Private Post-GAN Boosting
- URL: http://arxiv.org/abs/2007.11934v2
- Date: Thu, 25 Mar 2021 16:53:34 GMT
- Title: Private Post-GAN Boosting
- Authors: Marcel Neunhoeffer, Zhiwei Steven Wu, Cynthia Dwork
- Abstract summary: Private post-GAN boosting (Private PGB) is a differentially private method that combines samples produced by the sequence of generators obtained during GAN training to create a high-quality dataset.
We evaluate Private PGB on two dimensional toy data, MNIST images, US Census data and a standard machine learning prediction task.
- Score: 40.3768051738159
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Differentially private GANs have proven to be a promising approach for
generating realistic synthetic data without compromising the privacy of
individuals. Due to the privacy-protective noise introduced in the training,
the convergence of GANs becomes even more elusive, which often leads to poor
utility in the output generator at the end of training. We propose Private
post-GAN boosting (Private PGB), a differentially private method that combines
samples produced by the sequence of generators obtained during GAN training to
create a high-quality synthetic dataset. To that end, our method leverages the
Private Multiplicative Weights method (Hardt and Rothblum, 2010) to reweight
generated samples. We evaluate Private PGB on two dimensional toy data, MNIST
images, US Census data and a standard machine learning prediction task. Our
experiments show that Private PGB improves upon a standard private GAN approach
across a collection of quality measures. We also provide a non-private variant
of PGB that improves the data quality of standard GAN training.
Related papers
- Beyond the Mean: Differentially Private Prototypes for Private Transfer Learning [16.028575596905554]
We propose Differentially Private Prototype Learning (DPPL) as a new paradigm for private transfer learning.
DPPL generates prototypes that represent each private class in the embedding space and can be publicly released for inference.
We show that privacy-utility trade-offs can be further improved when leveraging the public data beyond pre-training of the encoder.
arXiv Detail & Related papers (2024-06-12T09:41:12Z) - LLM-based Privacy Data Augmentation Guided by Knowledge Distillation
with a Distribution Tutor for Medical Text Classification [67.92145284679623]
We propose a DP-based tutor that models the noised private distribution and controls samples' generation with a low privacy cost.
We theoretically analyze our model's privacy protection and empirically verify our model.
arXiv Detail & Related papers (2024-02-26T11:52:55Z) - Differentially Private Model-Based Offline Reinforcement Learning [51.1231068185106]
We introduce DP-MORL, an algorithm coming with differential privacy guarantees.
A private model of the environment is first learned from offline data.
We then use model-based policy optimization to derive a policy from the private model.
arXiv Detail & Related papers (2024-02-08T10:05:11Z) - DPGOMI: Differentially Private Data Publishing with Gaussian Optimized
Model Inversion [8.204115285718437]
We propose Differentially Private Data Publishing with Gaussian Optimized Model Inversion (DPGOMI) to address this issue.
Our approach involves mapping private data to the latent space using a public generator, followed by a lower-dimensional DP-GAN with better convergence properties.
Our results show that DPGOMI outperforms the standard DP-GAN method in terms of Inception Score, Freche't Inception Distance, and classification performance.
arXiv Detail & Related papers (2023-10-06T18:46:22Z) - Private Set Generation with Discriminative Information [63.851085173614]
Differentially private data generation is a promising solution to the data privacy challenge.
Existing private generative models are struggling with the utility of synthetic samples.
We introduce a simple yet effective method that greatly improves the sample utility of state-of-the-art approaches.
arXiv Detail & Related papers (2022-11-07T10:02:55Z) - Differentially Private Generative Adversarial Networks with Model
Inversion [6.651002556438805]
To protect sensitive data in training a Generative Adversarial Network (GAN), the standard approach is to use differentially private (DP) gradient descent method.
We propose Differentially Private Model Inversion (DPMI) method where the private data is first mapped to the latent space via a public generator.
Our approach outperforms the standard DP-GAN method based on Inception Score, Fr'echet Inception Distance, and classification accuracy under the same privacy guarantee.
arXiv Detail & Related papers (2022-01-10T02:26:26Z) - Don't Generate Me: Training Differentially Private Generative Models
with Sinkhorn Divergence [73.14373832423156]
We propose DP-Sinkhorn, a novel optimal transport-based generative method for learning data distributions from private data with differential privacy.
Unlike existing approaches for training differentially private generative models, we do not rely on adversarial objectives.
arXiv Detail & Related papers (2021-11-01T18:10:21Z) - imdpGAN: Generating Private and Specific Data with Generative
Adversarial Networks [19.377726080729293]
imdpGAN is an end-to-end framework that simultaneously achieves privacy protection and learns latent representations.
We show that imdpGAN preserves the privacy of the individual data point, and learns latent codes to control the specificity of the generated samples.
arXiv Detail & Related papers (2020-09-29T08:03:32Z) - RDP-GAN: A R\'enyi-Differential Privacy based Generative Adversarial
Network [75.81653258081435]
Generative adversarial network (GAN) has attracted increasing attention recently owing to its impressive ability to generate realistic samples with high privacy protection.
However, when GANs are applied on sensitive or private training examples, such as medical or financial records, it is still probable to divulge individuals' sensitive and private information.
We propose a R'enyi-differentially private-GAN (RDP-GAN), which achieves differential privacy (DP) in a GAN by carefully adding random noises on the value of the loss function during training.
arXiv Detail & Related papers (2020-07-04T09:51:02Z) - DP-CGAN: Differentially Private Synthetic Data and Label Generation [18.485995499841]
We introduce a Differentially Private Conditional GAN (DP-CGAN) training framework based on a new clipping and perturbation strategy.
We show that DP-CGAN can generate visually and empirically promising results on the MNIST dataset with a single-digit epsilon parameter in differential privacy.
arXiv Detail & Related papers (2020-01-27T11:26:58Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.