Differential Privacy Regularization: Protecting Training Data Through Loss Function Regularization
This addresses privacy concerns for users of machine learning models, but appears incremental as it builds upon existing DP-SGD methods.
The paper tackles the problem of protecting sensitive information in training data for neural networks by proposing a novel regularization strategy that achieves differential privacy more efficiently than DP-SGD, though no concrete numbers are provided.
Training machine learning models based on neural networks requires large datasets, which may contain sensitive information. The models, however, should not expose private information from these datasets. Differentially private SGD [DP-SGD] requires the modification of the standard stochastic gradient descent [SGD] algorithm for training new models. In this short paper, a novel regularization strategy is proposed to achieve the same goal in a more efficient manner.