Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Deep learning data privacy protection method, system and device and medium

A deep learning and data privacy technology, applied in the field of deep learning data privacy protection, can solve problems such as unacceptable decline in model performance, lack of comprehensibility, and difficulty in adjustment

Active Publication Date: 2022-07-22
广州中平智能科技有限公司
View PDF6 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Regarding differential privacy machine learning, the mainstream approach is to limit the difference of model output by adding noise to parameters to prevent differential attacks, but these protection measures have a trade-off problem that is difficult to adjust in model inversion attacks and model update attacks , that is, the trade-off between model usability and data privacy protection strength. In order to protect data leakage as much as possible, the decline in model performance (such as accuracy rate) that may be caused is sometimes unacceptable, and it lacks certain understandability. This comprehensibility problem refers to the fact that after the introduction of differential privacy, it is difficult to show which training data information is protected in a visual way, such as the face or background in the picture has more privacy protection, because in the image data or In other data, the privacy considerations in different parts are different. If such intelligibility can be provided, it will help the data provider to control the direct risk of privacy leakage; regarding the noise addition of training data, such as the patent "a medical-based Image privacy protection method [P]. Guo Lihong, Sha Aijun, Song Hao, Dong Tengteng, Wang Jiacheng. Chinese patent: CN113889232A, 2022-01-04", which extracts information from the personal privacy area of ​​the original training image, and then With the help of the complex sequence generated iteratively by the Logistic chaotic system, the pixel value transformation is performed on the extracted area, and finally the transformation results of all text areas are embedded into the original image, and the image is scrambled after the overall encryption, which is protected by this encryption form. personal privacy area
The problem with this method is that the training data after the noise conversion will have an uncontrollable impact on the construction of the deep learning model, such as the decrease in model usability due to the shielding of too much effective information, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deep learning data privacy protection method, system and device and medium
  • Deep learning data privacy protection method, system and device and medium
  • Deep learning data privacy protection method, system and device and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0054] As an aspect of the embodiments of the present disclosure, a deep learning data privacy protection method is provided, such as figure 1 shown, including the following steps:

[0055] S10. Load the original training data set and the deep learning model;

[0056] S20, assigning a privacy protection weight to the privacy information in the original training data set, and constructing a privacy importance matrix;

[0057] S30, configure the global noise intensity and generator parameters in the training data to construct a noise generator; train the noise generator according to the loss function constructed by the privacy importance matrix;

[0058] S40. Add noise to all the original training data in the original training data set through a noise generator to generate a noise-added data set;

[0059] S60. Use the noise-added data set to train the deep learning model to form a deep learning model with privacy protection characteristics.

[0060] Based on the above configu...

Embodiment 2

[0088] As another aspect of the embodiments of the present disclosure, a deep learning data privacy protection system 100 is provided, such as image 3 shown, including:

[0089]Resource loading module 1, loading the original training dataset and deep learning model;

[0090] Privacy importance configuration module 2, assigning privacy protection weights to the privacy information in the original training data set, and constructing a privacy importance matrix;

[0091] Noise generator building module 3, configure the global noise intensity and generator parameters in the training data to construct a noise generator; train the noise generator according to the loss function constructed by the privacy importance matrix;

[0092] The data conversion module 4 is to add noise to all the original training data in the original training data set through the noise generator to generate a noise-added data set;

[0093] The model building module 6 uses the noise-added data set to train ...

Embodiment 3

[0126] An electronic device includes a memory, a processor, and a computer program stored on the memory and running on the processor, where the processor implements the deep learning data privacy protection method in Embodiment 1 when the processor executes the computer program.

[0127] Embodiment 3 of the present disclosure is only an example, and should not impose any limitations on the function and scope of use of the embodiment of the present disclosure.

[0128] The electronic device may take the form of a general-purpose computing device, which may be, for example, a server device. Components of an electronic device may include, but are not limited to, at least one processor, at least one memory, and a bus connecting different system components including memory and processor.

[0129] The bus includes a data bus, an address bus and a control bus.

[0130] The memory may include volatile memory, such as random access memory (RAM) and / or cache memory, and may further inc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a deep learning data privacy protection method, system and device, and a medium. The method comprises the following steps: loading an original training data set and a deep learning model; assigning privacy protection weight to privacy information in the original training data set, and constructing a privacy importance matrix; configuring global noise intensity and generator parameters in the training data to construct a noise generator; training the noise generator according to a loss function constructed by a privacy importance matrix; performing noise addition on all original training data in the original training data set through a noise generator to generate a noise-added data set; and training the deep learning model by using the noise-added data set to form a deep learning model with privacy protection characteristics. According to the method, the objective function and the parameter training method of the noise generator are constructed, the model performance difference is minimized while the noise intensity added to the training data is maximized, and the model feasibility and the privacy protection intensity are automatically balanced.

Description

technical field [0001] The present disclosure relates to the field of deep learning models, and in particular, to a deep learning data privacy protection method, system, device and medium. Background technique [0002] In recent years, due to the theoretical innovation of deep learning and in-depth research in various fields, many commercial applications based on deep learning technology involve all walks of life, creating immeasurable value. In order to speed up the research and application of deep learning, many enterprises or research institutions have made public deep learning models. The construction of deep learning models relies on a large amount of training data, and the training data may involve personal privacy and commercial secrets. Therefore, whether the disclosed deep learning model will leak training data has attracted attention. In recent years, related research work has confirmed that public deep learning models have the risk of leaking training data in so...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06N3/04G06T3/00G06T11/40G06V40/16G06V40/00
CPCG06F21/6245G06T11/40G06N3/045G06T3/04
Inventor 郑飞州
Owner 广州中平智能科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com