The reviewed record of science sign in
Pith

arxiv: 2210.08643 · v2 · pith:BHEZCHFK · submitted 2022-10-16 · cs.LG · cs.CR

A General Framework for Auditing Differentially Private Machine Learning

Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:BHEZCHFKrecord.jsonopen to challenge →

classification cs.LG cs.CR
keywords privacydifferentiallymachineprivateattacksauditingframeworkgeneral
0
0 comments X
read the original abstract

We present a framework to statistically audit the privacy guarantee conferred by a differentially private machine learner in practice. While previous works have taken steps toward evaluating privacy loss through poisoning attacks or membership inference, they have been tailored to specific models or have demonstrated low statistical power. Our work develops a general methodology to empirically evaluate the privacy of differentially private machine learning implementations, combining improved privacy search and verification methods with a toolkit of influence-based poisoning attacks. We demonstrate significantly improved auditing power over previous approaches on a variety of models including logistic regression, Naive Bayes, and random forest. Our method can be used to detect privacy violations due to implementation errors or misuse. When violations are not present, it can aid in understanding the amount of information that can be leaked from a given dataset, algorithm, and privacy specification.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.