Ungeneralizable Examples

TL;DR

This paper introduces UnGgeneralizable Examples (UGEs), a method to create data that is learnable for authorized users but unlearnable for unauthorized hackers, enhancing data privacy without sacrificing usability.

Contribution

The paper proposes UGEs, a novel framework that balances data usability for authorized parties with unlearnability for potential attackers, extending unlearnable data concepts.

Findings

UGEs enable authorized learning while resisting hacker attacks.

Experimental results show UGEs maintain data usability and reduce hacker training success.

UGEs are effective across multiple datasets and network architectures.

Abstract

The training of contemporary deep learning models heavily relies on publicly available data, posing a risk of unauthorized access to online data and raising concerns about data privacy. Current approaches to creating unlearnable data involve incorporating small, specially designed noises, but these methods strictly limit data usability, overlooking its potential usage in authorized scenarios. In this paper, we extend the concept of unlearnable data to conditional data learnability and introduce \textbf{U}n\textbf{G}eneralizable \textbf{E}xamples (UGEs). UGEs exhibit learnability for authorized users while maintaining unlearnability for potential hackers. The protector defines the authorized network and optimizes UGEs to match the gradients of the original data and its ungeneralizable version, ensuring learnability. To prevent unauthorized learning, UGEs are trained by maximizing a designated distance loss in a common feature space. Additionally, to further safeguard the authorized side from potential attacks, we introduce additional undistillation optimization. Experimental results on multiple datasets and various networks demonstrate that the proposed UGEs framework preserves data usability while reducing training performance on hacker networks, even under different types of attacks.