Understanding epsilon for Differential Privacy in Differencing Attack Scenarios

One of the recent notions of privacy protection is Differential Privacy (DP) with potential application in several personal data protection settings. DP acts as an intermediate layer between a private dataset and data analysts introducing privacy by injecting noise into the results of queries. Key to DP is the role of epsilon - a parameter that controls the magnitude of injected noise and, therefore, the trade-off between utility and privacy. Choosing proper epsilon value is a key challenge and a non-trivial task, as there is no straightforward way to assess the level of privacy loss associated with a given epsilon value. In this study, we measure the privacy loss imposed by a given epsilon through an adversarial model that exploits auxiliary information. We define the adversarial model and the privacy loss based on a differencing attack and the success probability of such an attack, respectively. Then, we restrict the probability of a successful differencing attack by tuning the epsilon. The result is an approach for setting epsilon based on the probability of a successful differencing attack and, hence, privacy leak. Our evaluation finds that setting epsilon based on some of the approaches presented in related work does not seem to offer adequate protection against the adversarial model introduced in this paper. Furthermore, our analysis shows that the epsilon selected by our proposed approach provides privacy protection for the adversary model in this paper and the adversary models in the related work.