Parisian Master of Research in Computer Science
Master Parisien de Recherche en Informatique (MPRI)

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

cours:c-2-3-2 [2018/03/06 19:23]
kostas
cours:c-2-3-2 [2020/01/11 23:32] (current)
catuscia
Line 1: Line 1:
 ===== Foundations of privacy (24h, 3 ECTS) ===== ===== Foundations of privacy (24h, 3 ECTS) =====
  
-==== Teachers for 2017-18 ====+==== Teachers for 2019-20 ====
  
-  * [[http://www.lix.polytechnique.fr/~kostas/|Kostas Chatzikokolakis]], LIX, Ecole Polytechnique +    * [[http://www.lix.polytechnique.fr/~catuscia/|Catuscia Palamidessi]], LIX, Ecole Polytechnique 
-  * [[http://www.lix.polytechnique.fr/~catuscia/|Catuscia Palamidessi]], LIX, Ecole Polytechnique+    * [[http://webpages.lss.supelec.fr/perso/pablo.piantanida/Welcome.html|Pablo Piantanida]], CentraleSupélec
  
 ==== Exams ==== ==== Exams ====
  
-  * March 8th, 12h45 - 15h45+  * November 26, 12h45 - 15h45  
   * Only printouts of the slides and hand-written notes are allowed.   * Only printouts of the slides and hand-written notes are allowed.
  
Line 14: Line 14:
  
 The course aims at presenting modern approaches to privacy protection, in a The course aims at presenting modern approaches to privacy protection, in a
-wide range of applications such as anonymous communication systems, statistical databases, location based systems, information flow analysis in software, +wide range of applications such as statistical databases, location based systems, machine learning, and information flow analysis. 
-etc. We will put a particular emphasis on the foundational and formal aspects,+We will put a particular emphasis on the foundational and formal aspects,
 proposing rigorous definitions of privacy properties, and providing analyses and proposing rigorous definitions of privacy properties, and providing analyses and
 proofs of correctness of the methods to achieve them. In accordance with the proofs of correctness of the methods to achieve them. In accordance with the
 modern tendency, we will adopt a quantitative point of view, and reason in modern tendency, we will adopt a quantitative point of view, and reason in
-terms of degree of leakage, risk of privacy violation, etc. (rather than presence / +terms of degree of leakage, risk of privacy violation, etc.  
-absence of leakage, risk, etc.). In general, this will amount to take into account +In general, this will require to take into account 
-the probabilistic dimension, and formalize the protection of sensitive information in terms of bounds on the probabilistic knowledge of the adversary, and on+the probabilistic dimension,  
 +and formalize the protection of sensitive information  
 +in terms of bounds on the probabilistic knowledge  
 +of the adversary, and on
 the probability of success of its attacks. the probability of success of its attacks.
  
 ==== Plan of the course ==== ==== Plan of the course ====
  
-== Motivations, history and overview of applications (3h) == +== Motivations, history and overview (2h) == 
-  * Overview of applications (anonymous communicationstatistical queriesside-channel analysis, location based systems+  * Anonymity  
-  * Overview of attacks +  * k-anonymity 
-  * Traditional definitions: k-anonymity, non-interference, strong probabilistic anonymity+  * De-anonymization attacks 
 + 
 +== Differential Privacy (4h) == 
 +  * Definition  
 +  * Semantics  
 +  * Properties  
 +  * Implementation: LaplaceGeometricExponential noise 
 +  * Utility 
 +  * Trade-off between privacy and utility 
 + 
 +== Local Differential Privacy (4h== 
 +  * Definition 
 +  * Implementation: k-RR 
 +  * Statistical utility 
 +  * Matrix inversion 
 +  * Iterative Bayesian update 
 + 
 +== d-Privacy (2h) == 
 +  * Definition 
 +  * Implementation: Laplace and Geometric noise 
 +  * Application to location privacy: Geo-indistinguishability
  
-== Quantitative Information Flow (9h) == +== Quantitative Information Flow (3h) == 
-  * Vulnerability and entropy – operational interpretation +  * Vulnerability and leakage – operational interpretation 
-  * Information-theoretic approaches+  * Information-theoretic approaches: Shannon entropy, Renyi min-entropy
   * Decision-theoretic approaches: g-leakage   * Decision-theoretic approaches: g-leakage
   * The lattice of information   * The lattice of information
   * Axiomatization   * Axiomatization
-  * Applications 
  
-== Statistical databases: Differential Privacy (9h) == +== Privacy issues in Machine Learning (9h) == 
-  * Privacy protection via anonymization techniques +  * A short introduction to machine learning and to Neural Networks 
-  * De-anonymization attacks +  * Model inversion attacks 
-  * Differential privacy: motivation, definition, semantics +  * Membership inference attacks 
-  * Trade-off between privacy and utility +  * Other security issues: Adversarial examples
-  * Extensions of differential privacy+
  
-== Location privacy (3h) == 
-  * Simple counter-measures, attacks 
-  * Optimal Bayesian approaches 
-  * Geo-indistinguishability 
  
 ==== Language ==== ==== Language ====
Line 57: Line 74:
 ==== Material ==== ==== Material ====
  
-  * Lecture 1: Motivationshistoryand applications. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/17-18/lecture1-Catuscia.pdf|Slides Catuscia]],[[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/lecture1.pdf|Slides Kostas]]+  * Lecture 1: Anonymityk-anonymityde-anonymization attacks. Differential Privacy [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture1.pdf|Slides]] 
 + 
 +  * Lecture 2: Various mechanisms for Differential Privacy. Sensitivity of a query.  [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture2.pdf|Slides]] 
 +  
 +  * Lecture 3: Utility. Local Differential Privacy. d-privacy.  Trade-off with statistical utility and quality of service. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture3.pdf|Slides]] 
 + 
 +  * Lecture 4: Quantitative information flow.  The operational model of the adversary and the information-theoretic counterpart. Shannon leakage and Rényi min-entropy leakage. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture4.pdf|Slides]] 
 + 
 +  * Lecture 5: Introduction to Machine Learning. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture5.pdf|Slides]] 
 + 
 +  * Lecture 6: Introduction to multi-layered neural network. Optimization (back-propagation. Regularization and Dropout. The vanishing gradient issue. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture6.pdf|Slides]] 
 +   
 +  * Lecture 7: Introduction to privacy and security risksmotivations. Membership inference attacks.  [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture7.pdf|Slides]] 
 + 
 +  * Lecture 8: Introduction to privacy and security risks, Feature inference. Learning anonymized representation. Adversarial attacks. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/lecture8.pdf|Slides]] 
 + 
 + 
 +==== Other reading material ==== 
 + 
 +The following books are recommended for understanding the topics more in depth. They are not mandatory.  
 + 
 +   * For the Differential Privacy part:  "The Algorithmic Foundations of Differential Privacy", by Cynthia Dwork and Aaron Roth. [[https://www.cis.upenn.edu/~aaroth/Papers/privacybook.pdf|Available on line]] 
 + 
 +   * For the Information Flow part:  "The Science of Quantitative Information Flow", by Mario Alvim et al. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/Material/QIF.pdf|Available on line]] 
 + 
 +   * For the Machine Learning part:  "Pattern Recognition and Machine Learning", by Christopher M Bishop. [[http://users.isr.ist.utl.pt/~wurmd/Livros/school/Bishop%20-%20Pattern%20Recognition%20And%20Machine%20Learning%20-%20Springer%20%202006.pdf|Available on line]] 
 + 
 +==== Exercises and previous exams ==== 
 + 
 +Note: the part on Quantitative Information Flow was treated more in depth in the past years. So, please do not worry if you do not know some of the notions relative to the exercises/exams in Quantitative Information Flow.  
 + 
 +   * Exercises. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/17-18/exercises.pdf|Available here]]  
 + 
 +   * Exam Year 17/18 [[ http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/17-18/exam/exam.pdf| Available here]]
  
-  Lecture 2: Differential Privacy. Sensitivity of a query. The Laplacian and the Geometric Mechanisms. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/17-18/lecture2.pdf|Slides]]+   Exam Year 16/17 [[ http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/16-17/exam/exam.pdf| Available here]]
  
-  Lecture 3: Truncation. Utility. Optimal trade-off between Privacy and Utility. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/17-18/lecture3.pdf|Slides]]+   Exam Year 15/16 [[ http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/15-16/exam/exam.pdf| Available here]]
  
-  * Lecture 4: Exercises. Local Differential Privacy. [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/17-18/lecture4.pdf|Slides]] 
  
-  * Lecture 5: Secrets and vulnerability. [[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/lecture2.pdf|Slides]]+==== This year's exam -- with solutions ====
  
-  Lecture 6: Channels. [[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/lecture3.pdf|Slides]]+   * [[http://www.lix.polytechnique.fr/~catuscia/teaching/MPRI/19-20/Exam.pdf|Exam and solution]] 
  
-  * Lecture 7: Leakage and capacity. [[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/lecture4.pdf|Slides]] 
  
-  * Lecture 8: Refinement, applications. [[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/lecture5.pdf|Slides]] 
  
-  * [[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/allslides-print.pdf|All information flow slides]], for printing 
  
-  * [[http://www.lix.polytechnique.fr/~kostas/teaching/mpri-2017-2018/exercises.pdf|Exercises]] for both parts 
  
  
 
Universités partenaires Université Paris-Diderot
Université Paris-Saclay
ENS Cachan École polytechnique Télécom ParisTech
ENS
Établissements associés Université Pierre-et-Marie-Curie CNRS INRIA CEA