Revealing information while preserving privacy

Dinur, Irit; Nissim, Kobbi

doi:10.1145/773153.773173

Cited by 798 publications

(834 citation statements)

References 28 publications

Supporting

Mentioning

826

Contrasting

Unclassified

Order By: Relevance

“…We continue a line of research initiated in [10,11] on privacy in statistical databases. A statistic is a quantity computed from a sample.…”

Section: Introductionmentioning

confidence: 91%

“…Their definition is a special case of Definition 1 for input perturbation protocols of a limited form. A similar, more general definition was suggested in [10,11,6]. This was modeled after semantic security of encryptions.…”

Section: Related Workmentioning

confidence: 99%

“…In particular, the standard measure of statistical difference is not a sufficiently good metric in our setting, and needs to be replaced with a more delicate one. In previous work [10,11,6], the definitions were based on semantic security but the proofs were based on indistinguishability, so our move to -indistinguishability is a simplification. Also, semantic security was proved against informed adversaries.…”

Section: Additional Contributionsmentioning

confidence: 99%

“…It is the same as in [12], adapted to general interactive protocols. An equivalent, semantic-securityflavored formulation is a special case of the definition from [10,11,6]; those definitions allowed a large loss of privacy to occur with negligible probability.…”

Section: Related Workmentioning

confidence: 99%

“…We continue a line of research initiated in [10, 11] on privacypreserving statistical databases. Consider a trusted server that holds a database of sensitive information.…”

mentioning

confidence: 94%

See 4 more Smart Citations

Calibrating Noise to Sensitivity in Private Data Analysis

Dwork

McSherry

Nissim

et al. 2006

Lecture Notes in Computer Science

Self Cite

5,379

5,935

View full text Add to dashboard Cite

Abstract. We continue a line of research initiated in [10, 11] on privacypreserving statistical databases. Consider a trusted server that holds a database of sensitive information. Given a query function f mapping databases to reals, the so-called true answer is the result of applying f to the database. To protect privacy, the true answer is perturbed by the addition of random noise generated according to a carefully chosen distribution, and this response, the true answer plus noise, is returned to the user.Previous work focused on the case of noisy sums, in which f = i g(xi), where xi denotes the ith row of the database and g maps database rows to [0, 1]. We extend the study to general functions f , proving that privacy can be preserved by calibrating the standard deviation of the noise according to the sensitivity of the function f . Roughly speaking, this is the amount that any single argument to f can change its output. The new analysis shows that for several particular applications substantially less noise is needed than was previously understood to be the case.The first step is a very clean characterization of privacy in terms of indistinguishability of transcripts. Additionally, we obtain separation results showing the increased value of interactive sanitization mechanisms over non-interactive.

show abstract

“…We continue a line of research initiated in [10,11] on privacy in statistical databases. A statistic is a quantity computed from a sample.…”

Section: Introductionmentioning

confidence: 91%

Section: Related Workmentioning

confidence: 99%

Section: Additional Contributionsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

“…We continue a line of research initiated in [10, 11] on privacypreserving statistical databases. Consider a trusted server that holds a database of sensitive information.…”

mentioning

confidence: 94%

See 3 more Smart Citations

Calibrating Noise to Sensitivity in Private Data Analysis

Dwork

McSherry

Nissim

et al. 2006

Lecture Notes in Computer Science

Self Cite

5,379

5,935

View full text Add to dashboard Cite

show abstract

Protection of Privacy and Confidentiality

2014

Register‐Based Statistics

View full text Add to dashboard Cite

We consider the problem of determining the optimal accuracy of public statistics when increased accuracy requires a loss of privacy. To formalize this allocation problem, we use tools from statistics and computer science to model the publication technology used by a public statistical agency. We derive the demand for accurate statistics from first principles to generate interdependent preferences that account for the publicgood nature of both data accuracy and privacy loss. We first show data accuracy is inefficiently under-supplied by a private provider. Solving the appropriate social planner's problem produces an implementable publication strategy. We implement the socially optimal publication plan for statistics on income and health status using data from the American Community Survey, National Health Interview Survey, Federal Statistical System Public Opinion Survey and Cornell National Social Survey. Our analysis indicates that welfare losses from providing too much privacy protection and, therefore, too little accuracy can be substantial.

show abstract

Adversarial Machine Learning

Reznik¹

2021

Intelligent Security Systems

View full text Add to dashboard Cite

In this paper (expanded from an invited talk at AISEC 2010), we discuss an emerging field of study: adversarial machine learning-the study of effective machine learning techniques against an adversarial opponent. In this paper, we: give a taxonomy for classifying attacks against online machine learning algorithms; discuss application-specific factors that limit an adversary's capabilities; introduce two models for modeling an adversary's capabilities; explore the limits of an adversary's knowledge about the algorithm, feature space, training, and input data; explore vulnerabilities in machine learning algorithms; discuss countermeasures against attacks; introduce the evasion challenge; and discuss privacy-preserving learning techniques.

show abstract

Revealing information while preserving privacy

Cited by 798 publications

References 28 publications

Calibrating Noise to Sensitivity in Private Data Analysis

Calibrating Noise to Sensitivity in Private Data Analysis

Protection of Privacy and Confidentiality

Adversarial Machine Learning

Contact Info

Product

Resources

About