0


个体差异学习的样本复杂性界限

Sample Complexity Bounds for Differentially Private Learning
课程网址: http://videolectures.net/colt2011_hsu_learning/  
主讲教师: Daniel Hsu
开课单位: 微软公司
开课时间: 2011-08-02
课程语种: 英语
中文简介:
我们研究隐私保护分类的问题 - 即,从敏感数据中学习分类器,同时仍然保留训练集中个人的隐私。特别是,我们要求我们的学习算法保证差异隐私,这是一种非常强大的隐私概念,在过去几年中引起了人们的极大关注。一个自然要问的问题是:学习算法的样本要求是什么,以保证一定程度的隐私和准确性?在本文中,当数据来自连续分布时,我们在无限假设类的背景下研究这个问题。我们表明,即使对于非常简单的假设类,任何使用有限数量的示例并保证差别隐私的算法都不能保证至少一个未标记数据分布的分类准确性。该结果不同于Kasiviswanathan等人研究的离散数据域上的有限假设类和假设类的情况。 (2008年)。然后,我们提出了两种差异私人学习方法,可以绕过这个下限。第一种方法是以参考分布U的形式使用关于未标记数据分布的一些先验知识,该参考分布U独立于敏感数据而被选择。给定这样的参考U,我们提供样本需求的上限,其取决于(尤其)与U和未标记数据分布之间的接近度的度量。我们的上限适用于不可实现的情况以及可实现的情况。第二种方法是通过仅要求标签隐私来放宽隐私要求 - 即,标签而不是示例中未标记的部分被视为敏感信息。 Chaudhuri等人展示了标签隐私学习样本要求的上限。 (2006年);在本文中,我们显示了一个下限。
课程简介: We study the problem of privacy-preserving classification – namely, learning a classifier from sensitive data, while still preserving the privacy of individuals in the training set. In particular, we require that our learning algorithm guarantees differential privacy, a very strong notion of privacy that has gained significant attention over the past few years. A natural question to ask is: what is the sample requirement of a learning algorithm that guarantees a certain level of privacy and accuracy? In this paper, we study this question in the context of infinite hypothesis classes when the data is drawn from a continuous distribution. We show that even for very simple hypothesis classes, any algorithm which uses a finite number of examples and guarantees differential privacy, fails to guarantee classification accuracy for at least one unlabeled data distribution. This result is unlike the case of finite hypothesis classes and hypothesis classes on discrete data domains that were studied by Kasiviswanathan et al. (2008). We then propose two approaches to differentially private learning that get around this lower bound. The first approach is to use some prior knowledge about the unlabeled data distribution in the form of a reference distribution U that is chosen independently of the sensitive data. Given such a reference U, we provide an upper bound on the sample requirement which depends (among other things) on a measure of closeness between U and the unlabeled data distribution. Our upper bound applies to the non-realizable as well as the realizable case. The second approach is to relax the privacy requirement, by requiring only label-privacy – namely, that the labels, and not the unlabeled parts of the examples be considered sensitive information. An upper bound on the sample requirement of learning with label privacy was shown by Chaudhuri et al. (2006); in this paper, we show a lower bound.
关 键 词: 算法; 差异隐私; 敏感数据
课程来源: 视频讲座网
最后编审: 2020-04-22:chenxin
阅读次数: 59

纠错/补充/评论/留言
评论/留言 纠错/补充
验证算术题: 8 + 6 =