CIF: Medium: Collaborative Research: Information-theoretic Guarantees on Privacy in the Age of Learning

CIF：媒介：协作研究：学习时代隐私的信息理论保证

基本信息

批准号：
1900750
负责人：
Flavio Calmon
金额：
$ 38.3万
依托单位：
Harvard University
依托单位国家：
美国
项目类别：
Continuing Grant
财政年份：
2019
资助国家：
美国
起止时间：
2019-06-01 至 2024-05-31
项目状态：
已结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=1900750&HistoricalAwards=false
关键词：
CIF Medium Collaborative Research Information

项目摘要

Armed with powerful advances in machine learning, the ability of an interested party to gather personal information from an individual's expanding digital footprint is outstripping anyone's capability to keep their information private. While this aggregated data can have tremendous benefit for consumers and data scientists via technologies built on machine learning and artificial intelligence, this benefit must be tempered with meaningful assurances of privacy for the very people who provided the data in the first place. This project adopts a rigorous information-theoretic approach to give meaningful privacy guarantees while still providing statistical utility. By combining theoretical and data-driven research, this project can inform public policy as well as best-practices for industry. The overall goal is to provide any data scientist with a set of tools to guarantee meaningful privacy in practice. To do so, this project explores meaningful measures of privacy leakage in the learning context, characterizes the fundamental tradeoffs between privacy and utility, develops techniques to ensure privacy in realistic settings, and tests these algorithms on publicly available datasets. The project is also committed to broadening participation in computing via two outreach efforts: (i) interactive demonstrations of privacy issues that stem from using social media to middle and high school students via ASU's annual STEM event, Open Door, and (ii) teaching modules on machine learning (ML) and artificial intelligence (AI), and short courses ("data jams") at ASU via the Young Engineers Shape the World (YESW) summer program and at Harvard; these modules, targeted at female, financially disadvantaged, and Latino and Hispanic students, aim to make a meaningful contribution to increasing a diverse STEM workforce by providing students hands-on experience on basic concepts of coding, manipulating datasets, and producing simple visualizations collectively. Outreach efforts will be evaluated using well understood metrics for assessment of student interest, engagement, and knowledge via ASU?s College Research and Evaluation Services Team (CREST).This project aims to derive a foundational, statistical theory of privacy that builds upon and contributes to modern theoretical advances in information theory and machine learning. The statistical nature of inference (both for legitimate and illegitimate ends) requires a statistical approach to measuring and ensuring privacy and utility. A significant novel element derived from this view is the maximal alpha leakage, a new, tunable measure for information leakage which quantifies the ability of an adversary to learn any function of private data via a parametric class of loss functions. This tunable measure is derived from a rich information-theoretic framework based on Renyi divergence, thereby uniting disparate existing measures under a single framework. Moreover, its operational significance and computational flexibility allow for natural application in machine learning. In the context of these measures, this project studies privacy-utility tradeoffs both theoretically and in a data-driven manner in two distinct settings: (i) releasing datasets in a similar form as the original, with privacy and strict utility guarantees for arbitrary statistical analysis, and (ii) releasing privacy-guaranteed data representations for specific learning tasks. Broader dissemination of the work will go beyond conferences to organizing a privacy workshop in the latter half of the project to enable inter-disciplinary interactions and application.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

有了在机器学习方面的强大进步，感兴趣的方从个人扩展的数字足迹中收集个人信息的能力超越了任何人的能力，使他们的信息保持私密。尽管这些汇总数据可以通过基于机器学习和人工智能的技术为消费者和数据科学家带来巨大的好处，但对于首先提供数据的人来说，必须对隐私的有意义的隐私保证进行纠正。该项目采用了严格的信息理论方法来提供有意义的隐私保证，同时仍提供统计公用事业。通过结合理论和数据驱动的研究，该项目可以为公共政策以及行业的最佳实践提供信息。总体目标是为任何数据科学家提供一组工具，以确保实践中有意义的隐私。为此，该项目探讨了在学习环境中隐私泄漏的有意义的衡量标准，表征了隐私和公用事业之间的基本权衡，开发了在现实环境中确保隐私的技术，并在公开可用的数据集中测试这些算法。该项目还致力于通过两项宣传工作扩大参与计算的参与：（i）通过ASU的年度STEM事件，开放式门，开放式门，以及（ii）关于机器学习的教学模块（ML）和人工智能（AI）（AI），以及在ASU的Short Asu and Sharge（JAT JAMS）（“ DATA JAMS”（YEAD JAMS）的夏季，该公司（ii）夏季（Youss youngers Shoump）（Yes Younge norke）（Youss younger Shopp），这些模块针对女性，财务不利，拉丁裔和西班牙裔学生，旨在通过为学生在编码，操纵数据集的基本概念方面的实践经验和共同生产简单可视化的基本概念来为增加多样化的STEM劳动力做出有意义的贡献。将使用广泛理解的指标对外展工作进行评估，以评估ASU的大学研究与评估服务团队（CREST）的学生兴趣，参与度和知识。该项目旨在得出基础的基础，统计的隐私理论，并为信息理论和机器学习方面的现代理论进步提供了现代理论。推理的统计性质（无论是合法和非法目的）需要一种统计方法来衡量和确保隐私和效用。从这种角度得出的一个重要的新元素是最大alpha泄漏，这是一种新的，可调的信息泄漏措施，可量化对手通过参数损失函数学习私人数据的任何功能的能力。这种可调的度量来自基于Renyi差异的丰富信息理论框架，从而在单个框架下团结了不同的现有措施。此外，其运行意义和计算灵活性允许在机器学习中进行自然应用。在这些措施的背景下，该项目在理论上和以数据驱动的方式研究了隐私 - 实用性的权衡，以两个不同的环境进行：（i）以与原始形式相似的形式发布数据集，并保证隐私统计分析的隐私和效用，以保证（II）释放隐私权保密数据来释放特定的学习数据代表。对工作的更广泛的传播将超越会议，以在项目后半段组织一个隐私研讨会，以实现跨学科的互动和应用。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛的审查标准通过评估来通过评估来支持的。