Research
Defense Against Poisoning Attacks in Shuffle-DP: Breaking the Honest-User Assumption
This paper addresses a critical weakness in shuffle differential privacy protocols: the assumption that all users behave honestly. In real-world deployments, adversarial users can exploit this vulnerability through poisoning attacks that compromise both privacy guarantees and utility. The proposed defense works under full-bandit feedback conditions, making it practical for production shuffle-DP systems where user honesty cannot be guaranteed.
Source
↳ Follow the thread