Adaptive laplace mechanism: Differential privacy preservation in deep learning

Nhathai Phan, Xintao Wu, Han Hu, Dejing Dou

Research output: Chapter in Book/Report/Conference proceedingConference contribution

162 Scopus citations

Abstract

In this paper, we focus on developing a novel mechanism to preserve differential privacy in deep neural networks, such that: (1) The privacy budget consumption is totally independent of the number of training steps; (2) It has the ability to adaptively inject noise into features based on the contribution of each to the output; and (3) It could be applied in a variety of different deep neural networks. To achieve this, we figure out a way to perturb affine transformations of neurons, and loss functions used in deep neural networks. In addition, our mechanism intentionally adds 'more noise' into features which are 'less relevant' to the model output, and vice-versa. Our theoretical analysis further derives the sensitivities and error bounds of our mechanism. Rigorous experiments conducted on MNIST and CIFAR-10 datasets show that our mechanism is highly effective and outperforms existing solutions.

Original languageEnglish (US)
Title of host publicationProceedings - 17th IEEE International Conference on Data Mining, ICDM 2017
EditorsVijay Raghavan, Srinivas Alu, George Karypis, Lucio Miele, Xindong Wu
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages385-394
Number of pages10
ISBN (Electronic)9781538638347
DOIs
StatePublished - Dec 15 2017
Event17th IEEE International Conference on Data Mining, ICDM 2017 - New Orleans, United States
Duration: Nov 18 2017Nov 21 2017

Publication series

NameProceedings - IEEE International Conference on Data Mining, ICDM
Volume2017-November
ISSN (Print)1550-4786

Other

Other17th IEEE International Conference on Data Mining, ICDM 2017
Country/TerritoryUnited States
CityNew Orleans
Period11/18/1711/21/17

All Science Journal Classification (ASJC) codes

  • General Engineering

Keywords

  • Deep Learning
  • Differential Privacy
  • Laplace Mechanism

Fingerprint

Dive into the research topics of 'Adaptive laplace mechanism: Differential privacy preservation in deep learning'. Together they form a unique fingerprint.

Cite this