Results 1  10
of
16
Privacy Aware Learning
"... We study statistical risk minimization problems under a version of privacy in which the data is kept confidential even from the learner. In this local privacy framework, we establish sharp upper and lower bounds on the convergence rates of statistical estimation procedures. As a consequence, we exhi ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
We study statistical risk minimization problems under a version of privacy in which the data is kept confidential even from the learner. In this local privacy framework, we establish sharp upper and lower bounds on the convergence rates of statistical estimation procedures. As a consequence, we exhibit a precise tradeoff between the amount of privacy the data preserves and the utility, measured by convergence rate, of any statistical estimator. 1
Protecting locations with differential privacy under temporal correlations
 In CCS
, 2015
"... Concerns on location privacy frequently arise with the rapid development of GPS enabled devices and locationbased applications. While spatial transformation techniques such as location perturbation or generalization have been studied extensively, most techniques rely on syntactic privacy models w ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Concerns on location privacy frequently arise with the rapid development of GPS enabled devices and locationbased applications. While spatial transformation techniques such as location perturbation or generalization have been studied extensively, most techniques rely on syntactic privacy models without rigorous privacy guarantee. Many of them only consider static scenarios or perturb the location at single timestamps without considering temporal correlations of a moving user’s locations, and hence are vulnerable to various inference attacks. While differential privacy has been accepted as a standard for privacy protection, applying differential privacy in location based applications presents new challenges, as the protection needs to be enforced on the fly for a single user and needs to incorporate temporal correlations between a user’s locations. In this paper, we propose a systematic solution to preserve location privacy with rigorous privacy guarantee. First, we propose a new definition, “δlocation set ” based differential privacy, to account for the temporal correlations in location data. Second, we show that the well known `1norm sensitivity fails to capture the geometric sensitivity in multidimensional space and propose a new notion, sensitivity hull, based on which the error of differential privacy is bounded. Third, to obtain the optimal utility we present a planar isotropic mechanism (PIM) for location perturbation, which is the first mechanism achieving the lower bound of differential privacy. Experiments on realworld datasets also demonstrate that PIM significantly outperforms baseline approaches in data utility.
Integer Feasibility of Random Polytopes
, 2014
"... We study the ChanceConstrained Integer Feasibility Problem, where the goal is to determine whether the random polytope P (A, b) = {x ∈ Rn: Aix ≤ bi, i ∈ [m]} obtained by choosing the constraint matrix A and vector b from a known distribution is integer feasible with probability at least 1 − . We c ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
We study the ChanceConstrained Integer Feasibility Problem, where the goal is to determine whether the random polytope P (A, b) = {x ∈ Rn: Aix ≤ bi, i ∈ [m]} obtained by choosing the constraint matrix A and vector b from a known distribution is integer feasible with probability at least 1 − . We consider the case when the entries of the constraint matrix A are i.i.d. Gaussian (equivalently are i.i.d. from any spherically symmetric distribution). The radius of the largest inscribed ball is closely related to the existence of integer points in the polytope. We find that for m up to 2O( n) constraints (rows of A), there exist constants c0 < c1 such that with high probability ( = 1/poly(n)), random polytopes are integer feasible if the radius of the largest ball contained in the polytope is at least c1 log (m/n); and integer infeasible if the largest ball contained in the polytope is centered at (1/2,..., 1/2) and has radius at most c0 log (m/n). Thus, random polytopes transition from having no integer points to being integer feasible within a constant factor increase in the radius of the largest inscribed ball. Integer feasibility is based on a randomized polynomialtime algorithm for finding an integer point in the polytope. Our main tool is a simple new connection between integer feasibility and linear discrepancy. We extend a recent algorithm for finding lowdiscrepancy solutions to give a constructive upper bound on the linear discrepancy of random Gaussian matrices. By our connection between discrepancy and integer feasibility, this upper bound on linear discrepancy translates to the radius bound that guarantees integer feasibility of random polytopes.
Approximating hereditary discrepancy via small width ellipsoids
, 2013
"... Abstract The Discrepancy of a hypergraph is the minimum attainable value, over twocolorings of its vertices, of the maximum absolute imbalance of any hyperedge. The Hereditary Discrepancy of a hypergraph, defined as the maximum discrepancy of a restriction of the hypergraph to a subset of its verti ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract The Discrepancy of a hypergraph is the minimum attainable value, over twocolorings of its vertices, of the maximum absolute imbalance of any hyperedge. The Hereditary Discrepancy of a hypergraph, defined as the maximum discrepancy of a restriction of the hypergraph to a subset of its vertices, is a measure of its complexity. Lovász, Spencer and Vesztergombi (1986) related the natural extension of this quantity to matrices to rounding algorithms for linear programs, and gave a determinant based lower bound on the hereditary discrepancy. Matoušek (2011) showed that this bound is tight up to a polylogarithmic factor, leaving open the question of actually computing this bound. Recent work by Nikolov, Talwar and Zhang (2013) showed a polynomial timeÕ(log 3 n)approximation to hereditary discrepancy, as a byproduct of their work in differential privacy. In this paper, we give a direct simple O(log 3/2 n)approximation algorithm for this problem. We show that up to this approximation factor, the hereditary discrepancy of a matrix A is characterized by the optimal value of simple geometric convex program that seeks to minimize the largest ℓ∞ norm of any point in a ellipsoid containing the columns of A. This characterization promises to be a useful tool in discrepancy theory.
On largest volume simplices and subdeterminants
, 2014
"... We show that the problem of finding the simplex of largest volume in the convex hull of n points in Qd can be approximated with a factor of O(log d)d/2 in polynomial time. This improves upon the previously best known approximation guarantee of d(d−1)/2 by Khachiyan. On the other hand, we show that t ..."
Abstract
 Add to MetaCart
We show that the problem of finding the simplex of largest volume in the convex hull of n points in Qd can be approximated with a factor of O(log d)d/2 in polynomial time. This improves upon the previously best known approximation guarantee of d(d−1)/2 by Khachiyan. On the other hand, we show that there exists a constant c> 1 such that this problem cannot be approximated with a factor of cd, unless P = NP. Our hardness result holds even if n = O(d), in which case there exists a c ̄ dapproximation algorithm that relies on recent sampling techniques, where c ̄ is again a constant. We show that similar results hold for the problem of finding the largest absolute value of a subdeterminant of a d × n matrix.
Research Statement
, 2015
"... My research focuses on problems in differential privacy, mechanism design, learning theory and increasingly, on the surprisingly rich intersection of these fields. These areas are bound together not only by a common set of techniques, but also by the underlying problems that they wish to solve. For ..."
Abstract
 Add to MetaCart
My research focuses on problems in differential privacy, mechanism design, learning theory and increasingly, on the surprisingly rich intersection of these fields. These areas are bound together not only by a common set of techniques, but also by the underlying problems that they wish to solve. For example, privacy and mechanism design are both concerned about the now common task of computing on data that may not
Differential Privacy in distribution and instancebased noise mechanisms
"... In this paper, we introduce the notion of (, δ)differential privacy in distribution, a strong version of the existing (, δ)differential privacy, used to mathematically ensure that private data of an individual are protected when embedded into a queried database. In practice, such property is obta ..."
Abstract
 Add to MetaCart
(Show Context)
In this paper, we introduce the notion of (, δ)differential privacy in distribution, a strong version of the existing (, δ)differential privacy, used to mathematically ensure that private data of an individual are protected when embedded into a queried database. In practice, such property is obtained by adding some relevant noise. Our new notion permits to simplify proofs of (, δ) privacy for mechanisms adding noise with a continuous distribution. As a first example, we give a simple proof that the Gaussian mechanism is (, δ)differentially private in distribution. Using differential privacy in distribution, we then give simple conditions for an instancebased noise mechanism to be (, δ)differentially private. After that, we exploit these conditions to design a new (, δ)differentially private instancebased noise algorithm. Compare to existing ones, our algorithm have a better accuracy when used to answer a query in a differentially private manner. In particular, our algorithm does not require the computation of the socalled Smooth Sensitivity, usually used in instancebased noise algorithms, and which was proved to be NP hard to compute in some cases, namely statistics queries on some graphs. Our algorithm handles such situations and in particular some cases for which no instancebased noise mechanism were known to perform well. 1