Generative Adversarial Privacy: A Context-Aware Approach to Privacy-Guaranteed Data Publishing

Vinod M. Prabhakaran
Thursday, 21 Dec 2017, 11:00 to 12:00
A-201 (STCS Seminar Room)
Preserving the utility of published datasets while simultaneously providing provable privacy guarantees is a well-known challenge. On the one hand, context-free privacy solutions, such as differential privacy, provide strong privacy guarantees, but often lead to a significant reduction in utility. On the other hand, context-aware privacy solutions, such as information theoretic privacy, achieve an improved privacy-utility tradeoff, but assume that the data curator has access to dataset statistics. We circumvent these limitations by introducing a novel context-aware data-driven privacy framework called generative adversarial privacy (GAP). GAP leverages recent advancements in generative adversarial networks (GANs) to allow the data holder to learn privatization schemes from the dataset itself. Under GAP, learning the privacy mechanism is formulated as a constrained minimax game between two players: a privatizer that sanitizes the dataset in a way that limits the risk of inference attacks on the private variables, and an adversary that tries to infer the private variables from the sanitized dataset.  To evaluate the performance of GAP, we investigate two simple (yet canonical) statistical dataset models: (a) the binary data model, and (b) the binary Gaussian mixture model. For both models, we derive game-theoretically optimal minimax privacy mechanisms, and show that the privacy mechanisms learned from data (in a generative adversarial fashion) match the theoretically optimal ones. This demonstrates that our framework can be easily applied in practice, even in the absence of dataset statistics (joint work with Chong Huang (ASU), Peter Kairouz (Stanford), Xiao Chen (Stanford), and Ram Rajagopal (Stanford).
Bio: Lalitha Sankar received the B.Tech degree from the Indian Institute of Technology, Bombay, the M.S. degree from the University of Maryland, and the Ph.D degree from Rutgers University. She is presently an Assistant Professor in the ECEE department at Arizona State University. Prior to this, she was an Associate Research Scholar at Princeton University. Following her doctorate, Dr Sankar was a recipient of a three-year Science and Technology teaching postdoctoral fellowship from the Council on Science and Technology at Princeton University. Her research interests include information privacy and cybersecurity in distributed and cyber-physical systems. For her doctoral work, she received the 2007-2008 Electrical Engineering Academic Achievement Award from Rutgers University. She received the IEEE Globecom 2011 Best Paper award for her work on side-information privacy and the US National Science Foundation CAREER award in 2014.