-
Differentially Private Ad Conversion Measurement
Authors:
John Delaney,
Badih Ghazi,
Charlie Harrison,
Christina Ilvento,
Ravi Kumar,
Pasin Manurangsi,
Martin Pal,
Karthik Prabhakar,
Mariana Raykova
Abstract:
In this work, we study ad conversion measurement, a central functionality in digital advertising, where an advertiser seeks to estimate advertiser website (or mobile app) conversions attributed to ad impressions that users have interacted with on various publisher websites (or mobile apps). Using differential privacy (DP), a notion that has gained in popularity due to its strong mathematical guara…
▽ More
In this work, we study ad conversion measurement, a central functionality in digital advertising, where an advertiser seeks to estimate advertiser website (or mobile app) conversions attributed to ad impressions that users have interacted with on various publisher websites (or mobile apps). Using differential privacy (DP), a notion that has gained in popularity due to its strong mathematical guarantees, we develop a formal framework for private ad conversion measurement. In particular, we define the notion of an operationally valid configuration of the attribution rule, DP adjacency relation, contribution bounding scope and enforcement point. We then provide, for the set of configurations that most commonly arises in practice, a complete characterization, which uncovers a delicate interplay between attribution and privacy.
△ Less
Submitted 22 March, 2024;
originally announced March 2024.
-
UN Handbook on Privacy-Preserving Computation Techniques
Authors:
David W. Archer,
Borja de Balle Pigem,
Dan Bogdanov,
Mark Craddock,
Adria Gascon,
Ronald Jansen,
Matjaž Jug,
Kim Laine,
Robert McLellan,
Olga Ohrimenko,
Mariana Raykova,
Andrew Trask,
Simon Wardley
Abstract:
This paper describes privacy-preserving approaches for the statistical analysis. It describes motivations for privacy-preserving approaches for the statistical analysis of sensitive data, presents examples of use cases where such methods may apply and describes relevant technical capabilities to assure privacy preservation while still allowing analysis of sensitive data. Our focus is on methods th…
▽ More
This paper describes privacy-preserving approaches for the statistical analysis. It describes motivations for privacy-preserving approaches for the statistical analysis of sensitive data, presents examples of use cases where such methods may apply and describes relevant technical capabilities to assure privacy preservation while still allowing analysis of sensitive data. Our focus is on methods that enable protecting privacy of data while it is being processed, not only while it is at rest on a system or in transit between systems. The information in this document is intended for use by statisticians and data scientists, data curators and architects, IT specialists, and security and information assurance specialists, so we explicitly avoid cryptographic technical details of the technologies we describe.
△ Less
Submitted 15 January, 2023;
originally announced January 2023.
-
Think Global, Act Local: Gossip and Client Audits in Verifiable Data Structures
Authors:
Sarah Meiklejohn,
Pavel Kalinnikov,
Cindy S. Lin,
Martin Hutchinson,
Gary Belvin,
Mariana Raykova,
Al Cutter
Abstract:
In recent years, there has been increasing recognition of the benefits of having services provide auditable logs of data, as demonstrated by the deployment of Certificate Transparency and the development of other transparency projects. Most proposed systems, however, rely on a gossip protocol by which users can be assured that they have the same view of the log, but the few gossip protocols that d…
▽ More
In recent years, there has been increasing recognition of the benefits of having services provide auditable logs of data, as demonstrated by the deployment of Certificate Transparency and the development of other transparency projects. Most proposed systems, however, rely on a gossip protocol by which users can be assured that they have the same view of the log, but the few gossip protocols that do exist today are not suited for near-term deployment. Furthermore, they assume the presence of global sets of auditors, who must be blindly trusted to correctly perform their roles, in order to achieve their stated transparency goals. In this paper, we address both of these issues by proposing a gossip protocol and a verifiable registry, Mog, in which users can perform their own auditing themselves. We prove the security of our protocols and demonstrate via experimental evaluations that they are performant in a variety of potential near-term deployments.
△ Less
Submitted 9 November, 2020;
originally announced November 2020.
-
Advances and Open Problems in Federated Learning
Authors:
Peter Kairouz,
H. Brendan McMahan,
Brendan Avent,
Aurélien Bellet,
Mehdi Bennis,
Arjun Nitin Bhagoji,
Kallista Bonawitz,
Zachary Charles,
Graham Cormode,
Rachel Cummings,
Rafael G. L. D'Oliveira,
Hubert Eichner,
Salim El Rouayheb,
David Evans,
Josh Gardner,
Zachary Garrett,
Adrià Gascón,
Badih Ghazi,
Phillip B. Gibbons,
Marco Gruteser,
Zaid Harchaoui,
Chaoyang He,
Lie He,
Zhouyuan Huo,
Ben Hutchinson
, et al. (34 additional authors not shown)
Abstract:
Federated learning (FL) is a machine learning setting where many clients (e.g. mobile devices or whole organizations) collaboratively train a model under the orchestration of a central server (e.g. service provider), while keeping the training data decentralized. FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs re…
▽ More
Federated learning (FL) is a machine learning setting where many clients (e.g. mobile devices or whole organizations) collaboratively train a model under the orchestration of a central server (e.g. service provider), while keeping the training data decentralized. FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs resulting from traditional, centralized machine learning and data science approaches. Motivated by the explosive growth in FL research, this paper discusses recent advances and presents an extensive collection of open problems and challenges.
△ Less
Submitted 8 March, 2021; v1 submitted 10 December, 2019;
originally announced December 2019.
-
Secure Computation for Machine Learning With SPDZ
Authors:
Valerie Chen,
Valerio Pastro,
Mariana Raykova
Abstract:
Secure Multi-Party Computation (MPC) is an area of cryptography that enables computation on sensitive data from multiple sources while maintaining privacy guarantees. However, theoretical MPC protocols often do not scale efficiently to real-world data. This project investigates the efficiency of the SPDZ framework, which provides an implementation of an MPC protocol with malicious security, in the…
▽ More
Secure Multi-Party Computation (MPC) is an area of cryptography that enables computation on sensitive data from multiple sources while maintaining privacy guarantees. However, theoretical MPC protocols often do not scale efficiently to real-world data. This project investigates the efficiency of the SPDZ framework, which provides an implementation of an MPC protocol with malicious security, in the context of popular machine learning (ML) algorithms. In particular, we chose applications such as linear regression and logistic regression, which have been implemented and evaluated using semi-honest MPC techniques. We demonstrate that the SPDZ framework outperforms these previous implementations while providing stronger security.
△ Less
Submitted 2 January, 2019;
originally announced January 2019.