AI Model Disgorgement: Methods and Choices

• URL: http://arxiv.org/abs/2304.03545v1
• Date: Fri, 7 Apr 2023 08:50:18 GMT
• Title: AI Model Disgorgement: Methods and Choices
• Authors: Alessandro Achille, Michael Kearns, Carson Klingenberg, Stefano Soatto
• Abstract summary: We introduce a taxonomy of possible disgorgement methods that are applicable to modern machine learning systems. We investigate the meaning of "removing the effects" of data in the trained model in a way that does not require retraining from scratch.
• Score: 127.54319351058167
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Responsible use of data is an indispensable part of any machine learning (ML) implementation. ML developers must carefully collect and curate their datasets, and document their provenance. They must also make sure to respect intellectual property rights, preserve individual privacy, and use data in an ethical way. Over the past few years, ML models have significantly increased in size and complexity. These models require a very large amount of data and compute capacity to train, to the extent that any defects in the training corpus cannot be trivially remedied by retraining the model from scratch. Despite sophisticated controls on training data and a significant amount of effort dedicated to ensuring that training corpora are properly composed, the sheer volume of data required for the models makes it challenging to manually inspect each datum comprising a training corpus. One potential fix for training corpus data defects is model disgorgement -- the elimination of not just the improperly used data, but also the effects of improperly used data on any component of an ML model. Model disgorgement techniques can be used to address a wide range of issues, such as reducing bias or toxicity, increasing fidelity, and ensuring responsible usage of intellectual property. In this paper, we introduce a taxonomy of possible disgorgement methods that are applicable to modern ML systems. In particular, we investigate the meaning of "removing the effects" of data in the trained model in a way that does not require retraining from scratch.

Related papers

• The Frontier of Data Erasure: Machine Unlearning for Large Language Models [56.26002631481726]
  Large Language Models (LLMs) are foundational to AI advancements. LLMs pose risks by potentially memorizing and disseminating sensitive, biased, or copyrighted information. Machine unlearning emerges as a cutting-edge solution to mitigate these concerns.
  arXiv  Detail & Related papers  (2024-03-23T09:26:15Z)
• Learn to Unlearn for Deep Neural Networks: Minimizing Unlearning Interference with Gradient Projection [56.292071534857946]
  Recent data-privacy laws have sparked interest in machine unlearning. Challenge is to discard information about the forget'' data without altering knowledge about remaining dataset. We adopt a projected-gradient based learning method, named as Projected-Gradient Unlearning (PGU) We provide empirically evidence to demonstrate that our unlearning method can produce models that behave similar to models retrained from scratch across various metrics even when the training dataset is no longer accessible.
  arXiv  Detail & Related papers  (2023-12-07T07:17:24Z)
• Deep Regression Unlearning [6.884272840652062]
  We introduce deep regression unlearning methods that generalize well and are robust to privacy attacks. We conduct regression unlearning experiments for computer vision, natural language processing and forecasting applications.
  arXiv  Detail & Related papers  (2022-10-15T05:00:20Z)
• Machine Unlearning Method Based On Projection Residual [23.24026891609028]
  This paper adopts the projection residual method based on Newton method. The main purpose is to implement machine unlearning tasks in the context of linear regression models and neural network models. Experiments show that this method is more thorough in deleting data, which is close to model retraining.
  arXiv  Detail & Related papers  (2022-09-30T07:29:55Z)
• Zero-Shot Machine Unlearning [6.884272840652062]
  Modern privacy regulations grant citizens the right to be forgotten by products, services and companies. No data related to the training process or training samples may be accessible for the unlearning purpose. We propose two novel solutions for zero-shot machine unlearning based on (a) error minimizing-maximizing noise and (b) gated knowledge transfer.
  arXiv  Detail & Related papers  (2022-01-14T19:16:09Z)
• Machine Unlearning of Features and Labels [72.81914952849334]
  We propose first scenarios for unlearning and labels in machine learning models. Our approach builds on the concept of influence functions and realizes unlearning through closed-form updates of model parameters.
  arXiv  Detail & Related papers  (2021-08-26T04:42:24Z)
• SSSE: Efficiently Erasing Samples from Trained Machine Learning Models [103.43466657962242]
  We propose an efficient and effective algorithm, SSSE, for samples erasure. In certain cases SSSE can erase samples almost as well as the optimal, yet impractical, gold standard of training a new model from scratch with only the permitted data.
  arXiv  Detail & Related papers  (2021-07-08T14:17:24Z)
• Certifiable Machine Unlearning for Linear Models [1.484852576248587]
  Machine unlearning is the task of updating machine learning (ML) models after a subset of the training data they were trained on is deleted. We present an experimental study of the three state-of-the-art approximate unlearning methods for linear models.
  arXiv  Detail & Related papers  (2021-06-29T05:05:58Z)
• Approximate Data Deletion from Machine Learning Models [31.689174311625084]
  Deleting data from a trained machine learning (ML) model is a critical task in many applications. We propose a new approximate deletion method for linear and logistic models. We also develop a new feature-injection test to evaluate the thoroughness of data deletion from ML models.
  arXiv  Detail & Related papers  (2020-02-24T05:12:03Z)
• Certified Data Removal from Machine Learning Models [79.91502073022602]
  Good data stewardship requires removal of data at the request of the data's owner. This raises the question if and how a trained machine-learning model, which implicitly stores information about its training data, should be affected by such a removal request. We study this problem by defining certified removal: a very strong theoretical guarantee that a model from which data is removed cannot be distinguished from a model that never observed the data to begin with.
  arXiv  Detail & Related papers  (2019-11-08T03:57:41Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.