Adversarial representation learning for synthetic replacement of private
attributes
- URL: http://arxiv.org/abs/2006.08039v5
- Date: Mon, 8 Feb 2021 13:53:41 GMT
- Title: Adversarial representation learning for synthetic replacement of private
attributes
- Authors: John Martinsson, Edvin Listo Zec, Daniel Gillblad, Olof Mogren
- Abstract summary: We propose a novel approach for data privatization, which involves two steps: in the first step, it removes the sensitive information, and in the second step, it replaces this information with an independent random sample.
Our method builds on adversarial representation learning which ensures strong privacy by training the model to fool an increasingly strong adversary.
- Score: 0.7619404259039281
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Data privacy is an increasingly important aspect of many real-world Data
sources that contain sensitive information may have immense potential which
could be unlocked using the right privacy enhancing transformations, but
current methods often fail to produce convincing output. Furthermore, finding
the right balance between privacy and utility is often a tricky trade-off. In
this work, we propose a novel approach for data privatization, which involves
two steps: in the first step, it removes the sensitive information, and in the
second step, it replaces this information with an independent random sample.
Our method builds on adversarial representation learning which ensures strong
privacy by training the model to fool an increasingly strong adversary. While
previous methods only aim at obfuscating the sensitive information, we find
that adding new random information in its place strengthens the provided
privacy and provides better utility at any given level of privacy. The result
is an approach that can provide stronger privatization on image data, and yet
be preserving both the domain and the utility of the inputs, entirely
independent of the downstream task.
Related papers
- Secure Visual Data Processing via Federated Learning [2.4374097382908477]
This paper addresses the need for privacy-preserving solutions in large-scale visual data processing.
We propose a new approach that combines object detection, federated learning and anonymization.
Our solution is evaluated against traditional centralized models, showing that while there is a slight trade-off in accuracy, the privacy benefits are substantial.
arXiv Detail & Related papers (2025-02-09T09:44:18Z) - Guided Diffusion Model for Sensor Data Obfuscation [4.91258288207688]
PrivDiffuser is a novel data obfuscation technique based on a denoising diffusion model.
We show that PrivDiffuser yields a better privacy-utility trade-off than the state-of-the-art obfuscation model.
arXiv Detail & Related papers (2024-12-19T03:47:12Z) - Activity Recognition on Avatar-Anonymized Datasets with Masked Differential Privacy [64.32494202656801]
Privacy-preserving computer vision is an important emerging problem in machine learning and artificial intelligence.
We present anonymization pipeline that replaces sensitive human subjects in video datasets with synthetic avatars within context.
We also proposeMaskDP to protect non-anonymized but privacy sensitive background information.
arXiv Detail & Related papers (2024-10-22T15:22:53Z) - PrivacyMind: Large Language Models Can Be Contextual Privacy Protection Learners [81.571305826793]
We introduce Contextual Privacy Protection Language Models (PrivacyMind)
Our work offers a theoretical analysis for model design and benchmarks various techniques.
In particular, instruction tuning with both positive and negative examples stands out as a promising method.
arXiv Detail & Related papers (2023-10-03T22:37:01Z) - A Unified View of Differentially Private Deep Generative Modeling [60.72161965018005]
Data with privacy concerns comes with stringent regulations that frequently prohibited data access and data sharing.
Overcoming these obstacles is key for technological progress in many real-world application scenarios that involve privacy sensitive data.
Differentially private (DP) data publishing provides a compelling solution, where only a sanitized form of the data is publicly released.
arXiv Detail & Related papers (2023-09-27T14:38:16Z) - Position: Considerations for Differentially Private Learning with Large-Scale Public Pretraining [75.25943383604266]
We question whether the use of large Web-scraped datasets should be viewed as differential-privacy-preserving.
We caution that publicizing these models pretrained on Web data as "private" could lead to harm and erode the public's trust in differential privacy as a meaningful definition of privacy.
We conclude by discussing potential paths forward for the field of private learning, as public pretraining becomes more popular and powerful.
arXiv Detail & Related papers (2022-12-13T10:41:12Z) - Private Set Generation with Discriminative Information [63.851085173614]
Differentially private data generation is a promising solution to the data privacy challenge.
Existing private generative models are struggling with the utility of synthetic samples.
We introduce a simple yet effective method that greatly improves the sample utility of state-of-the-art approaches.
arXiv Detail & Related papers (2022-11-07T10:02:55Z) - Momentum Gradient Descent Federated Learning with Local Differential
Privacy [10.60240656423935]
In the big data era, the privacy of personal information has been more pronounced.
In this article, we propose integrating federated learning and local differential privacy with momentum gradient descent to improve the performance of machine learning models.
arXiv Detail & Related papers (2022-09-28T13:30:38Z) - Decouple-and-Sample: Protecting sensitive information in task agnostic
data release [17.398889291769986]
sanitizer is a framework for secure and task-agnostic data release.
We show that a better privacy-utility trade-off is achieved if sensitive information can be synthesized privately.
arXiv Detail & Related papers (2022-03-17T19:15:33Z) - InfoScrub: Towards Attribute Privacy by Targeted Obfuscation [77.49428268918703]
We study techniques that allow individuals to limit the private information leaked in visual data.
We tackle this problem in a novel image obfuscation framework.
We find our approach generates obfuscated images faithful to the original input images, and additionally increase uncertainty by 6.2$times$ (or up to 0.85 bits) over the non-obfuscated counterparts.
arXiv Detail & Related papers (2020-05-20T19:48:04Z) - Utility-aware Privacy-preserving Data Releasing [7.462336024223669]
We propose a two-step perturbation-based privacy-preserving data releasing framework.
First, certain predefined privacy and utility problems are learned from the public domain data.
We then leverage the learned knowledge to precisely perturb the data owners' data into privatized data.
arXiv Detail & Related papers (2020-05-09T05:32:46Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.