Calibrate differentially private algorithms to operational privacy risk measures

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bogdan-kulynych from gravatar.com bogdan-kulynych

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

riskcal

CI arXiv

⚠️ This is a research prototype. Avoid or be extra careful when using in production.

The library provides tools for calibrating the noise scale in (epsilon, delta)-DP mechanisms to one of the two notions of operational attack risk (attack accuracy/advantage, or attack TPR and FPR) instead of the (epsilon, delta) parameters, as well as for efficient measurement of these notions. The library enables to reduce the noise scale at the same level of targeted attack risk.

Using the Library

Install with:

pip install riskcal

Quickstart

Measuring the Exact f-DP / Trade-Off Curve for any DP Mechanism

To measure the attack trade-off curve (equivalent to attack's receiver-operating curve) for DP-SGD, you can run

import riskcal
import numpy as np

alphas = np.array([0.01, 0.05, 0.1])
betas = riskcal.pld.get_beta(
    alpha=alphas,
    noise_multiplier=noise_multiplier,
    sample_rate=sample_rate,
    num_steps=num_steps,
)

You can also get the trade-off curve for any DP mechanism supported by Google's DP accounting library, given its privacy loss distribution (PLD):

import riskcal
import numpy as np

alphas = np.array([0.01, 0.05, 0.1])
betas = riskcal.pld.get_beta_from_pld(pld, alpha=alphas)
Calibrating DP-SGD to attack FNR/FPR

To calibrate noise scale in DP-SGD to a given attack FPR (beta) and FNR (alpha), run:

import riskcal

noise_multiplier = riskcal.pld.find_noise_multiplier_for_err_rates(
    beta=0.2,
    alpha=0.01,
    sample_rate=sample_rate,
    num_steps=num_steps
)

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bogdan-kulynych from gravatar.com bogdan-kulynych

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

1.3.0

1.2.1

1.1.0

1.0.0

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

riskcal-0.1.0.tar.gz (8.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

riskcal-0.1.0-py3-none-any.whl (9.0 kB view details)

Uploaded Python 3

File details

Details for the file riskcal-0.1.0.tar.gz.

File metadata

  • Download URL: riskcal-0.1.0.tar.gz
  • Upload date:
  • Size: 8.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.7.1 CPython/3.10.12 Linux/6.5.0-41-generic

File hashes

Hashes for riskcal-0.1.0.tar.gz
Algorithm Hash digest
SHA256 d493e0a353dd4e1e22156763e493780ca6128906440d90519641b7bf3837ff34
MD5 0713a795ea5647212d57d22161367ed8
BLAKE2b-256 811ac92875856727957258b39c5eb6f7a3e37138f6bd95c15761e7a8e3efd587

See more details on using hashes here.

File details

Details for the file riskcal-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: riskcal-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 9.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.7.1 CPython/3.10.12 Linux/6.5.0-41-generic

File hashes

Hashes for riskcal-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 00cf988dd0a3f82b78942c80400ac749617e29b6be9e33e88786a99fa0ea902f
MD5 ad9f72ef4f5d395907ad4c7221ba9955
BLAKE2b-256 7f442d121dcb04105e3d1388d38a135d3faf37c624ce0221b9b0a8457b53d87a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page