TY - GEN
T1 - From Randomized Response to Randomized Index: Answering Subset Counting Queries with Local Differential Privacy
AU - Ye, Qingqing
AU - Yu, Liantong
AU - Huang, Kai
AU - Xiao, Xiaokui
AU - Liu, Weiran
AU - Hu, Haibo
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025/6
Y1 - 2025/6
N2 - Local Differential Privacy (LDP) is the predominant privacy model for safeguarding individual data privacy. Existing perturbation mechanisms typically require perturbing the original values to ensure acceptable privacy, which inevitably results in value distortion and utility deterioration. In this work, we propose an alternative approach - instead of perturbing values, we apply randomization to indexes of values while ensuring rigorous LDP guarantees. Inspired by the deniability of randomized indexes, we present CRIAD for answering subset counting queries on set-value data. By integrating a multi-dummy, multi-sample, and multi-group strategy, CRIAD serves as a fully scalable solution that offers flexibility across various privacy requirements and domain sizes, and achieves more accurate query results than any existing methods. Through comprehensive theoretical analysis and extensive experimental evaluations, we validate the effectiveness of CRIAD and demonstrate its superiority over traditional value-perturbation mechanisms.
AB - Local Differential Privacy (LDP) is the predominant privacy model for safeguarding individual data privacy. Existing perturbation mechanisms typically require perturbing the original values to ensure acceptable privacy, which inevitably results in value distortion and utility deterioration. In this work, we propose an alternative approach - instead of perturbing values, we apply randomization to indexes of values while ensuring rigorous LDP guarantees. Inspired by the deniability of randomized indexes, we present CRIAD for answering subset counting queries on set-value data. By integrating a multi-dummy, multi-sample, and multi-group strategy, CRIAD serves as a fully scalable solution that offers flexibility across various privacy requirements and domain sizes, and achieves more accurate query results than any existing methods. Through comprehensive theoretical analysis and extensive experimental evaluations, we validate the effectiveness of CRIAD and demonstrate its superiority over traditional value-perturbation mechanisms.
KW - local differential privacy
KW - randomized index
KW - subset counting query
UR - https://www.scopus.com/pages/publications/105009345286
U2 - 10.1109/SP61157.2025.00215
DO - 10.1109/SP61157.2025.00215
M3 - Conference article published in proceeding or book
AN - SCOPUS:105009345286
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 3877
EP - 3891
BT - Proceedings - 46th IEEE Symposium on Security and Privacy, SP 2025
A2 - Blanton, Marina
A2 - Enck, William
A2 - Nita-Rotaru, Cristina
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 46th IEEE Symposium on Security and Privacy, SP 2025
Y2 - 12 May 2025 through 15 May 2025
ER -