We demonstrate that differentially private machine learning has not yet reached its "AlexNet moment" on many canonical vision tasks: linear models trained on handcrafted features significantly outperform end-to-end deep neural networks for moderate privacy budgets. To exceed the performance of handcrafted features, we show that private learning requires either much more private data, or access to features learned on public data from a similar domain. Our work introduces simple yet strong baselines for differentially private learning that can inform the evaluation of future progress in this area.
翻译:我们证明,在很多明目张胆的视觉任务上,有区别的私人机器学习还没有达到“亚历克斯网”的“瞬间 ” : 在手工艺特征方面受过培训的线性模型大大超过中度隐私预算的端到端深神经网络。 超出手工艺特征的性能,我们表明私人学习需要更多私人数据,或者需要获得从类似领域获得的公共数据特征。 我们的工作为差异性私人学习引入简单而有力的基线,为评估该领域未来进展提供信息。
相关内容
微信扫码咨询专知VIP会员