Differentially Private Regression with Gaussian Processes

A major challenge for machine learning is increasing the availability of data while respecting the privacy of individuals. Here we combine the provable privacy guarantees of the differential privacy framework with the flexibility of Gaussian processes (GPs). We propose a method using GPs to provide differentially private (DP) regression. We then improve this method by crafting the DP noise covariance structure to efficiently protect the training data, while minimising the scale of the added noise. We find that this cloaking method achieves the greatest accuracy, while still providing privacy guarantees, and offers practical DP for regression over multi-dimensional inputs. Together these methods provide a starter toolkit for combining differential privacy and GPs.

[1]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[2]  L Sweeney,et al.  Weaving Technology and Policy Together to Maintain Confidentiality , 1997, Journal of Law, Medicine & Ethics.

[3]  Jasper Snoek,et al.  Input Warping for Bayesian Optimization of Non-Stationary Functions , 2014, ICML.

[4]  Roman Garnett,et al.  Differentially Private Bayesian Optimization , 2015, ICML.

[5]  Yin Yang,et al.  Functional Mechanism: Regression Analysis under Differential Privacy , 2012, Proc. VLDB Endow..

[6]  Ashwin Machanavajjhala,et al.  Privacy: Theory meets Practice on the Map , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[7]  Cynthia Dwork,et al.  Differential privacy and robust statistics , 2009, STOC '09.

[8]  Anand D. Sarwate,et al.  Differentially Private Empirical Risk Minimization , 2009, J. Mach. Learn. Res..

[9]  J. Varah A lower bound for the smallest singular value of a matrix , 1975 .

[10]  Hong Chen,et al.  Differentially private density estimation via Gaussian mixtures model , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).

[11]  Roksana Boreli,et al.  Applying Differential Privacy to Matrix Factorization , 2015, RecSys.

[12]  Ufuk Topcu,et al.  Private Convex Optimization with Piecewise Ane Objectives , 2014 .

[13]  Andrew Gordon Wilson,et al.  Scalable Gaussian Processes for Characterizing Multidimensional Change Surfaces , 2015, AISTATS.

[14]  Ling Huang,et al.  Learning in a Large Function Space: Privacy-Preserving Mechanisms for SVM Learning , 2009, J. Priv. Confidentiality.

[15]  Larry A. Wasserman,et al.  Differential privacy for functions and functional data , 2012, J. Mach. Learn. Res..

[16]  Adam D. Smith,et al.  Composition attacks and auxiliary information in data privacy , 2008, KDD.

[17]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[18]  Antti Honkela,et al.  Differentially private Bayesian learning on distributed data , 2017, NIPS.

[19]  Anand D. Sarwate,et al.  Stochastic gradient descent with differentially private updates , 2013, 2013 IEEE Global Conference on Signal and Information Processing.

[20]  Yin Yang,et al.  Differentially private histogram publication , 2012, 2012 IEEE 28th International Conference on Data Engineering.