Solving the Performance Issues of Epsilon Estimation Method in Differentially Private ERM: Analysis, Solution and Evaluation
Authors: 
Yuzhe Li, Bo LiAuthors Info & Claims
Pages 93 - 99
Abstract
The study of differential privacy has recently garnered significant attention due to its ability to provide rigorous privacy protection for data analysis tasks. However, researchers are grappling with the critical balance between ensuring strong privacy protection and maintaining the utility of the model. While existing theories recommend selecting a privacy requirement and optimizing utility accordingly, practical product requirements often have strict accuracy constraints. As a result, privacy considerations may not always take precedence. Consequently, privacy guarantees are often adjusted to align with the expected level of utility. This mismatch highlights the challenge of training a highly private model that also meets the desired level of utility. Li et al. recently introduced a practical method for estimating utility at any privacy budget level, which can aid in achieving the aforementioned objective. However, upon analysis, our team has uncovered performance deficiencies in this approach. In this paper, we comprehensively examine the performance issues of Li’s method, identify their underlying cause, and present effective solutions. Our experimental results demonstrate that our proposed solutions can greatly improve the performance of Li’s method in a highly efficient manner.
References
[1]
Raef Bassily, Adam Smith, and Abhradeep Thakurta. 2014. Private empirical risk minimization: Efficient algorithms and tight error bounds. In Annual Symposium on Foundations of Computer Science. IEEE, 464–473.
[2]
Kamalika Chaudhuri and Claire Monteleoni. 2008. Privacy-preserving logistic regression. In Advances in Neural Information Processing Systems, D. Koller, D. Schuurmans, Y. Bengio, and L. Bottou (Eds.). Vol. 21. Curran Associates, Inc.
[3]
Kamalika Chaudhuri, Claire Monteleoni, and Anand D Sarwate. 2011. Differentially private empirical risk minimization. Journal of Machine Learning Research 12, Mar (2011), 1069–1109.
[4]
Cynthia Dwork, Aaron Roth, 2014. The algorithmic foundations of differential privacy. Foundations and Trends® in Theoretical Computer Science 9, 3–4 (2014), 211–407.
[5]
Matt Fredrikson, Somesh Jha, and Thomas Ristenpart. 2015. Model inversion attacks that exploit confidence information and basic countermeasures. In Conference on Computer and Communications Security. ACM, 1322–1333.
[6]
Marco Gaboardi, James Honaker, Gary King, Kobbi Nissim, Jonathan R. Ullman, and Salil P. Vadhan. 2016. PSI (Ψ): a Private data Sharing Interface. CoRR abs/1609.04340 (2016). arxiv:1609.04340
[7]
Karan Ganju, Qi Wang, Wei Yang, Carl A Gunter, and Nikita Borisov. 2018. Property inference attacks on fully connected neural networks using permutation invariant representations. In Conference on Computer and Communications Security. ACM, 619–633.
[8]
Chang Ge, Xi He, Ihab F. Ilyas, and Ashwin Machanavajjhala. 2019. APEx: Accuracy-Aware Differentially Private Data Exploration. In Proceedings of the 2019 International Conference on Management of Data. Association for Computing Machinery, 177–194.
[9]
Roger Iyengar, Joseph P Near, Dawn Song, Om Thakkar, Abhradeep Thakurta, and Lun Wang. 2019. Towards Practical Differentially Private Convex Optimization. In Symposium on Security and Privacy. IEEE, 299–316.
[10]
Shiva Prasad Kasiviswanathan, Homin K. Lee, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. 2008. What Can We Learn Privately?. In 2008 49th Annual IEEE Symposium on Foundations of Computer Science. 531–540. https://doi.org/10.1109/FOCS.2008.27
[11]
Daniel Kifer, Adam Smith, and Abhradeep Thakurta. 2012. Private convex empirical risk minimization and high-dimensional regression. In Annual Conference on Learning Theory, Vol. 23. JMLR.org, 25.1–25.40.
[12]
Yuzhe Li, Yong Liu, Bo Li, Weiping Wang, and Nan Liu. 2023. Towards practical differential privacy in data analysis: Understanding the effect of epsilon on utility in private ERM. Computers & Security 128 (2023), 103147. https://doi.org/10.1016/j.cose.2023.103147
[13]
Katrina Ligett, Seth Neel, Aaron Roth, Bo Waggoner, and Steven Z. Wu. 2017. Accuracy First: Selecting a Differential Privacy Level for Accuracy-Constrained ERM. In Advances in Neural Information Processing Systems. Curran Associates Inc., 2563–2573.
[14]
Elisabet Lobo-Vesga, Alejandro Russo, and Marco Gaboardi. 2020. A Programming Framework for Differential Privacy with Accuracy Concentration Bounds. In 2020 IEEE Symposium on Security and Privacy (SP). 411–428.
[15]
Luca Melis, Congzheng Song, Emiliano De Cristofaro, and Vitaly Shmatikov. 2019. Exploiting Unintended Feature Leakage in Collaborative Learning. In Symposium on Security and Privacy. IEEE, 691–706.
[16]
Prashanth Mohan, Abhradeep Thakurta, Elaine Shi, Dawn Song, and David Culler. 2012. GUPT: Privacy Preserving Data Analysis Made Easy. In Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data. Association for Computing Machinery, 349–360.
[17]
Shai Shalev-Shwartz and Nathan Srebro. 2008. SVM Optimization: Inverse Dependence on Training Set Size. In International Conference on Machine Learning. ACM, 928–935.
[18]
Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov. 2017. Membership inference attacks against machine learning models. In Symposium on Security and Privacy. IEEE Computer Society, 3–18.
[19]
Florian Tramèr, Fan Zhang, Ari Juels, Michael K Reiter, and Thomas Ristenpart. 2016. Stealing machine learning models via prediction apis. In USENIX Security Symposium. USENIX Association, 601–618.
[20]
Di Wang, Minwei Ye, and Jinhui Xu. 2017. Differentially private empirical risk minimization revisited: Faster and more general. In Advances in Neural Information Processing Systems. 2722–2731.
[21]
Samuel Yeom, Irene Giacomelli, Matt Fredrikson, and Somesh Jha. 2018. Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting. In Computer Security Foundations Symposium. IEEE Computer Society, 268–282.
Index Terms
- Solving the Performance Issues of Epsilon Estimation Method in Differentially Private ERM: Analysis, Solution and Evaluation
Recommendations
Differentially private regression analysis with dynamic privacy allocation
AbstractIn recent years, machine learning has reaped huge fruits in the domain of artificial intelligence. However, during the process of model training, machine learning models may be afflicted with the risk of disclosing sensitive ...
A semantic-preserving differentially private method for releasing query logs
Highlights- We discuss the challenges and particularities of privacy-preserving releases of query logs.
AbstractQuery logs are of great interest for data analysis. They allow characterizing user profiles, user behaviors and search habits. However, since query logs usually contain personal information, data controllers should implement ...
Towards practical differential privacy in data analysis: Understanding the effect of epsilon on utility in private ERM
AbstractAs computation over sensitive data has been an important goal in recent years, privacy-preserving data analysis has gradually attracted more and more attention. Among various mechanisms, differential privacy has been widely studied due to its ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
June 2023
253 pages
ISBN:9798400700620
DOI:10.1145/3605801
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 09 August 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
CNCIT 2023
CNCIT 2023: 2023 2nd International Conference on Networks, Communications and Information Technology
June 16 - 18, 2023
Qinghai, China
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 285Total Downloads
- Downloads (Last 12 months)203
- Downloads (Last 6 weeks)25
Reflects downloads up to 16 Feb 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in