research-article

Differentially Private Learning of Distributed Deep Models

Authors:

Michael Rossbory,

Bernhard A. Moser,

Bernhard FreudenthalerAuthors Info & Claims

UMAP '20 Adjunct: Adjunct Publication of the 28th ACM Conference on User Modeling, Adaptation and Personalization

Pages 193 - 200

https://doi.org/10.1145/3386392.3399562

Published: 13 July 2020 Publication History

Abstract

This study presents an optimal differential privacy framework for learning of distributed deep models. The deep models, consisting of a nested composition of mappings, are learned analytically in a private setting using variational optimization methodology. An optimal (ε,δ)-differentially private noise adding mechanism is used and the effect of added data noise on the utility is alleviated using a rule-based fuzzy system. The private local data is separated from globally shared data through a privacy-wall and a fuzzy model is used to aggregate robustly the local deep fuzzy models for building the global model.

References

[1]

Martin Abadi, Andy Chu, Ian Goodfellow, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang. 2016. Deep Learning with Differential Privacy. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria) (CCS '16). ACM, New York, NY, USA, 308--318. https://doi.org/10.1145/2976749.2978318

Digital Library

[2]

Naman Agarwal, Ananda Theertha Suresh, Felix Xinnan X Yu, Sanjiv Kumar, and Brendan McMahan. 2018. cpSGD: Communication-efficient and differentially-private distributed SGD. In Advances in Neural Information Processing Systems 31, S. Bengio, H. Wallach, H. Larochelle, K. Grauman, N. Cesa-Bianchi, and R. Garnett (Eds.). Curran Associates, Inc., 7575--7586.

[3]

Borja Balle and Yu-Xiang Wang. 2018. Improving the Gaussian Mechanism for Differential Privacy: Analytical Calibration and Optimal Denoising. CoRR, Vol. abs/1805.06530 (2018).

[4]

Cynthia Dwork, Krishnaram Kenthapadi, Frank McSherry, Ilya Mironov, and Moni Naor. 2006. Our Data, Ourselves: Privacy Via Distributed Noise Generation. In Advances in Cryptology - EUROCRYPT 2006, Serge Vaudenay (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 486--503.

Digital Library

[5]

Cynthia Dwork and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science, Vol. 9, 3--4 (2014), 211--407. https://doi.org/10.1561/0400000042

Digital Library

[6]

Matt Fredrikson, Somesh Jha, and Thomas Ristenpart. 2015. Model Inversion Attacks That Exploit Confidence Information and Basic Countermeasures. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security (Denver, Colorado, USA) (CCS '15). ACM, New York, NY, USA, 1322--1333. https://doi.org/10.1145/2810103.2813677

Digital Library

[7]

Quan Geng, Wei Ding, Ruiqi Guo, and Sanjiv Kumar. 2018. Optimal Noise-Adding Mechanism in Additive Differential Privacy. CoRR, Vol. abs/1809.10224 (2018).

[8]

Q. Geng, P. Kairouz, S. Oh, and P. Viswanath. 2015. The Staircase Mechanism in Differential Privacy. IEEE Journal of Selected Topics in Signal Processing, Vol. 9, 7 (Oct 2015), 1176--1184. https://doi.org/10.1109/JSTSP.2015.2425831

[9]

Q. Geng and P. Viswanath. 2016a. The Optimal Noise-Adding Mechanism in Differential Privacy. IEEE Transactions on Information Theory, Vol. 62, 2 (Feb 2016), 925--951. https://doi.org/10.1109/TIT.2015.2504967

[10]

Q. Geng and P. Viswanath. 2016b. Optimal Noise Adding Mechanisms for Approximate Differential Privacy. IEEE Transactions on Information Theory, Vol. 62, 2 (Feb 2016), 952--969. https://doi.org/10.1109/TIT.2015.2504972

[11]

A. Ghosh, T. Roughgarden, and M. Sundararajan. 2012. Universally Utility-maximizing Privacy Mechanisms. SIAM J. Comput., Vol. 41, 6 (2012), 1673--1693. https://doi.org/10.1137/09076828X

Digital Library

[12]

Mangesh Gupte and Mukund Sundararajan. 2010. Universally Optimal Privacy Mechanisms for Minimax Agents. In Proceedings of the Twenty-ninth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (Indianapolis, Indiana, USA) (PODS '10). ACM, New York, NY, USA, 135--146. https://doi.org/10.1145/1807085.1807105

Digital Library

[13]

J. He and L. Cai. 2017. Differential private noise adding mechanism: Basic conditions and its application. In 2017 American Control Conference (ACC). 1673--1678. https://doi.org/10.23919/ACC.2017.7963193

[14]

M. Kumar and B. Freudenthaler. 2019. Fuzzy Membership Functional Analysis for Nonparametric Deep Models of Image Features. IEEE Transactions on Fuzzy Systems (2019), 1--1. https://doi.org/10.1109/TFUZZ.2019.2950636

[15]

Mohit Kumar, Michael Rossbory, Bernhard A. Moser, and Bernhard Freudenthaler. 2019. Deriving An Optimal Noise Adding Mechanism for Privacy-Preserving Machine Learning. In Proceedings of the 3rd International Workshop on Cyber-Security and Functional Safety in Cyber-Physical (IWCFS 2019), August 26--29, 2019, Linz, Austria, Gabriele Anderst-Kotsis, A Min Tjoa, Ismail Khalil, Mourad Elloumi, Atif Mashkoor, Johannes Sametinger, Xabier Larrucea, Anna Fensel, Jorge Martinez-Gil, Bernhard Moser, Christin Seifert, Benno Stein, and Michael Granitzer (Eds.). Springer International Publishing, Cham, 108--118.

[16]

NhatHai Phan, Yue Wang, Xintao Wu, and Dejing Dou. 2016. Differential Privacy Preservation for Deep Auto-encoders: An Application of Human Behavior Prediction. In Proceedings of the Thirtieth AAAI Conference on Artificial Intelligence (Phoenix, Arizona) (AAAI'16). AAAI Press, 1309--1316. http://dl.acm.org/citation.cfm?id=3015812.3016005

[17]

Reza Shokri and Vitaly Shmatikov. 2015. Privacy-Preserving Deep Learning. In Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security (Denver, Colorado, USA) (CCS '15). ACM, New York, NY, USA, 1310--1321. https://doi.org/10.1145/2810103.2813687

Digital Library

Cited By

Kumar MZhang WFischer LFreudenthaler B(2023)Membership Mappings for Practical Secure Distributed Deep LearningIEEE Transactions on Fuzzy Systems10.1109/TFUZZ.2023.323544031:8(2617-2631)Online publication date: 1-Aug-2023
https://dl.acm.org/doi/10.1109/TFUZZ.2023.3235440
Kumar M(2022)Differentially private transferrable deep learning with membership-mappingsAdvances in Computational Intelligence10.1007/s43674-022-00049-53:1Online publication date: 15-Dec-2022
https://doi.org/10.1007/s43674-022-00049-5
Kumar MMoser BFischer LFreudenthaler B(2022)Towards Practical Secure Privacy-Preserving Machine (Deep) Learning with Distributed DataDatabase and Expert Systems Applications - DEXA 2022 Workshops10.1007/978-3-031-14343-4_6(55-66)Online publication date: 15-Aug-2022
https://doi.org/10.1007/978-3-031-14343-4_6
Show More Cited By

Index Terms

Differentially Private Learning of Distributed Deep Models

Recommendations

A differentially private algorithm for location data release

The rise of mobile technologies in recent years has led to large volumes of location information, which are valuable resources for knowledge discovery such as travel patterns mining and traffic analysis. However, location dataset has been confronted ...
Evaluating differentially private decision tree model over model inversion attack
Abstract
Machine learning techniques have been widely used and shown remarkable performance in various fields. Along with the widespread utilization of machine learning, concerns about privacy violations have been raised. Recently, as privacy invasion ...
Differentially Private Distributed Optimization
ICDCN '15: Proceedings of the 16th International Conference on Distributed Computing and Networking

In distributed optimization and iterative consensus literature, a standard problem is for N agents to minimize a function f over a subset of Euclidean space, where the cost function is expressed as a sum Σ fi. In this paper, we study the private ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

UMAP '20 Adjunct: Adjunct Publication of the 28th ACM Conference on User Modeling, Adaptation and Personalization

July 2020

395 pages

ISBN:9781450379502

DOI:10.1145/3386392

Editors:
Tsvi Kuflik
University of Haifa, Israel
,
Ilaria Torre
University of Genoa, Italy
,
Robin Burke
University of Colorado, Boulder, USA
,
Cristina Gena
University of Turin, Italy

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 July 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

EU Horizon 2020
Austrian Research Promotion Agency (FFG)

Conference

UMAP '20

Sponsor:

UMAP '20: 28th ACM Conference on User Modeling, Adaptation and Personalization

July 14 - 17, 2020

Genoa, Italy

Acceptance Rates

Overall Acceptance Rate 162 of 633 submissions, 26%

Upcoming Conference

UMAP '25

Sponsor:
sigchi
sigchi

33rd ACM Conference on User Modeling, Adaptation and Personalization

June 16 - 19, 2025

New York City , NY , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
126
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kumar MZhang WFischer LFreudenthaler B(2023)Membership Mappings for Practical Secure Distributed Deep LearningIEEE Transactions on Fuzzy Systems10.1109/TFUZZ.2023.323544031:8(2617-2631)Online publication date: 1-Aug-2023
https://dl.acm.org/doi/10.1109/TFUZZ.2023.3235440
Kumar M(2022)Differentially private transferrable deep learning with membership-mappingsAdvances in Computational Intelligence10.1007/s43674-022-00049-53:1Online publication date: 15-Dec-2022
https://doi.org/10.1007/s43674-022-00049-5
Kumar MMoser BFischer LFreudenthaler B(2022)Towards Practical Secure Privacy-Preserving Machine (Deep) Learning with Distributed DataDatabase and Expert Systems Applications - DEXA 2022 Workshops10.1007/978-3-031-14343-4_6(55-66)Online publication date: 15-Aug-2022
https://doi.org/10.1007/978-3-031-14343-4_6
Banton MBowles JSilvina AWebber T(2021)On the Benefits and Security Risks of a User-Centric Data Sharing Platform for Healthcare ProvisionAdjunct Proceedings of the 29th ACM Conference on User Modeling, Adaptation and Personalization10.1145/3450614.3464473(351-356)Online publication date: 21-Jun-2021
https://doi.org/10.1145/3450614.3464473
Kumar MZhang WWeippert MFreudenthaler B(2021)An Explainable Fuzzy Theoretic Nonparametric Deep Model for Stress Assessment Using Heartbeat Intervals AnalysisIEEE Transactions on Fuzzy Systems10.1109/TFUZZ.2020.302928429:12(3873-3886)Online publication date: 29-Nov-2021
https://dl.acm.org/doi/10.1109/TFUZZ.2020.3029284
Zellinger WWieser VKumar MBrunner DShepeleva NGálvez RLanger JFischer LMoser B(2021)Beyond federated learning: On confidentiality-critical machine learning applications in industryProcedia Computer Science10.1016/j.procs.2021.01.296180(734-743)Online publication date: 2021
https://doi.org/10.1016/j.procs.2021.01.296
Kumar MMoser BFischer LFreudenthaler B(2021)Membership-Mappings for Data Representation Learning: A Bregman Divergence Based Conditionally Deep AutoencoderDatabase and Expert Systems Applications - DEXA 2021 Workshops10.1007/978-3-030-87101-7_14(138-147)Online publication date: 20-Sep-2021
https://doi.org/10.1007/978-3-030-87101-7_14
Fischer LEhrlinger LGeist VRamler RSobiezky FZellinger WBrunner DKumar MMoser B(2020)AI System Engineering—Key Challenges and Lessons LearnedMachine Learning and Knowledge Extraction10.3390/make30100043:1(56-83)Online publication date: 31-Dec-2020
https://doi.org/10.3390/make3010004

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten