Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Mean Estimation with User-Level Privacy for Spatio-Temporal IoT Datasets

V. Arvind Rameshwar, Anshoo Tandon, Prajjwal Gupta, Aditya Vikram Singh, Novoneel Chakraborty, Abhay Sharma

TL;DR

This work tackles privately releasing the mean of speeds in spatio-temporal IoT data under user-level differential privacy. It develops and compares multiple algorithms (Baseline, Array-Averaging, Levy, Quantile) that create pseudo-users through grouping and clipping of per-user samples, then add Laplace noise with carefully calibrated scales to balance privacy and accuracy. A minimax analysis yields insights into optimal pseudo-user design, culminating in the OPT-Array-Averaging approach that selects the clipping level $m_{\text{UB}}$ to minimize worst-case error. Empirical results on ITMS data and large synthetic datasets show that BestFit grouping reduces sensitivity and that Levy and FixedQuantile strategies excel in large-scale settings, with practical recommendations for algorithm choice based on dataset characteristics. The proposed methods extend to general spatio-temporal IoT applications requiring privately released means, offering actionable guidance for privacy-accuracy trade-offs and future extensions involving multi-grid private releases.

Abstract

This paper considers the problem of the private release of sample means of speed values from traffic datasets. Our key contribution is the development of user-level differentially private algorithms that incorporate carefully chosen parameter values to ensure low estimation errors on real-world datasets, while ensuring privacy. We test our algorithms on ITMS (Intelligent Traffic Management System) data from an Indian city, where the speeds of different buses are drawn in a potentially non-i.i.d. manner from an unknown distribution, and where the number of speed samples contributed by different buses is potentially different. We then apply our algorithms to large synthetic datasets, generated based on the ITMS data. Here, we provide theoretical justification for the observed performance trends, and also provide recommendations for the choices of algorithm subroutines that result in low estimation errors. Finally, we characterize the best performance of pseudo-user creation-based algorithms on worst-case datasets via a minimax approach; this then gives rise to a novel procedure for the creation of pseudo-users, which optimizes the worst-case total estimation error. The algorithms discussed in the paper are readily applicable to general spatio-temporal IoT datasets for releasing a differentially private mean of a desired value.

Mean Estimation with User-Level Privacy for Spatio-Temporal IoT Datasets

TL;DR

This work tackles privately releasing the mean of speeds in spatio-temporal IoT data under user-level differential privacy. It develops and compares multiple algorithms (Baseline, Array-Averaging, Levy, Quantile) that create pseudo-users through grouping and clipping of per-user samples, then add Laplace noise with carefully calibrated scales to balance privacy and accuracy. A minimax analysis yields insights into optimal pseudo-user design, culminating in the OPT-Array-Averaging approach that selects the clipping level to minimize worst-case error. Empirical results on ITMS data and large synthetic datasets show that BestFit grouping reduces sensitivity and that Levy and FixedQuantile strategies excel in large-scale settings, with practical recommendations for algorithm choice based on dataset characteristics. The proposed methods extend to general spatio-temporal IoT applications requiring privately released means, offering actionable guidance for privacy-accuracy trade-offs and future extensions involving multi-grid private releases.

Abstract

This paper considers the problem of the private release of sample means of speed values from traffic datasets. Our key contribution is the development of user-level differentially private algorithms that incorporate carefully chosen parameter values to ensure low estimation errors on real-world datasets, while ensuring privacy. We test our algorithms on ITMS (Intelligent Traffic Management System) data from an Indian city, where the speeds of different buses are drawn in a potentially non-i.i.d. manner from an unknown distribution, and where the number of speed samples contributed by different buses is potentially different. We then apply our algorithms to large synthetic datasets, generated based on the ITMS data. Here, we provide theoretical justification for the observed performance trends, and also provide recommendations for the choices of algorithm subroutines that result in low estimation errors. Finally, we characterize the best performance of pseudo-user creation-based algorithms on worst-case datasets via a minimax approach; this then gives rise to a novel procedure for the creation of pseudo-users, which optimizes the worst-case total estimation error. The algorithms discussed in the paper are readily applicable to general spatio-temporal IoT datasets for releasing a differentially private mean of a desired value.
Paper Structure (25 sections, 15 theorems, 73 equations, 5 figures, 3 algorithms)

This paper contains 25 sections, 15 theorems, 73 equations, 5 figures, 3 algorithms.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Notation
  4. Problem Setup
  5. Problem Formulation
  6. User-Level Differential Privacy
  7. Algorithms
  8. Strategies for Grouping Samples
  9. WrapAround
  10. BestFit
  11. Baseline
  12. Array-Averaging
  13. Levy
  14. Private Interval Estimation
  15. Choosing $m_\text{UB}$
  16. ...and 10 more sections

Key Result

Theorem 2.1

For any $g: \mathsf{D}\to \mathbb{R}$, the mechanism $M^{\text{Lap}}_g: \mathsf{D}\to \mathbb{R}$ defined by where $Z\sim \text{Lap}(\Delta_g/\varepsilon)$ is user-level $\varepsilon$-DP.

Figures (5)

  • Figure 1: Plots comparing $E_\text{MAE}$ for the Array-Averaging, Levy, and Quantile algorithms, under the two grouping strategies. For the Levy algorithm, we fix $\gamma = 0.2$, and for the Quantile algorithm, we use the FixedQuantile subroutine.
  • Figure 2: Plots comparing the performance of algorithms on real-world ITMS data
  • Figure 3: Plots comparing the performance of algorithms under sample scaling
  • Figure 4: Plots comparing the performance of algorithms under user scaling
  • Figure 5: Plot showing the values of $m^{(\varepsilon)}$ obtained by solving \ref{['eq:inter2']} for the ITMS dataset with $0.001\le \varepsilon\le 2$. Here, the $\varepsilon$ axis is shown on a log-scale.

Theorems & Definitions (29)

  • Definition 2.1
  • Definition 2.2
  • Theorem 2.1
  • Proposition 2.1
  • Lemma 3.1
  • proof
  • Lemma 3.2
  • proof
  • Definition 3.1
  • Lemma 4.1
  • ...and 19 more