BLIP: Non-interactive Differentially-Private Similarity Computation on Bloom filters

Alaggan, Mohammad; Gambs, Sébastien; Kermarrec, Anne-Marie

doi:10.1007/978-3-642-33536-5_20

Cited by 44 publications

(68 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This problem has been studied by Alaggan et al (2012). They show that differential privacy can be satisfied if each bit of a Bloom filter is flipped with a probability p = 1/(1 + e /k ), where k is the number of hash functions and is the privacy parameter.…”

Section: Random Bitsmentioning

confidence: 99%

Privacy‐preserving record linkage

Schnell

2015

Methodological Developments in Data Linkage

View full text Add to dashboard Cite

Section: Random Bitsmentioning

confidence: 99%

Privacy‐preserving record linkage

Schnell

2015

Methodological Developments in Data Linkage

View full text Add to dashboard Cite

“…The first mechanism is based on randomizing a Bloom filter representation of the profile [1] while the second relies on the application of the Johnson-Lindenstrauss transform and the addition of noise [2]. Both mechanisms preserve some global properties such as the ability to compute a distance between two profiles while hiding the details of the profiles themselves.…”

Section: Differential Privacymentioning

confidence: 99%

“…The main objective of BLIP [1] is to prevent the adversary from learning the presence (or absence) of an item in the profile of a user by observing the Bloom filter representation of this profile. Our theoretical analysis provided in Section 5 is based on the model of profiles and the BLIP sanitization described thereafter.…”

Section: Blipmentioning

confidence: 99%

“…One possible approach to solve this problem is to sanitize the profile of a user with a non-interactive mechanism compliant with the concept of differential privacy before his publication. In particular, this paper investigates the privacy guarantees offered by two non-interactive mechanisms offering a differentially private representation of profiles: BLIP (BLoom-and-flIP) [1] and JLT (Johnson-Lindenstrauss Transform) [2].…”

Section: Introductionmentioning

confidence: 99%

“…First in Section 2, we give an overview of the concept of differential privacy. Then, we describe two noninteractive differentially private mechanisms in Sections 3 and 4 that have been recently proposed: BLIP (BLoom-and-flIP ) [1] and one based on the JohnsonLindenstrauss Transform (JLT in short) [2]. These mechanisms transform the profile of a user into a compact representation that estimate the similarity between profiles while hiding the presence or absence of a particular item in the profile (in the sense of differential privacy).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Challenging Differential Privacy:The Case of Non-interactive Mechanisms

Balu

Furon

Gambs

2014

Computer Security - ESORICS 2014

Self Cite

View full text Add to dashboard Cite

To cite this version:Raghavendran Balu, Teddy Furon, Sébastien Gambs. Abstract. In this paper, we consider personalized recommendation systems in which before publication, the profile of a user is sanitized by a non-interactive mechanism compliant with the concept of differential privacy. We consider two existing schemes offering a differentially private representation of profiles: BLIP (BLoom-and-flIP) and JLT (JohnsonLindenstrauss Transform). For assessing their security levels, we play the role of an adversary aiming at reconstructing a user profile. We compare two inference attacks, namely single and joint decoding. The first one decides of the presence of a single item in the profile, and sequentially explores all the item set. The latter strategy decides whether a subset of items is likely to be the user profile, and considers all the possible subsets. Our contributions are a theoretical analysis as well as a practical implementation of both attacks, which were evaluated on datasets of real user profiles. The results obtained clearly demonstrates that joint decoding is the most powerful attack, while also giving useful insights on how to set the differential privacy parameter ǫ.

show abstract

Locally private Jaccard similarity estimation

Yan

Ren

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

Summary Jaccard Similarity has been widely used to measure the distance between two sets (or preference profiles) owned by two different users. Yet, in the private data collection scenario, it requires the untrusted curator could only estimate an approximately accurate Jaccard similarity of the involved users but without being allowed to access their preference profiles. This paper aims to address the above requirements by considering the local differential privacy model. To achieve this, we initially focused on a particular hash technique, MinHash, which was originally invented to estimate the Jaccard similarity efficiently. We designed the PrivMin algorithm to achieve the perturbation of MinHash signature by adopting Exponential mechanism and build the Locally Differentially Private Jaccard Similarity Estimation (LDP‐JSE) protocol for allowing the untrusted curator to approximately estimate Jaccard similarity. Theoretical and empirical results demonstrate that the proposed protocol can retain a highly acceptable utility of the estimated similarity as well as preserving privacy.

show abstract

BLIP: Non-interactive Differentially-Private Similarity Computation on Bloom filters

Cited by 44 publications

References 20 publications

Privacy‐preserving record linkage

Privacy‐preserving record linkage

Challenging Differential Privacy:The Case of Non-interactive Mechanisms

Locally private Jaccard similarity estimation

Contact Info

Product

Resources

About