Differentially private (DP) mechanisms face the challenge of providing accurate results while protecting their inputs: the privacy-utility trade-off. A simple but powerful technique for DP adds noise to sensitivity-bounded query outputs to blur the exact query output: additive mechanisms. While a vast body of work considers infinitely wide noise distributions, some applications (e.g., real-time operating systems) require hard bounds on the deviations from the real query, and only limited work on such mechanisms exist. An additive mechanism with truncated noise (i.e., with bounded range) can offer such hard bounds. We introduce a gradient-descent-based tool to learn truncated noise for additive mechanisms with strong utility bounds while simultaneously optimizing for differential privacy under sequential composition, i.e., scenarios where multiple noisy queries on the same data are revealed. Our method can learn discrete noise patterns and not only hyper-parameters of a predefined probability distribution. For sensitivity bounded mechanisms, we show that it is sufficient to consider symmetric and that\new{, for from the mean monotonically falling noise,} ensuring privacy for a pair of representative query outputs guarantees privacy for all pairs of inputs (that differ in one element). We find that the utility-privacy trade-off curves of our generated noise are remarkably close to truncated Gaussians and even replicate their shape for $l_2$ utility-loss. For a low number of compositions, we also improved DP-SGD (sub-sampling). Moreover, we extend Moments Accountant to truncated distributions, allowing to incorporate mechanism output events with varying input-dependent zero occurrence probability.
翻译:不同的私人(DP)机制面临在保护其投入的同时提供准确结果的挑战: 隐私- 公用交换。 一种简单但有力的DP技术在敏感度限制的查询输出中添加噪音,以模糊精确的查询输出: 添加机制。 虽然大量的工作考虑到无穷无尽的噪音分布,但有些应用程序(例如实时操作系统)需要严格限制与真实查询的偏差,而且这类机制上的工作也很有限。 一个具有松散的噪音(例如,有约束范围的)的添加机制可以提供这样的硬界限。 我们引入了一个基于渐渐变的日光亮度的驱动程序工具, 以学习具有强大功能界限的添加机制的杂音, 从而模糊的查询输出 : 添加机制。 一些应用程序( 例如实时操作系统) 需要严格限制与真实查询的偏差的噪音分布模式, 而对于这种机制来说,只有超度的概率分布。 对于敏感度机制来说,我们有足够的时间来考虑对等值的、 和new 的构成 。 从隐含性硬度的磁度变变变变的变变的变的变式数据 。