论文标题
通过差异隐私镜头测试对手的广义似然比测试对手
Generalised Likelihood Ratio Testing Adversaries through the Differential Privacy Lens
论文作者
论文摘要
差异隐私(DP)在最佳对手的能力上提供了紧密的上限,但是在实践中很少遇到这种对手。在DP的假设测试/成员推理解释下,我们检查了高斯机制,并放松了对尼曼·皮尔森(Neyman-Pearson)最佳(NPO)对手的通常假设,对广义可能性测试(GLRT)对手。这种轻度的放松导致了改善的隐私保证,我们本着高斯DP和$(\ varepsilon,δ)$ DP的精神表达,包括成分和子采样结果。我们通过数值评估结果,并发现它们匹配理论上限。
Differential Privacy (DP) provides tight upper bounds on the capabilities of optimal adversaries, but such adversaries are rarely encountered in practice. Under the hypothesis testing/membership inference interpretation of DP, we examine the Gaussian mechanism and relax the usual assumption of a Neyman-Pearson-Optimal (NPO) adversary to a Generalized Likelihood Test (GLRT) adversary. This mild relaxation leads to improved privacy guarantees, which we express in the spirit of Gaussian DP and $(\varepsilon, δ)$-DP, including composition and sub-sampling results. We evaluate our results numerically and find them to match the theoretical upper bounds.
