Differentially Private Learning Needs Hidden State (Or Much Faster Convergence)
Nov 28, 2022
Speakers
Jiayuan Ye
Speaker · 0 followers
Reza Shokri
Speaker · 0 followers
About
Differential privacy analysis of randomized learning algorithms typically relies on composition theorems, where the implicit assumption is that the internal state of the iterative algorithm is revealed to the adversary. However, by assuming that the internal state of the algorithm is not revealed, recent works prove a smaller privacy bound for noisy gradient descent (on strongly convex smooth loss functions), compared with composition bounds. In this paper, we significantly improve privacy analysis under the hidden state assumption. We enable taking advantage of privacy amplification by sub-sampling and randomized post-processing, and extend the analysis to “shuffle and partition” and “sample without replacement” stochastic minibatch gradient descent schemes. We prove that, in these settings, our privacy bound is substantially smaller than the composition bounds, notably after many epochs of training (required for learning from high-dimensional data). So, unless the DP algorithm converges fast, our privacy analysis shows that differentially private learning benefits from hidden state privacy analysis. We also empirically show that, given a fixed privacy budget, our analysis enables DP training of image classification models with a better prediction accuracy, compared with prior work.Differential privacy analysis of randomized learning algorithms typically relies on composition theorems, where the implicit assumption is that the internal state of the iterative algorithm is revealed to the adversary. However, by assuming that the internal state of the algorithm is not revealed, recent works prove a smaller privacy bound for noisy gradient descent (on strongly convex smooth loss functions), compared with composition bounds. In this paper, we significantly improve privacy analy…
Organizer
NeurIPS 2022
Account · 962 followers
Like the format? Trust SlidesLive to capture your next event!
Professional recording and live streaming, delivered globally.
Sharing
Recommended Videos
Presentations on similar topic, category or speaker
Benign Overfitting in Two-layer Convolutional Neural Networks
Watch later
Yuan Cao, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Non-monotonic Resource Utilization in the Bandits with Knapsacks Problem
Watch later
Raunak Kumar, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
BinauralGrad: A Two-Stage Conditional Diffusion Probabilistic Model for Binaural Audio Synthesis
Watch later
Yichong Leng, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
A Continuous Time Framework for Discrete Denoising Models
Watch later
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
Closing Remarks
Watch later
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%
ZeroQuant: Efficient and Affordable Post-Training Quantization for Large-Scale Transformers
Watch later
Zhewei Yao, …
Total of 0 viewers voted for saving the presentation to eternal vault which is 0.0%