A Poisoning-Resilient LDP Schema Leveraging Oblivious Transfer with the Hadamard Transform | SpringerLink
Skip to main content
Springer Nature Link
Log in

A Poisoning-Resilient LDP Schema Leveraging Oblivious Transfer with the Hadamard Transform

  • Conference paper
  • First Online:
Modeling Decisions for Artificial Intelligence (MDAI 2024)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 14986))

Abstract

In recent years, Local Differential Privacy (LDP) has been actively used to collect and utilize users’ usage history from smart devices with privacy considerations. However, since LDP allows users to add noise by themselves, Cao et al. pointed out that it is vulnerable to poisoning attacks where malicious users can intentionally manipulate data and send it to servers, thereby tamper with the aggregation results. Therefore, this study examines the application of an Oblivious Transfer (OT) protocol to the LDP protocol CMS to improve robustness against poisoning attacks. To address the challenge that the amount of data transmission and processing costs increase in proportion to the length of CMS’s vector, we introduce the Hadamard Count Mean Sketch (HCMS) utilizing the Hadamard transform. The proposed method is experimentally implemented, and its security and efficiency are evaluated using open data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 6634
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 8293
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Cao, X., Jia, Gong, N.Z.: Data poisoning attacks to local differential privacy protocols. In: USENIX Security Symposium, pp. 947–964 (2021)

    Google Scholar 

  2. Horigome, H., Kikuchi, H., Yu, C.M.: Local differential privacy protocol for making key-value data robust against poisoning attacks. In: Torra, V., Narukawa, Y. (eds.) MDAI 2023. LNCS, vol. 13890, pp. 241–252. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-33498-6_17

    Chapter  Google Scholar 

  3. Differential Privacy Team: Leaning with Privacy at Scale. https://machinelearning.apple.com/research/learning-with-privacy-at-scale

  4. Erlingsson, Ú., Pihur, V., Korolova, A.: RAPPOR: randomized aggregatable privacy-preserving ordinal response. In: ACM Conference on Computer and Communications Security, pp. 1054–1067 (2014)

    Google Scholar 

  5. Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM, 205–210 (1982)

    Google Scholar 

  6. Gadotti, A., Houssiau, F., Annamalai, M.S.M.S., de Montjoye, Y.A.: Pool inference attacks on local differential privacy: quantifying the privacy guarantees of Apple’s count mean sketch in practice. In: 31st USENIX Security Symposium (USENIX Security 22) (2022)

    Google Scholar 

  7. Duchi, J.C., Jordan, M.I., Wainwright, M.J.: Local privacy and statistical minimax rates. In: 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, Berkeley, CA, USA, pp. 429–438 (2013)

    Google Scholar 

  8. clickstream data for online shopping, UCI Machine Learning Repository (2019)

    Google Scholar 

  9. Wu, Y., Cao, X., Jia, J., Gong, N.Z.: Poisoning attacks to local differential privacy protocols for key-value data. In: USENIX Security Symposium, pp. 519–536 (2022)

    Google Scholar 

  10. Naor, M., Pinkas, B.: Computationally secure oblivious transfer. J. Cryptol. 18(1), 1–35 (2005). Springer

    Article  MathSciNet  Google Scholar 

  11. Ye, Q., Hu, H., Meng, X., Zheng, H.: PrivKV: key-value data collection with local differential privacy. In: IEEE S &P, pp. 294–308 (2019)

    Google Scholar 

  12. Warner, S.L.: Randomized response: a survey technique for eliminating evasive answer bias. J. Am. Stat. Assoc. 63–69 (1965)

    Google Scholar 

  13. Huang, K., et al.: LDPGuard: defenses against data poisoning attacks to local differential privacy protocols. IEEE Trans. Knowl. Data Eng. 1–14 (2024)

    Google Scholar 

Download references

Acknowledgment

Part of this work was supported by JSPS KAKENHI Grant Number 23K11110 and JST, CREST Grant Number JPMJCR21M1, Japan.

Author information

Authors and Affiliations

  1. School of Interdisciplinary Mathematical Sciences, Meiji University, 4-21-1, Nakano, Tokyo, 164-8525, Japan

    Masahiro Shimizu & Hiroaki Kikuchi

Authors
  1. Masahiro Shimizu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hiroaki Kikuchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hiroaki Kikuchi .

Editor information

Editors and Affiliations

  1. Umeå University, Umeå, Sweden

    Vicenç Torra

  2. Tamagawa University, Machida, Tokyo, Japan

    Yasuo Narukawa

  3. Meiji University, Tokyo, Japan

    Hiroaki Kikuchi

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shimizu, M., Kikuchi, H. (2024). A Poisoning-Resilient LDP Schema Leveraging Oblivious Transfer with the Hadamard Transform. In: Torra, V., Narukawa, Y., Kikuchi, H. (eds) Modeling Decisions for Artificial Intelligence. MDAI 2024. Lecture Notes in Computer Science(), vol 14986. Springer, Cham. https://doi.org/10.1007/978-3-031-68208-7_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-68208-7_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-68207-0

  • Online ISBN: 978-3-031-68208-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation