Differentially Private Gaussian Processes

A major challenge for machine learning is increasing the availability of data while respecting the privacy of individuals. Here we combine the provable privacy guarantees of the differential privacy framework with the flexibility of Gaussian processes (GPs). We propose a method using GPs to provide differentially private (DP) regression. We then improve this method by crafting the DP noise covariance structure to efficiently protect the training data, while minimising the scale of the added noise. We find that this cloaking method achieves the greatest accuracy, while still providing privacy guarantees, and offers practical DP for regression over multi-dimensional inputs. Together these methods provide a starter toolkit for combining differential privacy and GPs.

[1]  Roman Garnett,et al.  Differentially Private Bayesian Optimization , 2015, ICML.

[2]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[3]  Andrew Gordon Wilson,et al.  Scalable Gaussian Processes for Characterizing Multidimensional Change Surfaces , 2015, AISTATS.

[4]  Ling Huang,et al.  Learning in a Large Function Space: Privacy-Preserving Mechanisms for SVM Learning , 2009, J. Priv. Confidentiality.

[5]  L McLellan,et al.  A study to determine if dried moringa leaf powder is an acceptable supplement to combine with maize meal for Malawian children , 2010, Proceedings of the Nutrition Society.

[6]  Roksana Boreli,et al.  Applying Differential Privacy to Matrix Factorization , 2015, RecSys.

[7]  Anand D. Sarwate,et al.  Differentially Private Empirical Risk Minimization , 2009, J. Mach. Learn. Res..

[8]  Ufuk Topcu,et al.  Differentially private convex optimization with piecewise affine objectives , 2014, 53rd IEEE Conference on Decision and Control.

[9]  L. Wasserman,et al.  A Statistical Framework for Differential Privacy , 2008, 0811.2501.

[10]  Neil D. Lawrence,et al.  Variational Inference for Latent Variables and Uncertain Inputs in Gaussian Processes , 2016, J. Mach. Learn. Res..

[11]  Kunal Talwar,et al.  Mechanism Design via Differential Privacy , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[12]  J. Varah A lower bound for the smallest singular value of a matrix , 1975 .

[13]  Michalis K. Titsias,et al.  Variational Learning of Inducing Variables in Sparse Gaussian Processes , 2009, AISTATS.

[14]  Zoubin Ghahramani,et al.  Sparse Gaussian Processes using Pseudo-inputs , 2005, NIPS.

[15]  Cynthia Dwork,et al.  Differential privacy and robust statistics , 2009, STOC '09.

[16]  Yin Yang,et al.  Differentially private histogram publication , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[17]  R. M. Loynes,et al.  Regression Methods: A Tool for Data Analysis , 1979 .

[18]  Hong Chen,et al.  Differentially private density estimation via Gaussian mixtures model , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).

[19]  Larry A. Wasserman,et al.  Differential privacy for functions and functional data , 2012, J. Mach. Learn. Res..

[20]  Adam D. Smith,et al.  Composition attacks and auxiliary information in data privacy , 2008, KDD.

[21]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[22]  Carl E. Rasmussen,et al.  Gaussian processes for machine learning , 2005, Adaptive computation and machine learning.

[23]  Antti Honkela,et al.  Differentially private Bayesian learning on distributed data , 2017, NIPS.

[24]  Anand D. Sarwate,et al.  Stochastic gradient descent with differentially private updates , 2013, 2013 IEEE Global Conference on Signal and Information Processing.

[25]  Kamalika Chaudhuri,et al.  A Stability-based Validation Procedure for Differentially Private Machine Learning , 2013, NIPS.

[26]  L Sweeney,et al.  Weaving Technology and Policy Together to Maintain Confidentiality , 1997, Journal of Law, Medicine & Ethics.

[27]  Jasper Snoek,et al.  Input Warping for Bayesian Optimization of Non-Stationary Functions , 2014, ICML.

[28]  Yin Yang,et al.  Functional Mechanism: Regression Analysis under Differential Privacy , 2012, Proc. VLDB Endow..

[29]  Carl E. Rasmussen,et al.  A Unifying View of Sparse Approximate Gaussian Process Regression , 2005, J. Mach. Learn. Res..

[30]  Neil D. Lawrence,et al.  Modelling transcriptional regulation using Gaussian Processes , 2006, NIPS.

[31]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2016, J. Priv. Confidentiality.

[32]  Ashwin Machanavajjhala,et al.  Privacy: Theory meets Practice on the Map , 2008, 2008 IEEE 24th International Conference on Data Engineering.