook’s mood manipulation experiment might have been illegal.
  3. “No free lunch in data privacy,” in Proceedings of SIGMOD 2011 and PODS 2011, ser. Proceedings of the ACM SIGMOD International Conference on Management of Data.   Association for Computing Machinery, 2011, pp. 193–204.
  4. C. Dwork, F. McSherry, and K. Nissim, “Calibrating noise to sensitivity in private data analysis,” in Theory of Cryptography: Third Theory of Cryptography Conference, 2006, pp. 265–284. [Online]. Available: https://doi.org/10.1007/11681878_14
  5. C. Dwork, “Differential privacy,” in Automata, Languages and Programming: 33rd International Colloquium, ICALP 2006, Part II, M. Bugliesi, B. Preneel, V. Sassone, and I. Wegener, Eds., 2006, pp. 1–12. [Online]. Available: https://doi.org/10.1007/11787006_1
  6. Y. Xiao and L. Xiong, “Protecting locations with differential privacy under temporal correlations,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’15, New York, NY, USA, 2015, p. 1298–1309.
  7. W. Primoff and S. Kess, “The equifax data breach: What cpas and firms need to know now,” The CPA Journal, vol. 87, no. 12, pp. 14–17, 2017.
  8. J. Lu, “Assessing the cost, legal fallout of capital one data breach,” Legal Fallout Of Capital One Data Breach (August 15, 2019), 2019.
  9. C. Dwork, “Differential privacy: A survey of results,” in Theory and Applications of Models of Computation: 5th International Conference, TAMC, M. Agrawal, D. Du, and Z. Duan, Eds., 2008, pp. 1–19. [Online]. Available: https://doi.org/10.1007/978-3-540-79228-4_1
  10. Úlfar Erlingsson, V. Pihur, and A. Korolova, “Rappor: Randomized aggregatable privacy-preserving ordinal response,” in Proceedings of the 21st ACM CCS, 2014.
  11. A. Greenberg, “Apple’s ‘differential privacy’ is about collecting your data—but not your data,” 2016. [Online]. Available: https://www.wired.com/2016/06/apples-differential-privacy-collecting-data/
  12. T. Wang, J. Blocki, N. Li, and S. Jha, “Locally differentially private protocols for frequency estimation,” in 26th USENIX Security 17.   USENIX Association, 2017, pp. 729–745. [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/wang-tianhao
  13. Z. Qin, Y. Yang, and T. Yu, “Heavy hitter estimation over set-valued data with local differential privacy,” in Proceedings of the 2016 ACM SIGSAC, ser. CCS ’16, 2016, pp. 192–203. [Online]. Available: http://doi.acm.org/10.1145/2976749.2978409
  14. C. Huang, P. Kairouz, X. Chen, L. Sankar, and R. Rajagopal, “Context-aware generative adversarial privacy,” CoRR, vol. abs/1710.09549, 2017. [Online]. Available: http://arxiv.org/abs/1710.09549
  15. R. Bassily, “Linear queries estimation with local differential privacy,” CoRR, vol. abs/1810.02810, 2018. [Online]. Available: http://arxiv.org/abs/1810.02810
  16. B. Avent, A. Korolova, D. Zeber, T. Hovden, and B. Livshits, “BLENDER: Enabling local search with a hybrid differential privacy model,” in 26th USENIX Security Symposium (USENIX Security 17).   Vancouver, BC: USENIX Association, Aug. 2017, pp. 747–764. [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/avent
  17. C. Dwork, K. Kenthapadi, F. McSherry, I. Mironov, and M. Naor, “Our data, ourselves: Privacy via distributed noise generation,” in Advances in Cryptology - EUROCRYPT 2006, 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, May 28 - June 1, 2006, Proceedings, ser. Lecture Notes in Computer Science, S. Vaudenay, Ed., vol. 4004.   Springer, 2006, pp. 486–503. [Online]. Available: https://doi.org/10.1007/11761679\_29
  18. M. E. Andrés, N. E. Bordenabe, and K. Chatzikokolakis, “Geo-indistinguishability: Differential privacy for location-based systems,” CoRR, vol. abs/1212.1984, 2012. [Online]. Available: http://arxiv.org/abs/1212.1984
  19. M. S. Alvim, K. Chatzikokolakis, C. Palamidessi, and A. Pazii, “Metric-based local differential privacy for statistical applications,” CoRR, vol. abs/1805.01456, 2018. [Online]. Available: http://arxiv.org/abs/1805.01456
  20. B. Jiang, M. Li, and R. Tandon, “Context-Aware data aggregation with localized information privacy,” in 2018 IEEE Conference on Communications and Network Security (CNS), May 2018.
  21. ——, “Local information privacy with bounded prior,” in ICC 2019-2019 IEEE International Conference on Communications (ICC), May 2019, pp. 1–7.
  22. ——, “Local information privacy and its application to privacy-preserving data aggregation,” IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 3, pp. 1918–1935, 2022.
  23. B. Jiang, M. Seif, R. Tandon, and M. Li, “Context-aware local information privacy,” IEEE Transactions on Information Forensics and Security, vol. 16, pp. 3694–3708, 2021.
  24. M. E. Gursoy, A. Tamersoy, S. Truex, W. Wei, and L. Liu, “Secure and utility-aware data collection with condensed local differential privacy,” CoRR, vol. abs/1905.06361, 2019. [Online]. Available: http://arxiv.org/abs/1905.06361
  25. Y. NIE, W. Yang, L. Huang, X. Xie, Z. Zhao, and S. Wang, “A utility-optimized framework for personalized private histogram estimation,” IEEE Transactions on Knowledge and Data Engineering, vol. 31, no. 4, pp. 655–669, 2019.
  26. T. Murakami and Y. Kawamoto, “Utility-optimized local differential privacy mechanisms for distribution estimation,” in Proceedings of the 28th USENIX Conference on Security Symposium, ser. SEC’19.   USA: USENIX Association, 2019, p. 1877–1894.
  27. S. Takagi, Y. Cao, and M. Yoshikawa, “Poster: Data collection via local differential privacy with secret parameters,” in Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ser. ASIA CCS ’20.   New York, NY, USA: Association for Computing Machinery, 2020, p. 910–912. [Online]. Available: https://doi.org/10.1145/3320269.3405441
  28. A. Machanavajjhala and J. Gehrke, “On the efficiency of checking perfect privacy,” in Proceedings of the Twenty-Fifth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, ser. PODS ’06.   New York, NY, USA: Association for Computing Machinery, 2006, p. 163–172. [Online]. Available: https://doi.org/10.1145/1142351.1142375
  29. B. Jiang, M. Seif, R. Tandon, and M. Li, “Answering count queries for genomic data with perfect privacy,” IEEE Transactions on Information Forensics and Security, vol. 18, pp. 3862–3875, 2023.
  30. R. Shokri, M. Stronati, C. Song, and V. Shmatikov, “Membership inference attacks against machine learning models,” in 2017 IEEE Symposium on Security and Privacy (SP), 2017, pp. 3–18.
  31. M. Fredrikson, S. Jha, and T. Ristenpart, “Model inversion attacks that exploit confidence information and basic countermeasures,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’15.   New York, NY, USA: Association for Computing Machinery, 2015, p. 1322–1333. [Online]. Available: https://doi.org/10.1145/2810103.2813677
  32. C. Song, T. Ristenpart, and V. Shmatikov, “Machine learning models that remember too much,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’17.   New York, NY, USA: Association for Computing Machinery, 2017, p. 587–601. [Online]. Available: https://doi.org/10.1145/3133956.3134077
  33. M. Abadi, A. Chu, I. Goodfellow, H. B. McMahan, I. Mironov, K. Talwar, and L. Zhang, “Deep learning with differential privacy,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’16.   New York, NY, USA: Association for Computing Machinery, 2016, p. 308–318. [Online]. Available: https://doi.org/10.1145/2976749.2978318
  34. J. Zhao, Y. Chen, and W. Zhang, “Differential privacy preservation in deep learning: Challenges, opportunities and solutions,” IEEE Access, vol. 7, pp. 48 901–48 911, 2019.
  35. J. Lee and D. Kifer, “Concentrated differentially private gradient descent with adaptive per-iteration privacy budget,” in Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, ser. KDD ’18.   New York, NY, USA: Association for Computing Machinery, 2018, p. 1656–1665. [Online]. Available: https://doi.org/10.1145/3219819.3220076
  36. K. Nissim, U. Stemmer, and S. Vadhan, “Locating a small cluster privately,” in Proceedings of the 35th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems, 2016, pp. 413–427.
  37. D. Su, J. Cao, N. Li, E. Bertino, and H. Jin, “Differentially private k-means clustering,” in Proceedings of the sixth ACM conference on data and application security and privacy, 2016, pp. 26–37.
  38. K. Nissim and U. Stemmer, “Clustering algorithms for the centralized and local models,” in Algorithmic Learning Theory.   PMLR, 2018, pp. 619–653.
  39. L. Sun, J. Zhao, and X. Ye, “Distributed clustering in the anonymized space with local differential privacy,” arXiv preprint arXiv:1906.11441, 2019.
  40. D. Karapiperis, A. Gkoulalas-Divanis, and V. S. Verykios, “Distance-aware encoding of numerical values for privacy-preserving record linkage,” in 2017 IEEE 33rd International Conference on Data Engineering (ICDE).   IEEE, 2017, pp. 135–138.
  41. Y. Li, S. Liu, J. Wang, and M. Liu, “A local-clustering-based personalized differential privacy framework for user-based collaborative filtering,” in Database Systems for Advanced Applications: 22nd International Conference, DASFAA 2017, Suzhou, China, March 27-30, 2017, Proceedings, Part I 22.   Springer, 2017, pp. 543–558.
  42. M. Akter and T. Hashem, “Computing aggregates over numeric data with personalized local differential privacy,” in Information Security and Privacy: 22nd Australasian Conference, ACISP 2017, Auckland, New Zealand, July 3–5, 2017, Proceedings, Part II 22.   Springer, 2017, pp. 249–260.
  43. C. Xia, J. Hua, W. Tong, and S. Zhong, “Distributed k-means clustering guaranteeing local differential privacy,” Computers & Security, vol. 90, p. 101699, 2020.
  44. E. Yilmaz, M. Al-Rubaie, and J. M. Chang, “Locally differentially private naive bayes classification,” CoRR, vol. abs/1905.01039, 2019. [Online]. Available: http://arxiv.org/abs/1905.01039
  45. Q. Xue, Y. Zhu, and J. Wang, “Joint distribution estimation and naïve bayes classification under local differential privacy,” IEEE Transactions on Emerging Topics in Computing, vol. 9, no. 4, pp. 2053–2063, 2021.
  46. T. Berrett and C. Butucea, “Classification under local differential privacy,” arXiv preprint arXiv:1912.04629, 2019.
  47. K. Chaudhuri, C. Monteleoni, and A. D. Sarwate, “Differentially private empirical risk minimization.” Journal of Machine Learning Research, vol. 12, no. 3, 2011.
  48. A. Smith, A. Thakurta, and J. Upadhyay, “Is interaction necessary for distributed private learning?” in 2017 IEEE Symposium on Security and Privacy (SP).   IEEE, 2017, pp. 58–77.
  49. K. Zheng, W. Mou, and L. Wang, “Collect at once, use effectively: Making non-interactive locally private learning possible,” in International Conference on Machine Learning.   PMLR, 2017, pp. 4130–4139.
  50. D. Wang, C. Chen, and J. Xu, “Differentially private empirical risk minimization with non-convex loss functions,” in International Conference on Machine Learning.   PMLR, 2019, pp. 6526–6535.
  51. D. Wang, H. Zhang, M. Gaboardi, and J. Xu, “Estimating smooth glm in non-interactive local differential privacy model with public unlabeled data,” in Algorithmic Learning Theory.   PMLR, 2021, pp. 1207–1213.
  52. D. Wang and J. Xu, “Principal component analysis in the local differential privacy model,” Theoretical computer science, vol. 809, pp. 296–312, 2020.
  53. W. Fan, J. He, M. Guo, P. Li, Z. Han, and R. Wang, “Privacy preserving classification on local differential privacy in data centers,” Journal of Parallel and Distributed Computing, vol. 135, pp. 70–82, 2020.
  54. C. Yin, B. Zhou, Z. Yin, and J. Wang, “Local privacy protection classification based on human-centric computing,” Human-centric Computing and Information Sciences, vol. 9, pp. 1–14, 2019.
  55. K.-S. Jun and F. Orabona, “Parameter-free locally differentially private stochastic subgradient descent,” arXiv preprint arXiv:1911.09564, 2019.
  56. X. Pan, W. Wang, X. Zhang, B. Li, J. Yi, and D. Song, “How you act tells a lot: Privacy-leaking attack on deep reinforcement learning.” in AAMAS, vol. 19, no. 2019, 2019, pp. 368–376.
  57. P. Gajane, T. Urvoy, and E. Kaufmann, “Corrupt bandits for preserving local privacy,” in Algorithmic Learning Theory.   PMLR, 2018, pp. 387–412.
  58. D. Basu, C. Dimitrakakis, and A. Tossou, “Differential privacy for multi-armed bandits: What is it and what is its cost?” arXiv preprint arXiv:1905.12298, 2019.
  59. H. Ono and T. Takahashi, “Locally private distributed reinforcement learning,” arXiv preprint arXiv:2001.11718, 2020.
  60. W. Ren, X. Zhou, J. Liu, and N. B. Shroff, “Multi-armed bandits with local differential privacy,” arXiv preprint arXiv:2007.03121, 2020.
  61. Y. Li, “Deep reinforcement learning: An overview,” arXiv preprint arXiv:1701.07274, 2017.
  62. S. A. Osia, A. S. Shamsabadi, S. Sajadmanesh, A. Taheri, K. Katevas, H. R. Rabiee, N. D. Lane, and H. Haddadi, “A hybrid deep learning architecture for privacy-preserving mobile analytics,” IEEE Internet of Things Journal, vol. 7, no. 5, pp. 4505–4518, 2020.
  63. P. C. M. Arachchige, P. Bertok, I. Khalil, D. Liu, S. Camtepe, and M. Atiquzzaman, “Local differential privacy for deep learning,” IEEE Internet of Things Journal, vol. 7, no. 7, pp. 5827–5842, 2019.
  64. T. Wang, N. Li, and S. Jha, “Locally differentially private frequent itemset mining,” in 2018 IEEE Symposium on Security and Privacy (SP), vol. 00, pp. 578–594.
  65. J. Zhao, “Distributed deep learning under differential privacy with the teacher-student paradigm,” in Workshops at the Thirty-Second AAAI Conference on Artificial Intelligence, 2018.
  66. C. Xu, J. Ren, L. She, Y. Zhang, Z. Qin, and K. Ren, “Edgesanitizer: Locally differentially private deep inference at the edge for mobile data analytics,” IEEE Internet of Things Journal, vol. 6, no. 3, pp. 5140–5151, 2019.
  67. Q. Yang, Y. Liu, T. Chen, and Y. Tong, “Federated machine learning: Concept and applications,” ACM Transactions on Intelligent Systems and Technology (TIST), vol. 10, no. 2, pp. 1–19, 2019.
  68. Q. Li, Z. Wen, and B. He, “Federated learning systems: Vision, hype and reality for data privacy and protection. arxiv 2019,” arXiv preprint arXiv:1907.09693.
  69. H. Zheng, H. Hu, and Z. Han, “Preserving user privacy for machine learning: Local differential privacy or federated machine learning?” IEEE Intelligent Systems, vol. 35, no. 4, pp. 5–14, 2020.
  70. Y. Zhao, J. Zhao, M. Yang, T. Wang, N. Wang, L. Lyu, D. Niyato, and K.-Y. Lam, “Local differential privacy-based federated learning for internet of things,” IEEE Internet of Things Journal, vol. 8, no. 11, pp. 8836–8853, 2020.
  71. M. Seif, R. Tandon, and M. Li, “Wireless federated learning with local differential privacy,” in 2020 IEEE International Symposium on Information Theory (ISIT).   IEEE, 2020, pp. 2604–2609.
  72. R. C. Geyer, T. Klein, and M. Nabi, “Differentially private federated learning: A client level perspective,” arXiv preprint arXiv:1712.07557, 2017.
  73. M. Kim, O. Günlü, and R. F. Schaefer, “Federated learning with local differential privacy: Trade-offs between privacy, utility, and communication,” in ICASSP 2021-2021 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).   IEEE, 2021, pp. 2650–2654.
  74. D. Wang, M. Gaboardi, and J. Xu, “Empirical risk minimization in non-interactive local differential privacy revisited,” Advances in Neural Information Processing Systems, vol. 31, 2018.
  75. A. Bhowmick, J. Duchi, J. Freudiger, G. Kapoor, and R. Rogers, “Protection against reconstruction and its applications in private federated learning,” arXiv preprint arXiv:1812.00984, 2018.
  76. J. Li, M. Khodak, S. Caldas, and A. Talwalkar, “Differentially private meta-learning,” arXiv preprint arXiv:1909.05830, 2019.
  77. R. Liu, Y. Cao, M. Yoshikawa, and H. Chen, “Fedsel: Federated sgd under local differential privacy with top-k dimension selection,” in Database Systems for Advanced Applications: 25th International Conference, DASFAA 2020, Jeju, South Korea, September 24–27, 2020, Proceedings, Part I 25.   Springer, 2020, pp. 485–501.
  78. L. Sun, J. Qian, and X. Chen, “Ldp-fl: Practical private aggregation in federated learning with local differential privacy,” arXiv preprint arXiv:2007.15789, 2020.
  79. M. Naseri, J. Hayes, and E. De Cristofaro, “Toward robustness and privacy in federated learning: Experimenting with local and central differential privacy,” arXiv preprint arXiv:2009.03561, 2020.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (2)
  1. Likun Qin (3 papers)
  2. Tianshuo Qiu (5 papers)

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now