CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples

Yuxin Wang; Zeyu Ding; Daniel Kifer; Danfeng Zhang

doi:10.1145/3372297.3417282

CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples

Yuxin Wang, Zeyu Ding, Daniel Kifer, Danfeng Zhang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

13 Citations (SciVal)

Abstract

We propose CheckDP, an automated and integrated approach for proving or disproving claims that a mechanism is differentially private. CheckDP can find counterexamples for mechanisms with subtle bugs for which prior counterexample generators have failed. Furthermore, it was able to automatically generate proofs for correct mechanisms for which no formal verification was reported before. CheckDP is built on static program analysis, allowing it to be more efficient and precise in catching infrequent events than sampling based counterexample generators (which run mechanisms hundreds of thousands of times to estimate their output distribution). Moreover, its sound approach also allows automatic verification of correct mechanisms. When evaluated on standard benchmarks and newer privacy mechanisms, CheckDP generates proofs (for correct mechanisms) and counterexamples (for incorrect mechanisms) within 70 seconds without any false positives or false negatives.

Original language	English (US)
Title of host publication	CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	919-938
Number of pages	20
ISBN (Electronic)	9781450370899
DOIs	https://doi.org/10.1145/3372297.3417282
State	Published - Oct 30 2020
Event	27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 - Virtual, Online, United States Duration: Nov 9 2020 → Nov 13 2020

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Conference

Conference	27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020
Country/Territory	United States
City	Virtual, Online
Period	11/9/20 → 11/13/20

All Science Journal Classification (ASJC) codes

Software
Computer Networks and Communications

Access to Document

10.1145/3372297.3417282

Cite this

Wang, Y., Ding, Z., Kifer, D., & Zhang, D. (2020). CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples. In CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 919-938). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3372297.3417282

Wang, Yuxin ; Ding, Zeyu ; Kifer, Daniel et al. / CheckDP : An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples. CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2020. pp. 919-938 (Proceedings of the ACM Conference on Computer and Communications Security).

@inproceedings{bbc50c9740a147b7ab99f61c02203d19,

title = "CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples",

abstract = "We propose CheckDP, an automated and integrated approach for proving or disproving claims that a mechanism is differentially private. CheckDP can find counterexamples for mechanisms with subtle bugs for which prior counterexample generators have failed. Furthermore, it was able to automatically generate proofs for correct mechanisms for which no formal verification was reported before. CheckDP is built on static program analysis, allowing it to be more efficient and precise in catching infrequent events than sampling based counterexample generators (which run mechanisms hundreds of thousands of times to estimate their output distribution). Moreover, its sound approach also allows automatic verification of correct mechanisms. When evaluated on standard benchmarks and newer privacy mechanisms, CheckDP generates proofs (for correct mechanisms) and counterexamples (for incorrect mechanisms) within 70 seconds without any false positives or false negatives.",

author = "Yuxin Wang and Zeyu Ding and Daniel Kifer and Danfeng Zhang",

note = "Funding Information: We thank the anonymous reviewers for their insightful feedbacks. This work was supported by NSF Awards CNS-1702760. Publisher Copyright: {\textcopyright} 2020 ACM.; 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 ; Conference date: 09-11-2020 Through 13-11-2020",

year = "2020",

month = oct,

day = "30",

doi = "10.1145/3372297.3417282",

language = "English (US)",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "919--938",

booktitle = "CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security",

}

Wang, Y, Ding, Z, Kifer, D & Zhang, D 2020, CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples. in CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 919-938, 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020, Virtual, Online, United States, 11/9/20. https://doi.org/10.1145/3372297.3417282

CheckDP : An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples. / Wang, Yuxin; Ding, Zeyu; Kifer, Daniel et al.

CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2020. p. 919-938 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - CheckDP

T2 - 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020

AU - Wang, Yuxin

AU - Ding, Zeyu

AU - Kifer, Daniel

AU - Zhang, Danfeng

PY - 2020/10/30

Y1 - 2020/10/30

N2 - We propose CheckDP, an automated and integrated approach for proving or disproving claims that a mechanism is differentially private. CheckDP can find counterexamples for mechanisms with subtle bugs for which prior counterexample generators have failed. Furthermore, it was able to automatically generate proofs for correct mechanisms for which no formal verification was reported before. CheckDP is built on static program analysis, allowing it to be more efficient and precise in catching infrequent events than sampling based counterexample generators (which run mechanisms hundreds of thousands of times to estimate their output distribution). Moreover, its sound approach also allows automatic verification of correct mechanisms. When evaluated on standard benchmarks and newer privacy mechanisms, CheckDP generates proofs (for correct mechanisms) and counterexamples (for incorrect mechanisms) within 70 seconds without any false positives or false negatives.

AB - We propose CheckDP, an automated and integrated approach for proving or disproving claims that a mechanism is differentially private. CheckDP can find counterexamples for mechanisms with subtle bugs for which prior counterexample generators have failed. Furthermore, it was able to automatically generate proofs for correct mechanisms for which no formal verification was reported before. CheckDP is built on static program analysis, allowing it to be more efficient and precise in catching infrequent events than sampling based counterexample generators (which run mechanisms hundreds of thousands of times to estimate their output distribution). Moreover, its sound approach also allows automatic verification of correct mechanisms. When evaluated on standard benchmarks and newer privacy mechanisms, CheckDP generates proofs (for correct mechanisms) and counterexamples (for incorrect mechanisms) within 70 seconds without any false positives or false negatives.

UR - http://www.scopus.com/inward/record.url?scp=85096174065&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85096174065&partnerID=8YFLogxK

U2 - 10.1145/3372297.3417282

DO - 10.1145/3372297.3417282

M3 - Conference contribution

AN - SCOPUS:85096174065

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 919

EP - 938

BT - CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security

PB - Association for Computing Machinery

Y2 - 9 November 2020 through 13 November 2020

ER -

Wang Y, Ding Z, Kifer D , Zhang D. CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples. In CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. 2020. p. 919-938. (Proceedings of the ACM Conference on Computer and Communications Security). doi: 10.1145/3372297.3417282

CheckDP: An Automated and Integrated Approach for Proving Differential Privacy or Finding Precise Counterexamples

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this