基于生成对抗网络的差分隐私生成数据方法
Differential privacy generation data method based on generative adversarial network
杨顺 1郝晓燕 1马垚 1于丹 1陈永乐1
作者信息
- 1. 太原理工大学信息与计算机学院,山西晋中 030600
- 折叠
摘要
针对生成神经网络中添加差分隐私方式复杂,以及加入差分隐私后生成数据质量下降的问题,提出一种基于生成对抗网络的差分隐私生成数据方法,通过在生成对抗网络梯度中加入噪声实现隐私保护.设计 自适应剪裁、学习率下降、参数分组聚类优化策略,自适应选取梯度剪裁边界,不断调整学习率以及将权重梯度和偏置梯度分组聚类之后再进行剪裁,保障模型能够收敛,减小差分隐私对生成数据的影响.实验结果表明,该方法可以在不丢失原有隐私保护水平条件下,有效提升生成数据质量.
Abstract
In view of the complexity of adding differential privacy to the generative neural network and the deterioration of the quality of the generated data after adding differential privacy,the differential privacy generation data method based on the genera-tive adversarial network was proposed,which realized privacy protection by adding noise to the gradients of the generative adver-sarial network.Adaptive clipping,learning rate decay,parameter grouping and clustering optimization strategies were designed.By adaptively selecting the gradient clipping boundary,continuously adjusting the learning rate,and grouping and clustering the weight gradient and bias gradient before clipping,the model was enabled to converge,thereby reducing the impact of differential privacy on the generated data.Experimental results show that the method can effectively improve the quality of the generated data without losing the original privacy protection level.
关键词
生成对抗网络/差分隐私/梯度/噪声/隐私保护/优化策略/收敛Key words
generative adversarial network/differential privacy/gradients/noise/privacy protection/optimization strategies/converge引用本文复制引用
基金项目
山西省基础研究计划基金项目(20210302123131)
山西省基础研究计划基金项目(20210302124395)
山西省自然科学基金面上基金项目(202203021221234)
出版年
2024
NETL
NSTL
万方数据