Privacy Induces Robustness: Information-Computation Gaps and Sparse Mean
Estimation
- URL: http://arxiv.org/abs/2211.00724v1
- Date: Tue, 1 Nov 2022 20:03:41 GMT
- Title: Privacy Induces Robustness: Information-Computation Gaps and Sparse Mean
Estimation
- Authors: Kristian Georgiev, Samuel B. Hopkins
- Abstract summary: We investigate the consequences of this observation for both algorithms and computational complexity across different statistical problems.
We establish an information-computation gap for private sparse mean estimation.
We also give evidence for privacy-induced information-computation gaps for several other statistics and learning problems.
- Score: 8.9598796481325
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: We establish a simple connection between robust and differentially-private
algorithms: private mechanisms which perform well with very high probability
are automatically robust in the sense that they retain accuracy even if a
constant fraction of the samples they receive are adversarially corrupted.
Since optimal mechanisms typically achieve these high success probabilities,
our results imply that optimal private mechanisms for many basic statistics
problems are robust.
We investigate the consequences of this observation for both algorithms and
computational complexity across different statistical problems. Assuming the
Brennan-Bresler secret-leakage planted clique conjecture, we demonstrate a
fundamental tradeoff between computational efficiency, privacy leakage, and
success probability for sparse mean estimation. Private algorithms which match
this tradeoff are not yet known -- we achieve that (up to polylogarithmic
factors) in a polynomially-large range of parameters via the Sum-of-Squares
method.
To establish an information-computation gap for private sparse mean
estimation, we also design new (exponential-time) mechanisms using fewer
samples than efficient algorithms must use. Finally, we give evidence for
privacy-induced information-computation gaps for several other statistics and
learning problems, including PAC learning parity functions and estimation of
the mean of a multivariate Gaussian.
Related papers
- Best Arm Identification with Fixed Budget: A Large Deviation Perspective [54.305323903582845]
We present sred, a truly adaptive algorithm that can reject arms in it any round based on the observed empirical gaps between the rewards of various arms.
In particular, we present sred, a truly adaptive algorithm that can reject arms in it any round based on the observed empirical gaps between the rewards of various arms.
arXiv Detail & Related papers (2023-12-19T13:17:43Z) - Differentially Private Linear Regression with Linked Data [3.9325957466009203]
Differential privacy, a mathematical notion from computer science, is a rising tool offering robust privacy guarantees.
Recent work focuses on developing differentially private versions of individual statistical and machine learning tasks.
We present two differentially private algorithms for linear regression with linked data.
arXiv Detail & Related papers (2023-08-01T21:00:19Z) - Stability is Stable: Connections between Replicability, Privacy, and
Adaptive Generalization [26.4468964378511]
A replicable algorithm gives the same output with high probability when its randomness is fixed.
Using replicable algorithms for data analysis can facilitate the verification of published results.
We establish new connections and separations between replicability and standard notions of algorithmic stability.
arXiv Detail & Related papers (2023-03-22T21:35:50Z) - On the Privacy-Robustness-Utility Trilemma in Distributed Learning [7.778461949427662]
We present the first tight analysis of the error incurred by any algorithm ensuring robustness against a fraction of adversarial machines.
Our analysis exhibits a fundamental trade-off between privacy, robustness, and utility.
arXiv Detail & Related papers (2023-02-09T17:24:18Z) - Robustness Implies Privacy in Statistical Estimation [16.061651295129302]
We study the relationship between adversarial and differential privacy in high-dimensional statistics.
We give the first blackbox reduction from privacy to robustness which can produce private estimators with optimal tradeoffs.
Our algorithms are also robust to a nearly optimal fraction of adversarially-corrupted samples.
arXiv Detail & Related papers (2022-12-09T18:07:30Z) - Learning to Bound Counterfactual Inference in Structural Causal Models
from Observational and Randomised Data [64.96984404868411]
We derive a likelihood characterisation for the overall data that leads us to extend a previous EM-based algorithm.
The new algorithm learns to approximate the (unidentifiability) region of model parameters from such mixed data sources.
It delivers interval approximations to counterfactual results, which collapse to points in the identifiable case.
arXiv Detail & Related papers (2022-12-06T12:42:11Z) - Decentralized Stochastic Optimization with Inherent Privacy Protection [103.62463469366557]
Decentralized optimization is the basic building block of modern collaborative machine learning, distributed estimation and control, and large-scale sensing.
Since involved data, privacy protection has become an increasingly pressing need in the implementation of decentralized optimization algorithms.
arXiv Detail & Related papers (2022-05-08T14:38:23Z) - Robust and Differentially Private Mean Estimation [40.323756738056616]
Differential privacy has emerged as a standard requirement in a variety of applications ranging from the U.S. Census to data collected in commercial devices.
An increasing number of such databases consist of data from multiple sources, not all of which can be trusted.
This leaves existing private analyses vulnerable to attacks by an adversary who injects corrupted data.
arXiv Detail & Related papers (2021-02-18T05:02:49Z) - Differentially Private Clustering: Tight Approximation Ratios [57.89473217052714]
We give efficient differentially private algorithms for basic clustering problems.
Our results imply an improved algorithm for the Sample and Aggregate privacy framework.
One of the tools used in our 1-Cluster algorithm can be employed to get a faster quantum algorithm for ClosestPair in a moderate number of dimensions.
arXiv Detail & Related papers (2020-08-18T16:22:06Z) - New Oracle-Efficient Algorithms for Private Synthetic Data Release [52.33506193761153]
We present three new algorithms for constructing differentially private synthetic data.
The algorithms satisfy differential privacy even in the worst case.
Compared to the state-of-the-art method High-Dimensional Matrix Mechanism citeMcKennaMHM18, our algorithms provide better accuracy in the large workload.
arXiv Detail & Related papers (2020-07-10T15:46:05Z) - Instability, Computational Efficiency and Statistical Accuracy [101.32305022521024]
We develop a framework that yields statistical accuracy based on interplay between the deterministic convergence rate of the algorithm at the population level, and its degree of (instability) when applied to an empirical object based on $n$ samples.
We provide applications of our general results to several concrete classes of models, including Gaussian mixture estimation, non-linear regression models, and informative non-response models.
arXiv Detail & Related papers (2020-05-22T22:30:52Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.