Differential Privacy on the Unit Simplex via the Dirichlet Mechanism

As members of network systems share more information among agents and with network providers, sensitive data leakage raises privacy concerns. Motivated by such concerns, we introduce a novel mechanism that privatizes vectors belonging to the unit simplex. Such vectors can be found in many applications, such as privatizing a decision-making policy in a Markov decision process. We use differential privacy as the underlying mathematical framework for this work. The introduced mechanism is a probabilistic mapping that maps a vector within the unit simplex to the same domain using a Dirichlet distribution. We find the mechanism well-suited for inputs within the unit simplex because it always returns a privatized output that is also in the unit simplex. Therefore, no further projection back onto the unit simplex is required. We verify and quantify the privacy guarantees of the mechanism for three cases: identity queries, average queries, and general linear queries. We establish a trade-off between the level of privacy and the accuracy of the mechanism output, and we introduce a parameter to balance the trade-off between them. Numerical results illustrate the proposed mechanism.

[1]  R. Strawderman Continuous Multivariate Distributions, Volume 1: Models and Applications , 2001 .

[2]  Jiming Liu,et al.  Reinforcement Learning in Healthcare: A Survey , 2019, ACM Comput. Surv..

[3]  Ufuk Topcu,et al.  Switched Linear Systems Meet Markov Decision Processes: Stability Guaranteed Policy Synthesis , 2019, 2019 IEEE 58th Conference on Decision and Control (CDC).

[4]  Ufuk Topcu,et al.  Privacy-Preserving Policy Synthesis in Markov Decision Processes , 2020, 2020 59th IEEE Conference on Decision and Control (CDC).

[5]  A. Prékopa Logarithmic concave measures with applications to stochastic programming , 1971 .

[6]  Jorge Cortés,et al.  Differentially Private Distributed Convex Optimization via Functional Perturbation , 2015, IEEE Transactions on Control of Network Systems.

[7]  Andreas Haeberlen,et al.  Differential Privacy: An Economic Method for Choosing Epsilon , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[8]  Kobbi Nissim,et al.  Is privacy privacy? , 2018, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[9]  Ufuk Topcu,et al.  Entropy Maximization for Markov Decision Processes Under Temporal Logic Constraints , 2018, IEEE Transactions on Automatic Control.

[10]  Austin Jones,et al.  Privacy in Feedback: The Differentially Private LQG , 2017, 2018 Annual American Control Conference (ACC).

[11]  Shiva Prasad Kasiviswanathan,et al.  On the 'Semantics' of Differential Privacy: A Bayesian Formulation , 2008, J. Priv. Confidentiality.

[12]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[13]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[14]  Kaplan,et al.  ‘Combining Probability Distributions from Experts in Risk Analysis’ , 2000, Risk analysis : an official publication of the Society for Risk Analysis.

[15]  Rüdiger Dillmann,et al.  Probabilistic MDP-behavior planning for cars , 2011, 2011 14th International IEEE Conference on Intelligent Transportation Systems (ITSC).

[16]  Ashwin Machanavajjhala,et al.  Publishing Search Logs—A Comparative Study of Privacy Guarantees , 2012, IEEE Transactions on Knowledge and Data Engineering.

[17]  Geir E. Dullerud,et al.  Differential Privacy in Linear Distributed Control Systems: Entropy Minimizing Mechanisms and Performance Tradeoffs , 2017, IEEE Transactions on Control of Network Systems.

[18]  George J. Pappas,et al.  Differential privacy in control and network systems , 2016, 2016 IEEE 55th Conference on Decision and Control (CDC).

[19]  G. W. Hart,et al.  Nonintrusive appliance load monitoring , 1992, Proc. IEEE.

[20]  Ufuk Topcu,et al.  The Dirichlet Mechanism for Differential Privacy on the Unit Simplex , 2020, 2020 American Control Conference (ACC).

[21]  Ufuk Topcu,et al.  Differentially Private Controller Synthesis With Metric Temporal Logic Specifications , 2019, 2020 American Control Conference (ACC).

[22]  M. Sobel,et al.  Incomplete Dirichlet integrals with applications to ordered uniform spacings , 1980 .

[23]  George J. Pappas,et al.  Differentially Private Filtering , 2012, IEEE Transactions on Automatic Control.

[24]  Austin Jones,et al.  Towards Differential Privacy for Symbolic Systems , 2019, 2019 American Control Conference (ACC).

[25]  Spyros Antonatos,et al.  The Bounded Laplace Mechanism in Differential Privacy , 2018, J. Priv. Confidentiality.

[26]  Matthew Hale,et al.  Differentially Private Formation Control , 2020, 2020 59th IEEE Conference on Decision and Control (CDC).

[27]  Eduardo F. Morales,et al.  An Introduction to Reinforcement Learning , 2011 .

[28]  Benjamin C. M. Fung,et al.  Privacy Preserving Record Linkage via grams Projections , 2012, ArXiv.

[29]  Wojciech Zaremba,et al.  OpenAI Gym , 2016, ArXiv.

[30]  Dmitrii Karp,et al.  Normalized Incomplete Beta Function: Log-Concavity in Parameters and Other Properties , 2015, 1509.05120.

[31]  George J. Pappas,et al.  Privacy in Control and Dynamical Systems , 2018 .

[32]  Ratul Mahajan,et al.  Differentially-private network trace analysis , 2010, SIGCOMM '10.

[33]  Yunmei Chen,et al.  Projection Onto A Simplex , 2011, 1101.6081.

[34]  Salil P. Vadhan,et al.  The Complexity of Differential Privacy , 2017, Tutorials on the Foundations of Cryptography.

[35]  Ashwin Machanavajjhala,et al.  Privacy: Theory meets Practice on the Map , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[36]  Bo Li,et al.  How You Act Tells a Lot: Privacy-Leaking Attack on Deep Reinforcement Learning , 2019, AAMAS.

[37]  A. Prékopa On logarithmic concave measures and functions , 1973 .

[38]  Thomas A. Henzinger,et al.  Markov Decision Processes with Multiple Objectives , 2006, STACS.

[39]  N. L. Johnson,et al.  Continuous Multivariate Distributions, Volume 1: Models and Applications , 2019 .

[40]  Mohammad S. Obaidat,et al.  Residential Energy Management in Smart Grid: A Markov Decision Process-Based Approach , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.