The Johnson-Lindenstrauss Transform Itself Preserves Differential Privacy
- 1 October 2012
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 410-419
- https://doi.org/10.1109/focs.2012.67
Abstract
This paper proves that an "old dog", namely - the classical Johnson-Lindenstrauss transform, "performs new tricks" - it gives a novel way of preserving differential privacy. We show that if we take two databases, D and D', such that (i) D'-D is a rank-1 matrix of bounded norm and (ii) all singular values of D and D' are sufficiently large, then multiplying either D or D' with a vector of iid normal Gaussians yields two statistically close distributions in the sense of differential privacy. Furthermore, a small, deterministic and public alteration of the input is enough to assert that all singular values of D are large. We apply the Johnson-Lindenstrauss transform to the task of approximating cut-queries: the number of edges crossing a (S, S)-cut in a graph. We show that the JL transform allows us to publish a sanitized graph that preserves edge differential privacy (where two graphs are neighbors if they differ on a single edge) while adding only O(|S|ϵ) random noise to any given query (w.h.p). Comparing the additive noise of our algorithm to existing algorithms for answering cut-queries in a differentially private manner, we outperform all others on small cuts (|S| = o(n)). We also apply our technique to the task of estimating the variance of a given matrix in any given direction. The JL transform allows us to publish a sanitized covariance matrix that preserves differential privacy w.r.t bounded changes (each row in the matrix can change by at most a norm-1 vector) while adding random noise of magnitude independent of the size of the matrix (w.h.p). In contrast, existing algorithms introduce an error which depends on the matrix dimensions.Keywords
Other Versions
This publication has 20 references indexed in Scilit:
- Beating randomized response on incoherent matricesPublished by Association for Computing Machinery (ACM) ,2012
- Finding Structure with Randomness: Probabilistic Algorithms for Constructing Approximate Matrix DecompositionsSiam Review, 2011
- A firm foundation for private data analysisCommunications of the ACM, 2011
- A sparse JohnsonPublished by Association for Computing Machinery (ACM) ,2010
- A learning theory approach to non-interactive database privacyPublished by Association for Computing Machinery (ACM) ,2008
- Smooth sensitivity and sampling in private data analysisPublished by Association for Computing Machinery (ACM) ,2007
- Kernels as features: On kernels, margins, and low-dimensional mappingsMachine Learning, 2006
- Practical privacyPublished by Association for Computing Machinery (ACM) ,2005
- Extensions of Lipschitz mappings into a Hilbert spaceContemporary Mathematics, 1984
- Randomized Response: A Survey Technique for Eliminating Evasive Answer BiasJournal of the American Statistical Association, 1965