Differential privacy in deep learning: Privacy and beyond

Yanling Wang; Qian Wang; Lingchen Zhao; Cong Wang

doi:10.1016/j.future.2023.06.010

Differential privacy in deep learning: Privacy and beyond

Yanling Wang
, Qian Wang^*
, Lingchen Zhao
, Cong Wang

^*Corresponding author for this work

Department of Computer Science

Research output: Journal Publications and Reviews › RGC 21 - Publication in refereed journal › peer-review

38 Citations (Scopus)

Abstract

Motivated by the security risks of deep neural networks, such as various membership and attribute inference attacks, differential privacy has emerged as a promising approach for protecting the privacy of neural networks. As a result, it is crucial to investigate the frontier intersection of differential privacy and deep learning, which is the main motivation behind this survey. Most of the current research in this field focuses on developing mechanisms for combining differentially private perturbations with deep learning frameworks. We provide a detailed summary of these works and analyze potential areas for improvement in the near future. In addition to privacy protection, differential privacy can also play other critical roles in deep learning, such as fairness, robustness, and prevention of over-fitting, which have not been thoroughly explored in previous research. Accordingly, we also discuss future research directions in these areas to offer practical suggestions for future studies. © 2023 Elsevier B.V.

Original language	English
Pages (from-to)	408-424
Journal	Future Generation Computer Systems
Volume	148
Online published	12 Jun 2023
DOIs	https://doi.org/10.1016/j.future.2023.06.010
Publication status	Published - Nov 2023

Funding

This study was supported in part by the National Natural Science Foundation of China Grants U20B2049 and U21B2018, and in part by the Research Grants Council of Hong Kong under grants CityU 11218322, C2004-21G, R6021-20F, and N_CityU139/21.

Research Keywords

Deep learning
Differential privacy
Fairness
Lower bound
Robustness
Stochastic gradient descent

RGC Funding Information

RGC-funded

Access Output

10.1016/j.future.2023.06.010

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{30c78db92e62476c9a860a931bd27841,

title = "Differential privacy in deep learning: Privacy and beyond",

abstract = "Motivated by the security risks of deep neural networks, such as various membership and attribute inference attacks, differential privacy has emerged as a promising approach for protecting the privacy of neural networks. As a result, it is crucial to investigate the frontier intersection of differential privacy and deep learning, which is the main motivation behind this survey. Most of the current research in this field focuses on developing mechanisms for combining differentially private perturbations with deep learning frameworks. We provide a detailed summary of these works and analyze potential areas for improvement in the near future. In addition to privacy protection, differential privacy can also play other critical roles in deep learning, such as fairness, robustness, and prevention of over-fitting, which have not been thoroughly explored in previous research. Accordingly, we also discuss future research directions in these areas to offer practical suggestions for future studies. {\textcopyright} 2023 Elsevier B.V.",

keywords = "Deep learning, Differential privacy, Fairness, Lower bound, Robustness, Stochastic gradient descent",

author = "Yanling Wang and Qian Wang and Lingchen Zhao and Cong Wang",

year = "2023",

month = nov,

doi = "10.1016/j.future.2023.06.010",

language = "English",

volume = "148",

pages = "408--424",

journal = "Future Generation Computer Systems",

issn = "0167-739X",

publisher = "Elsevier B.V.",

}

TY - JOUR

T1 - Differential privacy in deep learning

T2 - Privacy and beyond

AU - Wang, Yanling

AU - Wang, Qian

AU - Zhao, Lingchen

AU - Wang, Cong

PY - 2023/11

Y1 - 2023/11

N2 - Motivated by the security risks of deep neural networks, such as various membership and attribute inference attacks, differential privacy has emerged as a promising approach for protecting the privacy of neural networks. As a result, it is crucial to investigate the frontier intersection of differential privacy and deep learning, which is the main motivation behind this survey. Most of the current research in this field focuses on developing mechanisms for combining differentially private perturbations with deep learning frameworks. We provide a detailed summary of these works and analyze potential areas for improvement in the near future. In addition to privacy protection, differential privacy can also play other critical roles in deep learning, such as fairness, robustness, and prevention of over-fitting, which have not been thoroughly explored in previous research. Accordingly, we also discuss future research directions in these areas to offer practical suggestions for future studies. © 2023 Elsevier B.V.

AB - Motivated by the security risks of deep neural networks, such as various membership and attribute inference attacks, differential privacy has emerged as a promising approach for protecting the privacy of neural networks. As a result, it is crucial to investigate the frontier intersection of differential privacy and deep learning, which is the main motivation behind this survey. Most of the current research in this field focuses on developing mechanisms for combining differentially private perturbations with deep learning frameworks. We provide a detailed summary of these works and analyze potential areas for improvement in the near future. In addition to privacy protection, differential privacy can also play other critical roles in deep learning, such as fairness, robustness, and prevention of over-fitting, which have not been thoroughly explored in previous research. Accordingly, we also discuss future research directions in these areas to offer practical suggestions for future studies. © 2023 Elsevier B.V.

KW - Deep learning

KW - Differential privacy

KW - Fairness

KW - Lower bound

KW - Robustness

KW - Stochastic gradient descent

UR - https://www.scopus.com/pages/publications/85163884525

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85163884525&origin=recordpage

U2 - 10.1016/j.future.2023.06.010

DO - 10.1016/j.future.2023.06.010

M3 - RGC 21 - Publication in refereed journal

SN - 0167-739X

VL - 148

SP - 408

EP - 424

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

ER -

Differential privacy in deep learning: Privacy and beyond

Abstract

Funding

Research Keywords

RGC Funding Information

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

GRF: Towards Bridging the Last-mile Gap of Multi-party Collaborative Statistics

CRF-ExtU-Lead: User-controlled Secure Data Sharing and Analytics with Blockchain and Trusted Computing Technologies

RIF-ExtU-Lead: Enabling Secure and Efficient Cross-Silo Federated Learning at Scale

Cite this

Differential privacy in deep learning: Privacy and beyond

Abstract

Funding

Research Keywords

RGC Funding Information

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Projects

GRF: Towards Bridging the Last-mile Gap of Multi-party Collaborative Statistics

CRF-ExtU-Lead: User-controlled Secure Data Sharing and Analytics with Blockchain and Trusted Computing Technologies

RIF-ExtU-Lead: Enabling Secure and Efficient Cross-Silo Federated Learning at Scale

Cite this