In this paper, we focus on preserving differential privacy (DP) in continual learning (CL), in which we train ML models to learn a sequence of new tasks while memorizing previous tasks. We first introduce a notion of continual adjacent databases to bound the sensitivity of any data record participating in the training process of CL. Based upon that, we develop a new DP-preserving algorithm for CL with a data sampling strategy to quantify the privacy risk of training data in the well-known Averaged Gradient Episodic Memory (A-GEM) approach by applying a moments accountant. Our algorithm provides formal guarantees of privacy for data records across tasks in CL. Preliminary theoretical analysis and evaluations show that our mechanism tightens the privacy loss while maintaining a promising model utility.
翻译:在本文中,我们侧重于在持续学习中保留不同的隐私(DP),在持续学习中,我们培训ML模型,学习一系列新任务,同时记住以前的任务。我们首先引入了连续相邻数据库的概念,以约束参与CL培训过程的任何数据记录的敏感性。在此基础上,我们为CL开发了一个新的DP-保存算法,配有数据抽样战略,以通过应用一个时钟会计来量化在众所周知的中等渐进记忆(A-GEM)方法中培训数据的隐私风险。我们的算法为CL各任务的数据记录提供了正式的隐私保障。初步理论分析和评估表明,我们的机制在保持一个充满希望的模型效用的同时,强化了隐私损失。
相关内容
Source: Apple - iOS 8
微信扫码咨询专知VIP会员