Impact of Privacy Parameters on Deep Learning Models for Image Classification

TL;DR

This paper investigates how different privacy parameters affect the accuracy of various deep learning models for image classification on CIFAR-10, highlighting the trade-offs between privacy and performance.

Contribution

It introduces a comprehensive analysis of privacy parameter impacts on multiple deep learning architectures and classifiers in the context of differentially private image classification.

Findings

EfficientNet achieved 59.63% accuracy with specific privacy settings.

Model performance varies significantly with privacy parameter adjustments.

EfficientNet outperformed other models under the tested privacy configurations.

Abstract

The project aims to develop differentially private deep learning models for image classification on CIFAR-10 datasets \cite{cifar10} and analyze the impact of various privacy parameters on model accuracy. We have implemented five different deep learning models, namely ConvNet, ResNet18, EfficientNet, ViT, and DenseNet121 and three supervised classifiers namely K-Nearest Neighbors, Naive Bayes Classifier and Support Vector Machine. We evaluated the performance of these models under varying settings. Our best performing model to date is EfficientNet with test accuracy of $59.63\%$ with the following parameters (Adam optimizer, batch size 256, epoch size 100, epsilon value 5.0, learning rate $1e-3$, clipping threshold 1.0, and noise multiplier 0.912).