Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Generating Differentially Private Networks with a Modified Erdős-Rényi Model

Huaiyuan Rao, Calvin Hawkins, Alexander Benvenuti, Matthew Hale

TL;DR

This work addresses privately generating entire networks under edge $\varepsilon$-differential privacy by pairing a graph exponential mechanism with a computationally efficient modified Erdős-Rényi sampler. The core ideas are to (i) formulate a utility based on edge-set closeness and (ii) implement a scalable sampling procedure that preserves privacy while enabling post-processing to compute arbitrary graph properties, notably the Laplacian spectrum. The main contributions are the formal graph exponential mechanism, an equivalent two-type edge ER implementation with $O(n^2)$ complexity, and empirical evidence that the method yields substantially lower error in graph Laplacian spectra than prior approaches (e.g., a $\approx 49.34\%$ improvement at $\varepsilon=2.50$). Overall, this framework enables privacy-preserving analysis of a broad class of graph properties without bespoke mechanisms and scales to large networks, advancing practical secure analyses in networked systems.

Abstract

Differential privacy has been used to privately calculate numerous network properties, but existing approaches often require the development of a new privacy mechanism for each property of interest. Therefore, we present a framework for generating entire networks in a differentially private way. Differential privacy is immune to post-processing, which allows for any network property to be computed and analyzed for a private output network, without weakening its protections. We consider undirected networks and develop a differential privacy mechanism that takes in a sensitive network and outputs a private network by randomizing its edge set. We prove that this mechanism does provide differential privacy to a network's edge set, though it induces a complex distribution over the space of output graphs. We then develop an equivalent privacy implementation using a modified Erdős-Rényi model that constructs an output graph edge by edge, and it is efficient and easily implementable, even on large complex networks. Experiments implement $\varepsilon$-differential privacy with $\varepsilon=2.5$ when computing graph Laplacian spectra, and these results show the proposed mechanism incurs $49.34\%$ less error than the current state of the art.

Generating Differentially Private Networks with a Modified Erdős-Rényi Model

TL;DR

This work addresses privately generating entire networks under edge -differential privacy by pairing a graph exponential mechanism with a computationally efficient modified Erdős-Rényi sampler. The core ideas are to (i) formulate a utility based on edge-set closeness and (ii) implement a scalable sampling procedure that preserves privacy while enabling post-processing to compute arbitrary graph properties, notably the Laplacian spectrum. The main contributions are the formal graph exponential mechanism, an equivalent two-type edge ER implementation with complexity, and empirical evidence that the method yields substantially lower error in graph Laplacian spectra than prior approaches (e.g., a improvement at ). Overall, this framework enables privacy-preserving analysis of a broad class of graph properties without bespoke mechanisms and scales to large networks, advancing practical secure analyses in networked systems.

Abstract

Differential privacy has been used to privately calculate numerous network properties, but existing approaches often require the development of a new privacy mechanism for each property of interest. Therefore, we present a framework for generating entire networks in a differentially private way. Differential privacy is immune to post-processing, which allows for any network property to be computed and analyzed for a private output network, without weakening its protections. We consider undirected networks and develop a differential privacy mechanism that takes in a sensitive network and outputs a private network by randomizing its edge set. We prove that this mechanism does provide differential privacy to a network's edge set, though it induces a complex distribution over the space of output graphs. We then develop an equivalent privacy implementation using a modified Erdős-Rényi model that constructs an output graph edge by edge, and it is efficient and easily implementable, even on large complex networks. Experiments implement -differential privacy with when computing graph Laplacian spectra, and these results show the proposed mechanism incurs less error than the current state of the art.

Paper Structure

This paper contains 13 sections, 6 theorems, 36 equations, 2 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. Background and Problem Formulation
  3. Graph Theory
  4. Differential Privacy
  5. Problem Statements
  6. Differentially Private Graph Generation
  7. Utility and Global Sensitivity
  8. Graph Exponential Mechanism
  9. Efficient Implementation Using a Modified E-R Model
  10. Results for a Real-World Complex Network
  11. Privacy Mechanism Setup
  12. Experiments with a Real-World Complex Network
  13. Conclusion

Key Result

Lemma 1

Let $\mathcal{M}_i$ be an $\varepsilon_i$-differentially private mechanism for $i\in[k]$. If $\mathcal{M}_{[k]}$ is defined to be $\mathcal{M}_{[k]}=(\mathcal{M}_1, \mathcal{M}_2, \cdots, \mathcal{M}_k)$, then $\mathcal{M}_{[k]}$ is $\sum_{i=1}^{k} \varepsilon_i$-differentially private.

Figures (2)

  • Figure 1: An example of an adjacent and non-adjacent graph for $A=2$. The middle graph is adjacent to the left graph because it differs by $2$ edges. The right graph is not adjacent to the left graph because it differs by $3$ edges.
  • Figure 2: The (a) empirical mean and (b) empirical variance of the error in $\{\tilde{\lambda}_2,\dots,\tilde{\lambda}_{168}\}$ for privacy parameters $\varepsilon \in \{\varepsilon_l \mid \varepsilon_l = 0.835l, \, l \in \{1,2, \dots, 8\}\}$.

Theorems & Definitions (16)

  • Definition 1: Fréchet-Nikodym Metric
  • Definition 2: Edge adjacency; hay2009accurate
  • Definition 3: Differential privacy; dwork2014algorithmic
  • Lemma 1: Sequential composition; dwork2014algorithmic
  • Lemma 2: Immunity to Post-Processing; dwork2014algorithmic
  • Definition 4: Utility function
  • Definition 5: Global sensitivity; dwork2014algorithmic
  • Lemma 3
  • proof
  • Definition 6: Exponential mechanism; dwork2014algorithmic
  • ...and 6 more