A Survey on Differential Privacy with Machine Learning and Future Outlook

TL;DR

This survey reviews differential privacy techniques in machine learning, categorizing algorithms for traditional and deep learning models, and discusses future research directions to enhance data privacy.

Contribution

It provides a comprehensive categorization of differentially private machine learning algorithms and outlines future research directions in the field.

Findings

Differential privacy is effective in protecting data in machine learning.

Algorithms are categorized into traditional and deep learning models.

Future research directions include improving utility and scalability.

Abstract

Nowadays, machine learning models and applications have become increasingly pervasive. With this rapid increase in the development and employment of machine learning models, a concern regarding privacy has risen. Thus, there is a legitimate need to protect the data from leaking and from any attacks. One of the strongest and most prevalent privacy models that can be used to protect machine learning models from any attacks and vulnerabilities is differential privacy (DP). DP is strict and rigid definition of privacy, where it can guarantee that an adversary is not capable to reliably predict if a specific participant is included in the dataset or not. It works by injecting a noise to the data whether to the inputs, the outputs, the ground truth labels, the objective functions, or even to the gradients to alleviate the privacy issue and protect the data. To this end, this survey paper presents different differentially private machine learning algorithms categorized into two main categories (traditional machine learning models vs. deep learning models). Moreover, future research directions for differential privacy with machine learning algorithms are outlined.