Low-rank mechanism
- 1 July 2012
- journal article
- research article
- Published by Association for Computing Machinery (ACM) in Proceedings of the VLDB Endowment
- Vol. 5 (11), 1352-1363
- https://doi.org/10.14778/2350229.2350252
Abstract
Differential privacy is a promising privacy-preserving paradigm for statistical query processing over sensitive data. It works by injecting random noise into each query result, such that it is provably hard for the adversary to infer the presence or absence of any individual record from the published noisy results. The main objective in differentially private query processing is to maximize the accuracy of the query results, while satisfying the privacy guarantees. Previous work, notably the matrix mechanism [16], has suggested that processing a batch of correlated queries as a whole can potentially achieve considerable accuracy gains, compared to answering them individually. However, as we point out in this paper, the matrix mechanism is mainly of theoretical interest; in particular, several inherent problems in its design limit its accuracy in practice, which almost never exceeds that of naive methods. In fact, we are not aware of any existing solution that can effectively optimize a query batch under differential privacy. Motivated by this, we propose the Low-Rank Mechanism (LRM), the first practical differentially private technique for answering batch queries with high accuracy, based on a low rank approximation of the workload matrix. We prove that the accuracy provided by LRM is close to the theoretical lower bound for any mechanism to answer a batch of queries under differential privacy. Extensive experiments using real data demonstrate that LRM consistently outperforms state-of-the-art query processing solutions under differential privacy, by large margins.This publication has 29 references indexed in Scilit:
- Compressive mechanismPublished by Association for Computing Machinery (ACM) ,2011
- Boosting the accuracy of differentially private histograms through consistencyProceedings of the VLDB Endowment, 2010
- Data mining with differential privacyPublished by Association for Computing Machinery (ACM) ,2010
- On the geometry of differential privacyPublished by Association for Computing Machinery (ACM) ,2010
- A learning theory approach to non-interactive database privacyPublished by Association for Computing Machinery (ACM) ,2008
- A Direct Formulation for Sparse PCA Using Semidefinite ProgrammingSIAM Review, 2007
- Calibrating Noise to Sensitivity in Private Data AnalysisLecture Notes in Computer Science, 2006
- Volumes of Generalized Unit BallsMathematics Magazine, 2005
- Nonmonotone Spectral Projected Gradient Methods on Convex SetsSIAM Journal on Optimization, 2000
- A globally convergent Lagrangian barrier algorithm for optimization with general inequality constraints and simple boundsMathematics of Computation, 1997