The widespread acceptance of differential privacy has led to the publication of many
sophisticated algorithms for protecting privacy. However, due to the subtle nature of this …

We introduce the notion of a reproducible algorithm in the context of learning. A reproducible
learning algorithm is resilient to variations in its samples—with high probability, it returns the …

We present DP-Sniper, a practical black-box method that automatically finds violations of
differential privacy. DP-Sniper is based on two key ideas:(i) training a classifier to predict if …

(ε, δ) differential privacy has seen increased adoption recently, especially in private machine
learning applications. While this privacy definition allows provably limiting the amount of …

This paper presents Orchard, a system that can answer queries about sensitive data that is
held by millions of user devices, with strong differential privacy guarantees. Orchard …

We present DP-Finder, a novel approach and system that automatically derives lower
bounds on the differential privacy enforced by algorithms. Lower bounds are practically …

This paper introduces Mycelium, the first system to process differentially private queries over
large graphs that are distributed across millions of user devices. Such graphs occur, for …

We propose CheckDP, an automated and integrated approach for proving or disproving
claims that a mechanism is differentially private. CheckDP can find counterexamples for …

Differential privacy is an information theoretic constraint on algorithms and code. It provides
quantification of privacy leakage and formal privacy guarantees that are currently …

We propose a symbolic execution method for programs that can draw random samples. In
contrast to existing work, our method can verify randomized programs with unknown inputs …