PATE-TripleGAN: Privacy-Preserving Image Synthesis with Gaussian Differential Privacy

• URL: http://arxiv.org/abs/2404.12730v1
• Date: Fri, 19 Apr 2024 09:22:20 GMT
• Title: PATE-TripleGAN: Privacy-Preserving Image Synthesis with Gaussian Differential Privacy
• Authors: Zepeng Jiang, Weiwei Ni, Yifan Zhang,
• Abstract summary: We present a privacy-preserving training framework called PATE-TripleGAN. It incorporates a classifier to pre-classify unlabeled data to reduce dependence on labeled data. PATE-TripleGAN can generate a higher quality labeled image dataset while ensuring privacy of the training data.
• Score: 4.586288671392977
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Conditional Generative Adversarial Networks (CGANs) exhibit significant potential in supervised learning model training by virtue of their ability to generate realistic labeled images. However, numerous studies have indicated the privacy leakage risk in CGANs models. The solution DPCGAN, incorporating the differential privacy framework, faces challenges such as heavy reliance on labeled data for model training and potential disruptions to original gradient information due to excessive gradient clipping, making it difficult to ensure model accuracy. To address these challenges, we present a privacy-preserving training framework called PATE-TripleGAN. This framework incorporates a classifier to pre-classify unlabeled data, establishing a three-party min-max game to reduce dependence on labeled data. Furthermore, we present a hybrid gradient desensitization algorithm based on the Private Aggregation of Teacher Ensembles (PATE) framework and Differential Private Stochastic Gradient Descent (DPSGD) method. This algorithm allows the model to retain gradient information more effectively while ensuring privacy protection, thereby enhancing the model's utility. Privacy analysis and extensive experiments affirm that the PATE-TripleGAN model can generate a higher quality labeled image dataset while ensuring the privacy of the training data.

Related papers

• KIPPS: Knowledge infusion in Privacy Preserving Synthetic Data Generation [0.0]
  Generative Deep Learning models struggle to model discrete and non-Gaussian features that have domain constraints. Generative models create synthetic data that repeats sensitive features, which is a privacy risk. This paper proposes a novel model, KIPPS, that infuses Domain and Regulatory Knowledge from Knowledge Graphs into Generative Deep Learning models for enhanced Privacy Preserving Synthetic data generation.
  arXiv  Detail & Related papers  (2024-09-25T19:50:03Z)
• Enhancing the Utility of Privacy-Preserving Cancer Classification using Synthetic Data [5.448470199971472]
  Deep learning holds immense promise for aiding radiologists in breast cancer detection. achieving optimal model performance is hampered by limitations in availability and sharing of data. Traditional deep learning models can inadvertently leak sensitive training information. This work addresses these challenges exploring quantifying the utility of privacy-preserving deep learning techniques.
  arXiv  Detail & Related papers  (2024-07-17T15:52:45Z)
• Sparsity-Preserving Differentially Private Training of Large Embedding Models [67.29926605156788]
  DP-SGD is a training algorithm that combines differential privacy with gradient descent. Applying DP-SGD naively to embedding models can destroy gradient sparsity, leading to reduced training efficiency. We present two new algorithms, DP-FEST and DP-AdaFEST, that preserve gradient sparsity during private training of large embedding models.
  arXiv  Detail & Related papers  (2023-11-14T17:59:51Z)
• Independent Distribution Regularization for Private Graph Embedding [55.24441467292359]
  Graph embeddings are susceptible to attribute inference attacks, which allow attackers to infer private node attributes from the learned graph embeddings. To address these concerns, privacy-preserving graph embedding methods have emerged. We propose a novel approach called Private Variational Graph AutoEncoders (PVGAE) with the aid of independent distribution penalty as a regularization term.
  arXiv  Detail & Related papers  (2023-08-16T13:32:43Z)
• ConfounderGAN: Protecting Image Data Privacy with Causal Confounder [85.6757153033139]
  We propose ConfounderGAN, a generative adversarial network (GAN) that can make personal image data unlearnable to protect the data privacy of its owners. Experiments are conducted in six image classification datasets, consisting of three natural object datasets and three medical datasets.
  arXiv  Detail & Related papers  (2022-12-04T08:49:14Z)
• Privacy-Preserved Neural Graph Similarity Learning [99.78599103903777]
  We propose a novel Privacy-Preserving neural Graph Matching network model, named PPGM, for graph similarity learning. To prevent reconstruction attacks, the proposed model does not communicate node-level representations between devices. To alleviate the attacks to graph properties, the obfuscated features that contain information from both vectors are communicated.
  arXiv  Detail & Related papers  (2022-10-21T04:38:25Z)
• Differentially private federated deep learning for multi-site medical image segmentation [56.30543374146002]
  Collaborative machine learning techniques such as federated learning (FL) enable the training of models on effectively larger datasets without data transfer. Recent initiatives have demonstrated that segmentation models trained with FL can achieve performance similar to locally trained models. However, FL is not a fully privacy-preserving technique and privacy-centred attacks can disclose confidential patient data.
  arXiv  Detail & Related papers  (2021-07-06T12:57:32Z)
• PEARL: Data Synthesis via Private Embeddings and Adversarial Reconstruction Learning [1.8692254863855962]
  We propose a new framework of data using deep generative models in a differentially private manner. Within our framework, sensitive data are sanitized with rigorous privacy guarantees in a one-shot fashion. Our proposal has theoretical guarantees of performance, and empirical evaluations on multiple datasets show that our approach outperforms other methods at reasonable levels of privacy.
  arXiv  Detail & Related papers  (2021-06-08T18:00:01Z)
• DataLens: Scalable Privacy Preserving Training via Gradient Compression and Aggregation [15.63770709526671]
  We propose a scalable privacy-preserving generative model DATALENS. We show that, DATALENS significantly outperforms other baseline DP generative models. We adapt the proposed TOPAGG approach, which is one of the key building blocks in DATALENS, to DP SGD training.
  arXiv  Detail & Related papers  (2021-03-20T06:14:19Z)
• Differentially Private Federated Learning with Laplacian Smoothing [72.85272874099644]
  Federated learning aims to protect data privacy by collaboratively learning a model without sharing private data among users. An adversary may still be able to infer the private training data by attacking the released model. Differential privacy provides a statistical protection against such attacks at the price of significantly degrading the accuracy or utility of the trained models.
  arXiv  Detail & Related papers  (2020-05-01T04:28:38Z)
• DP-CGAN: Differentially Private Synthetic Data and Label Generation [18.485995499841]
  We introduce a Differentially Private Conditional GAN (DP-CGAN) training framework based on a new clipping and perturbation strategy. We show that DP-CGAN can generate visually and empirically promising results on the MNIST dataset with a single-digit epsilon parameter in differential privacy.
  arXiv  Detail & Related papers  (2020-01-27T11:26:58Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.