Context-aware generative adversarial privacy

Chong Huang, Peter Kairouz, Xiao Chen, Lalitha Sankar, Ram Rajagopal

Research output: Contribution to journalArticlepeer-review

36 Scopus citations

Abstract

Preserving the utility of published datasets while simultaneously providing provable privacy guarantees is a well-known challenge. On the one hand, context-free privacy solutions, such as differential privacy, provide strong privacy guarantees, but often lead to a significant reduction in utility. On the other hand, context-aware privacy solutions, such as information theoretic privacy, achieve an improved privacy-utility tradeoff, but assume that the data holder has access to dataset statistics. We circumvent these limitations by introducing a novel context-aware privacy framework called generative adversarial privacy (GAP). GAP leverages recent advancements in generative adversarial networks (GANs) to allow the data holder to learn privatization schemes from the dataset itself. Under GAP, learning the privacy mechanism is formulated as a constrained minimax game between two players: a privatizer that sanitizes the dataset in a way that limits the risk of inference attacks on the individuals' private variables, and an adversary that tries to infer the private variables from the sanitized dataset. To evaluate GAP's performance, we investigate two simple (yet canonical) statistical dataset models: (a) the binary data model; and (b) the binary Gaussian mixture model. For both models, we derive game-theoretically optimal minimax privacy mechanisms, and show that the privacy mechanisms learned from data (in a generative adversarial fashion) match the theoretically optimal ones. This demonstrates that our framework can be easily applied in practice, even in the absence of dataset statistics.

Original languageEnglish (US)
Article number656
JournalEntropy
Volume19
Issue number12
DOIs
StatePublished - Dec 1 2017

Keywords

  • Adversarial network
  • Differential privacy
  • Error probability games
  • Generative adversarial networks
  • Generative adversarial privacy
  • Information theoretic privacy
  • Machine learning
  • Mutual information privacy
  • Privatizer network
  • Statistical data privacy

ASJC Scopus subject areas

  • Physics and Astronomy(all)

Fingerprint Dive into the research topics of 'Context-aware generative adversarial privacy'. Together they form a unique fingerprint.

Cite this