Differential privacy has become a de facto standard for releasing data in a privacy-preserving way. Creating a differentially private algorithm is a process that often starts with a noise-free (non-private) algorithm. The designer then decides where to add noise, and how much of it to add. This can be a non-trivial process -- if not done carefully, the algorithm might either violate differential privacy or have low utility. In this paper, we present DPGen, a program synthesizer that takes in non-private code (without any noise) and automatically synthesizes its differentially private version (with carefully calibrated noise). Under the hood, DPGen uses novel algorithms to automatically generate a sketch program with candidate locations for noise, and then optimize privacy proof and noise scales simultaneously on the sketch program. Moreover, DPGen can synthesize sophisticated mechanisms that adaptively process queries until a specified privacy budget is exhausted. When evaluated on standard benchmarks, DPGen is able to generate differentially private mechanisms that optimize simple utility functions within 120 seconds. It is also powerful enough to synthesize adaptive privacy mechanisms.

中文翻译：

---

DPGen：差分隐私的自动化程序合成

差分隐私已成为以隐私保护方式发布数据的事实标准。创建差分私有算法是一个通常从无噪声（非私有）算法开始的过程。然后，设计师决定在何处添加噪声以及添加多少噪声。这可能是一个非常重要的过程——如果不小心完成，该算法可能会违反差分隐私或实用性低。在本文中，我们介绍了 DPGen，这是一个程序合成器，它接收非私有代码（没有任何噪声）并自动合成其差异私有版本（带有仔细校准的噪声）。在幕后，DPGen 使用新颖的算法自动生成带有噪声候选位置的草图程序，然后在草图程序上同时优化隐私证明和噪声尺度。而且，DPGen 可以综合复杂的机制，自适应地处理查询，直到用完指定的隐私预算。在标准基准上进行评估时，DPGen 能够生成差异化私有机制，在 120 秒内优化简单的效用函数。它也足够强大，可以合成自适应隐私机制。