DP-Finder is a system that automatically derives lower bounds on the differential privacy enforced by algorithms.
This repository contains the code used for the experiments in the paper https://www.sri.inf.ethz.ch/publications/bichsel18dpfinder.
To install DP-Finder, you can use docker or install it locally. Before starting, clone this repository and navigate to the directory of this README file.
For a simple (but less efficient) setup using docker, run
$ cd dp-finder/docker
$ make launch # build and run the docker image
[sudo] password for user: *************Alternatively, you can set up DP-Finder on your local machine. The main requirements are
$ sudo apt-get install python3 python3-pip python3-tk libboost-all-dev
[...]
$ pip3 install virtualenv
[...]
$ sudo apt-get install texlive-full
[...]In addition, the DP-Finder requires PSI (to
confirm found violations exactly). Make sure that PSI can be accessed by running
psi, by adding it to /usr/local/bin. For example, assuming that psi was
installed to /opt/psi/psi, run:
ln -s -f "/opt/psi/psi" "/usr/local/bin"See the Dockerfile for all relevant packages on for how to install PSI.
In case of issues with the setup, also see the preparation script (which is automatically run when you run ./test.sh or ./run.sh), which contains some optional commands that may fix your errors.
Before running any commands, prepare the environment (sets up the PYTHONPATH, compiles dependencies, etc) by running
root@febda6ac8a18:/implementation# source ./prepare.shTo run the unittests of DP-Finder, run
root@febda6ac8a18:/implementation# ./test.shThis should take around 10 minutes.
To find lower bounds for the encoded algorithms, run
root@febda6ac8a18:/implementation# ./run.shThe runner generates plots, which are saved in ./dpfinder/log_parser/figures. The runtime of this script depends on your machine (expect <1day).
root@febda6ac8a18:/implementation# python3 dpfinder/searcher/search.py --alg aboveThresholdTo get a description of all parameters to dp-finder, run
root@febda6ac8a18:/implementation# python3 dpfinder/searcher/search.py --helpTo add a new algorithm newAlg for testing:
- Add
newAlg.pyto ./dpfinder/algorithms/tf_implementations/imps. The new file should contain a classNewAlgImplthat extendsTensorFlowImplementation(see aboveThreshold.py for a reference). - Add
newAlg.psito ./dpfinder/algorithms/psi_implementations. See aboveThreshold.psi for a reference. - Add
newAlg.pyto ./dpfinder/algorithms/algs. The new file should contain a classNewAlgthat extendsAlgorithm(see aboveThreshold.py for a reference).
@inproceedings{Bichsel:2018:DFD:3243734.3243863,
author = {Bichsel, Benjamin and Gehr, Timon and Drachsler-Cohen, Dana and Tsankov, Petar and Vechev, Martin},
title = {DP-Finder: Finding Differential Privacy Violations by Sampling and Optimization},
booktitle = {Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
series = {CCS '18},
year = {2018},
isbn = {978-1-4503-5693-0},
location = {Toronto, Canada},
pages = {508--524},
numpages = {17},
url = {http://doi.acm.org/10.1145/3243734.3243863},
doi = {10.1145/3243734.3243863},
acmid = {3243863},
publisher = {ACM},
address = {New York, NY, USA},
keywords = {differential privacy, lower bounds, optimization, sampling},
}
- Benjamin Bichsel benjamin.bichsel@inf.ethz.ch
- Timon Gehr timon.gehr@inf.ethz.ch
- Dana Drachsler Cohen dana.drachsler@inf.ethz.ch
- Petar Tsankov petar.tsankov@inf.ethz.ch
- Martin Vechev martin.vechev@inf.ethz.ch
- Copyright (c) 2018 Secure, Reliable, and Intelligent Systems Lab (SRI), ETH Zurich
- Licensed under the MIT License