Abstract
Machine learning (ML) models trained by differentially private stochastic gradient descent (DP-SGD) have much lower utility than the non-private ones. To mitigate this degradation, we propose a DP Laplacian smoothing SGD (DP-LSSGD) to train ML models with differential privacy (DP) guarantees. At the core of DP-LSSGD is the Laplacian smoothing, which smooths out the Gaussian noise used in the Gaussian mechanism. Under the same amount of noise used in the Gaussian mechanism, DP-LSSGD attains the same DP guarantee, but in practice, DP-LSSGD makes training both convex and nonconvex ML models more stable and enables the trained models to generalize better. The proposed algorithm is simple to implement and the extra computational complexity and memory overhead compared with DP-SGD are negligible. DP-LSSGD is applicable to train a large variety of ML models, including DNNs. The code is available at https://github.com/BaoWangMath/DP-LSSGD.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 328-351 |
| Number of pages | 24 |
| Journal | Proceedings of Machine Learning Research |
| Volume | 107 |
| State | Published - 2020 |
| Externally published | Yes |
| Event | 1st Mathematical and Scientific Machine Learning Conference, MSML 2020 - Princeton, United States Duration: Jul 20 2020 → Jul 24 2020 |
All Science Journal Classification (ASJC) codes
- Software
- Control and Systems Engineering
- Statistics and Probability
- Artificial Intelligence
Keywords
- Differential Privacy
- Laplacian Smoothing
- Machine Learning
- Optimization
Fingerprint
Dive into the research topics of 'DP-LSSGD: A Stochastic Optimization Method to Lift the Utility in Privacy-Preserving ERM'. Together they form a unique fingerprint.Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver