Dies ist eine Übersichtsseite mit Metadaten zu dieser wissenschaftlichen Arbeit. Der vollständige Artikel ist beim Verlag verfügbar.
Differentially Private Image Classification by Learning Priors from Random Processes
2
Zitationen
4
Autoren
2023
Jahr
Abstract
In privacy-preserving machine learning, differentially private stochastic gradient descent (DP-SGD) performs worse than SGD due to per-sample gradient clipping and noise addition. A recent focus in private learning research is improving the performance of DP-SGD on private data by incorporating priors that are learned on real-world public data. In this work, we explore how we can improve the privacy-utility tradeoff of DP-SGD by learning priors from images generated by random processes and transferring these priors to private data. We propose DP-RandP, a three-phase approach. We attain new state-of-the-art accuracy when training from scratch on CIFAR10, CIFAR100, MedMNIST and ImageNet for a range of privacy budgets $\varepsilon \in [1, 8]$. In particular, we improve the previous best reported accuracy on CIFAR10 from $60.6 \%$ to $72.3 \%$ for $\varepsilon=1$.
Ähnliche Arbeiten
k-ANONYMITY: A MODEL FOR PROTECTING PRIVACY
2002 · 8.413 Zit.
Calibrating Noise to Sensitivity in Private Data Analysis
2006 · 6.916 Zit.
Deep Learning with Differential Privacy
2016 · 5.640 Zit.
Federated Machine Learning
2019 · 5.609 Zit.
Communication-Efficient Learning of Deep Networks from Decentralized\n Data
2016 · 5.600 Zit.