Privacy model training method and device based on small amount of public data

A technology for public data and models, applied in the Internet field, can solve the problems of sensitive data training privacy theft of neural network models, and achieve the effects of easy deployment, strong controllability, and low privacy protection overhead.
CN112199717APending Publication Date: 2021-01-08INST OF INFORMATION ENG CAS
0 Cites 8 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
INST OF INFORMATION ENG CAS
Publication Date
2021-01-08

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides a privacy model training method based on a small amount of public data and an electronic device. The privacy model training method comprises steps of obtaining N neural networkteacher models by using a plurality of trainings; respectively inputting a small amount of public data xi into the N neural network teacher models to obtain a statistical voting result of each publicdata xi for each label k; noise being added to all statistical voting results, and public data xi and corresponding labels meeting the differential privacy principle being obtained; optimizing an adversarial generative network through a large number of random noise vectors and a pre-trained discriminant neural network, and generating a large number of label-free data; and jointly training a student model through the public data xi meeting the differential privacy principle, the corresponding label and a large amount of unlabeled data pair pre-trained auto-encoders to obtain a private student model. According to the method, only a small amount of public data is needed to train one private student model, physical isolation and network isolation of sensitive data are realized, and a problem of low accuracy of the private student model is solved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] The invention belongs to the Internet field, and specifically relates to a neural network model privacy protection training method and device based on differential privacy, semi-supervised learning, and teacher-student knowledge aggregation.Background technique

[0002] In recent years, deep learning technology has made shocking breakthroughs in many fields, such as computer vision, natural language processing, and reinforcement learning. At the same time, the development of deep learning technology is also inseparable from a large amount of training data. At present, many extremely powerful applications use a large amount of sensitive data to train models, for example, use a large number of patients' medical data to train medical diagnosis systems, and use a large amount of user financial data for financial risk control.

[0003] Although deep learning tools can greatly facilitate industrial production and life, recent studies have shown that deep learning models are v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More