Privacy-Preserving Adversarial Networks
Abstract
We propose a data-driven framework for optimizing privacy-preserving data release mechanisms to attain the information-theoretically optimal tradeoff between minimizing distortion of useful data and concealing specific sensitive information. Our approach employs adversarially-trained neural networks to implement randomized mechanisms and to perform a variational approximation of mutual information privacy. We validate our Privacy-Preserving Adversarial Networks (PPAN) framework via proof-of-concept experiments on discrete and continuous synthetic data, as well as the MNIST handwritten digits dataset. For synthetic data, our model-agnostic PPAN approach achieves tradeoff points very close to the optimal tradeoffs that are analytically-derived from model knowledge. In experiments with the MNIST data, we visually demonstrate a learned tradeoff between minimizing the pixel-level distortion versus concealing the written digit.
- Publication:
-
arXiv e-prints
- Pub Date:
- December 2017
- DOI:
- 10.48550/arXiv.1712.07008
- arXiv:
- arXiv:1712.07008
- Bibcode:
- 2017arXiv171207008T
- Keywords:
-
- Computer Science - Information Theory;
- Computer Science - Cryptography and Security;
- Computer Science - Computer Science and Game Theory;
- Computer Science - Machine Learning;
- Statistics - Machine Learning;
- 94A15;
- 68T05;
- 62B10
- E-Print:
- 16 pages