Semantic Scholar Open Access 2023 30 sitasi

Unleashing the Power of Randomization in Auditing Differentially Private ML

Krishna Pillutla Galen Andrew P. Kairouz H. B. McMahan Alina Oprea +1 lainnya

Lihat Sumber DOI

Abstrak

We present a rigorous methodology for auditing differentially private machine learning algorithms by adding multiple carefully designed examples called canaries. We take a first principles approach based on three key components. First, we introduce Lifted Differential Privacy (LiDP) that expands the definition of differential privacy to handle randomized datasets. This gives us the freedom to design randomized canaries. Second, we audit LiDP by trying to distinguish between the model trained with $K$ canaries versus $K - 1$ canaries in the dataset, leaving one canary out. By drawing the canaries i.i.d., LiDP can leverage the symmetry in the design and reuse each privately trained model to run multiple statistical tests, one for each canary. Third, we introduce novel confidence intervals that take advantage of the multiple test statistics by adapting to the empirical higher-order correlations. Together, this new recipe demonstrates significant improvements in sample complexity, both theoretically and empirically, using synthetic and real data. Further, recent advances in designing stronger canaries can be readily incorporated into the new framework.

Topik & Kata Kunci

Computer Science Mathematics

Penulis (6)

Krishna Pillutla

Galen Andrew

P. Kairouz

H. B. McMahan

Alina Oprea

Sewoong Oh

Format Sitasi

APA MLA BibTeX

Pillutla, K., Andrew, G., Kairouz, P., McMahan, H.B., Oprea, A., Oh, S. (2023). Unleashing the Power of Randomization in Auditing Differentially Private ML. https://doi.org/10.48550/arXiv.2305.18447

Akses Cepat

Lihat di Sumber doi.org/10.48550/arXiv.2305.18447

Informasi Jurnal

Tahun Terbit: 2023
Bahasa: en
Total Sitasi: 30×
Sumber Database: Semantic Scholar
DOI: 10.48550/arXiv.2305.18447
Akses: Open Access ✓