Symbolic Quantitative Information Flow for Probabilistic Programs

TL;DR

This paper introduces symbolic methods to precisely and approximately compute information leakage measures in probabilistic programs, enhancing privacy analysis tools for systems with mixed discrete and continuous data.

Contribution

It develops a unified symbolic framework for leakage analysis using weakest pre-expectation calculus and Gaussian approximations, applicable to both discrete and mixed distributions.

Findings

Exact symbolic expressions for leakage measures in discrete programs.

Gaussian mixture approximations for mixed discrete-continuous programs.

Application to differential privacy mechanisms like randomized response and Gaussian mechanism.

Abstract

It is of utmost importance to ensure that modern data intensive systems do not leak sensitive information. In this paper, the authors, who met thanks to Joost-Pieter Katoen, discuss symbolic methods to compute information-theoretic measures of leakage: entropy, conditional entropy, Kullback-Leibler divergence, and mutual information. We build on two semantic frameworks for symbolic execution of probabilistic programs. For discrete programs, we use weakest pre-expectation calculus to compute exact symbolic expressions for the leakage measures. Using Second Order Gaussian Approximation (SOGA), we handle programs that combine discrete and continuous distributions. However, in the SOGA setting, we approximate the exact semantics using Gaussian mixtures and compute bounds for the measures. We demonstrate the use of our methods in two widely used mechanisms to ensure differential privacy: randomized response and the Gaussian mechanism.