A Survey on Differentially Private Machine Learning [Review Article]

Gong, Maoguo; Xie, Yu; Pan, Ke; Feng, Kaiyuan; Qin, A. K.

doi:10.1109/mci.2020.2976185

Cited by 93 publications

(37 citation statements)

References 68 publications

(72 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…, when λ is the noise parameter [21]. This mechanism mainly consists of two steps: perturbation statistics and correction [7,14].…”

Section: B Differential Privacy (Dp)mentioning

confidence: 99%

“…More recently, due to the appetency to provide a privacy guarantee [7], DP naturally becomes a preferred tool for data privacy protection in the training process of Machine Learning (ML) models [8][9][10]. DP can provide privacy protection for the classic dimension reduction model, i.e., Matrix Factorization (MF) [11,12] and the application fields have been extended to recommender systems and social networks [13,14].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Multiple Strategies Differential Privacy on Sparse Tensor Factorization for Network Traffic Analysis in 5G

Wang

Han

et al. 2022

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Due to high capacity and fast transmission speed, 5G plays a key role in modern electronic infrastructure. Meanwhile, Sparse Tensor Factorization (STF) is a useful tool for dimension reduction to analyze High-Order, High-Dimension, and Sparse Tensor (HOHDST) data which is transmitted on 5G Internetof-things (IoT). Hence, HOHDST data relies on STF to obtain complete data and discover rules for real-time and accurate analysis. From another view of computation and data security, the current STF solution seeks to improve the computational efficiency but neglects privacy security of the IoT data, e.g., data analysis for network traffic monitor system. To overcome these problems, this paper proposes a Multiple-strategies Differential Privacy framework on STF (MDPSTF) for HOHDST network traffic data analysis. MDPSTF comprises three Differential Privacy (DP) mechanisms, i.e., ε− DP, Concentrated DP (CDP), and Local DP (LDP). Furthermore, the theoretical proof of privacy bound is presented. Hence, MDPSTF can provide general data protection for HOHDST network traffic data with high-security promise. We conduct experiments on two real network traffic datasets (Abilene and G ÈAN T ). The experimental results show that MDPSTF has high universality on the various degrees of privacy protection demands and high recovery accuracy for the HOHDST network traffic data.

show abstract

“…, when λ is the noise parameter [21]. This mechanism mainly consists of two steps: perturbation statistics and correction [7,14].…”

Section: B Differential Privacy (Dp)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Multiple Strategies Differential Privacy on Sparse Tensor Factorization for Network Traffic Analysis in 5G

Wang

Han

et al. 2022

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

show abstract

“…Serban et al elaborated on adversarial examples, including their construction, defense strategies, and transfer capabilities [26]. As differential privacy is one of the most effective measure for mitigating privacy breaches, Gong et al published a comprehensive review on differentially-private machine learning [27]. A number of surveys have also been conducted on DDMs, particularly CNNs and RNNs, see e.g., [28], [29], [30], [31], [32].…”

Section: Introductionmentioning

confidence: 99%

Adversarial Attacks Against Deep Generative Models on Data: A Survey

Sun

Zhu

Zhang

et al. 2023

IEEE Trans. Knowl. Data Eng.

View full text Add to dashboard Cite

Deep generative models have gained much attention given their ability to generate data for applications as varied as healthcare to financial technology to surveillance, and many more -the most popular models being generative adversarial networks (GANs) and variational auto-encoders (VAEs). Yet, as with all machine learning models, ever is the concern over security breaches and privacy leaks and deep generative models are no exception. In fact, these models have advanced so rapidly in recent years that work on their security is still in its infancy. In an attempt to audit the current and future threats against these models, and to provide a roadmap for defense preparations in the short term, we prepared this comprehensive and specialized survey on the security and privacy preservation of GANs and VAEs. Our focus is on the inner connection between attacks and model architectures and, more specifically, on five components of deep generative models: the training data, the latent code, the generators/decoders of GANs/VAEs, the discriminators/encoders of GANs/VAEs, and the generated data. For each model, component and attack, we review the current research progress and identify the key challenges. The paper concludes with a discussion of possible future attacks and research directions in the field.

show abstract

“…In order to improve the communication efficiency of FL-DP, Sonne and Rin [10] study FL over MAC with DP (FL-MAC-DP). However, the traditional DP have some limitations [29] in calculating the cumulative privacy loss. Then Rényi differential privacy (RDP) is proposed in [30], as a natural relaxing of traditional DP, it is suitable to express the privacy protection algorithm and the composition of heterogeneous mechanism.…”

Section: Introductionmentioning

confidence: 99%

FL-MAC-RDP: Federated Learning over Multiple Access Channels with Rényi Differential Privacy

Ahmed

et al. 2021

Int J Theor Phys

View full text Add to dashboard Cite

Federated Learning (FL) is a promising paradigm, where the local users collaboratively learn models by repeatedly sharing information while the data is kept distributing on these users. FL has been considered in multiple access channels (FL-MAC), which is a hot issue. Even though FL-MAC has many advantages, it is still possible to leak privacy to a third party during the whole training process. To avoid privacy leakage, we propose to add Rényi differential privacy (RDP) into FL-MAC. At the same time, to maximize the convergent rate of users under the constraints of transmission rate and privacy, the quantization stochastic gradient descent (QSGD) is performed by users. We also illustrate our results on MNIST, and the illustration demonstrate that our scheme can improve the model accuracy with a little loss of communication efficiency.

show abstract

A Survey on Differentially Private Machine Learning [Review Article]

Cited by 93 publications

References 68 publications

Multiple Strategies Differential Privacy on Sparse Tensor Factorization for Network Traffic Analysis in 5G

Multiple Strategies Differential Privacy on Sparse Tensor Factorization for Network Traffic Analysis in 5G

Adversarial Attacks Against Deep Generative Models on Data: A Survey

FL-MAC-RDP: Federated Learning over Multiple Access Channels with Rényi Differential Privacy

Contact Info

Product

Resources

About