Differential Privacy Regularization: Protecting Training Data Through   Loss Function Regularization

Francisco Aguilera-Mart\'inez; Fernando Berzal

arXiv:2409.17144·cs.LG·September 26, 2024

Differential Privacy Regularization: Protecting Training Data Through Loss Function Regularization

Francisco Aguilera-Mart\'inez, Fernando Berzal

PDF

Open Access

TL;DR

This paper introduces a new regularization method for neural network training that aims to protect sensitive data by achieving differential privacy more efficiently than existing methods like DP-SGD.

Contribution

A novel regularization strategy is proposed to enhance differential privacy in neural network training without modifying the standard SGD algorithm.

Findings

01

The regularization method effectively protects training data privacy.

02

It offers improved efficiency over DP-SGD.

03

The approach maintains model performance while ensuring privacy.

Abstract

Training machine learning models based on neural networks requires large datasets, which may contain sensitive information. The models, however, should not expose private information from these datasets. Differentially private SGD [DP-SGD] requires the modification of the standard stochastic gradient descent [SGD] algorithm for training new models. In this short paper, a novel regularization strategy is proposed to achieve the same goal in a more efficient manner.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsPrivacy-Preserving Technologies in Data · Adversarial Robustness in Machine Learning

MethodsStochastic Gradient Descent