Abstract
With advances of deep learning models, Artificial Intelligence (AI) has been applied into various fields to aid human. Some domains where sensitive data with privacy concerns are pivotal, for example medical care, are no exception. Dealing with that, a private learning framework satisfying differential privacy - a gold standard to protect privacy, namely Private Aggregation of Teacher Ensembles (PATE) has gained popularity. However, this framework needs to train a large number of models in disjoint private training datasets, thereby in plethora of cases, it can not be leveraged. In this paper, we propose pPATE - a pragmatical framework that is based on PATE but it uses a sparse vector technique to achieve differential privacy and demonstrate that with small manual efforts of human (expert) in the development loop, our solution can train privacy-preserving models that have approximate accuracy as ground-truth models. Moreover, we extend PATE framework pragmatically in a distributed setting so that it not only aggregates privately but also secures confidentiality and privacy when multi-parties collaborate.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ha, T., Dang, T.K., Le, H., Truong, T.A.: Security and privacy issues in deep learning: a brief review. SN Comput. Sci. 1(5), 1–15 (2020). https://doi.org/10.1007/s42979-020-00254-4
Dang, T.K., Truong, P.T.T., Tran, P.T.: Data poisoning attack on deep neural network and some defense methods. In: International Conference on Advanced Computing and Applications (ACOMP), vol. 2020, pp. 15–22 (2020). https://doi.org/10.1109/ACOMP50827.2020.00010
Council of European Union, Council regulation (EU) no 269/2014 (2014). http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1416170084502 &uri=CELEX:32014R026
Ha, T., Dang, T.K., Dang, T.T., Truong, T.A., Nguyen, M.T.: Differential privacy in deep learning: an overview. In: International Conference on Advanced Computing and Applications (ACOMP), vol. 2019, pp. 97–102 (2019). https://doi.org/10.1109/ACOMP.2019.00022
Abadi, M., et al.: "Deep learning with differential privacy. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (ACM CCS), pp. 308–318 (2016)
Papernot, N., Abadi, M., Erlingsson, Ú., Goodfellow, I., Talwar, K.: Semi- supervised knowledge transfer for deep learning from private training data, Oct 2016
Hinton, G., Vinyals, O., Dean, J.: Distilling the knowledge in a neural network (2015)
Choquette-Choo, C.A.: Capc learning: Confidential and private collaborative learning (2021)
Kairouz, P., et al.: Advances and open problems in federated learning. Foundations and Trends®. Mach. Learn. 14(1-2), 1–210 (2021)
Dwork, C., Roth, A.: The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science (2014)
Papernot, N., Song, S., Mironov, I., Raghunathan, A., Talwar, K., Erlingsson, Ú.:Scalable private learning with pate (2018)
Nissim, K., Raskhodnikova, S., Smith, A.: Smooth sensitivity and sampling in private data analysis. In: Proceedings of the Thirty-Ninth Annual ACM Symposium on Theory of Computing, STOC 2007, 75–84. Association for Computing Machinery, New York (2007)
Monarch, R.: Munro. Active learning and annotation for human-centered AI. Simon and Schuster, Human-in-the-Loop Machine Learning (2021)
Bassily, R., Thakkar, O., Thakurta, A.G.: Model-agnostic private learning. In: Neural Information Processing Systems (NeurIPS 2018), pp. 7102–7112 (2018b)
Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (2015)
Wang, L., et al.: Enhance pate on complex tasks with knowledge transferred from non-private data. IEEE Access 7, 50081–50094 (2019)
Malek, M., et al.: Antipodes of label differential privacy: PATE and ALIBI. arXiv preprint arXiv:2106.03408 (2021)
Yao, A.C.-C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science (sfcs 1986). IEEE (1986)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Tran-Truong, P.T., Dang, T.K. (2022). pPATE: A Pragmatic Private Aggregation of Teacher Ensembles Framework by Sparse Vector Technique Based Differential Privacy, Paillier Cryptosystem and Human-in-the-loop. In: Dang, T.K., Küng, J., Chung, T.M. (eds) Future Data and Security Engineering. Big Data, Security and Privacy, Smart City and Industry 4.0 Applications. FDSE 2022. Communications in Computer and Information Science, vol 1688. Springer, Singapore. https://doi.org/10.1007/978-981-19-8069-5_22
Download citation
DOI: https://doi.org/10.1007/978-981-19-8069-5_22
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-8068-8
Online ISBN: 978-981-19-8069-5
eBook Packages: Computer ScienceComputer Science (R0)