Loading…
Deep Domain Adaptation With Differential Privacy
Nowadays, it usually requires a massive amount of labeled data to train a deep neural network. When no labeled data is available in some application scenarios, domain adaption can be employed to transfer a learner from one or more source domains with labeled data to a target domain with unlabeled da...
Saved in:
| Published in: | IEEE transactions on information forensics and security 2020, Vol.15, p.3093-3106 |
|---|---|
| Main Authors: | , , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3 |
| container_end_page | 3106 |
| container_issue | |
| container_start_page | 3093 |
| container_title | IEEE transactions on information forensics and security |
| container_volume | 15 |
| creator | Wang, Qian Li, Zixi Zou, Qin Zhao, Lingchen Wang, Song |
| description | Nowadays, it usually requires a massive amount of labeled data to train a deep neural network. When no labeled data is available in some application scenarios, domain adaption can be employed to transfer a learner from one or more source domains with labeled data to a target domain with unlabeled data. However, due to the exposure of the trained model to the target domain, the user privacy may potentially be compromised. Nevertheless, the private information may be encoded into the representations in different stages of the deep neural networks, i.e., hierarchical convolutional feature maps, which poses a great challenge for a full-fledged privacy protection. In this paper, we propose a novel differentially private domain adaptation framework called DPDA to achieve domain adaptation with privacy assurance. Specifically, we perform domain adaptation in an adversarial-learning manner and embed the differentially private design into specific layers and learning processes. Although applying differential privacy techniques directly will undermine the performance of deep neural networks, DPDA can increase the classification accuracy for the unlabeled target data compared to the prior arts. We conduct extensive experiments on standard benchmark datasets, and the results show that our proposed DPDA can indeed achieve high accuracy in many domain adaptation tasks with only a modest privacy loss. |
| doi_str_mv | 10.1109/TIFS.2020.2983254 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_proquest_journals_2391261656</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9046810</ieee_id><sourcerecordid>2391261656</sourcerecordid><originalsourceid>FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3</originalsourceid><addsrcrecordid>eNo9kE1Lw0AQhhdRsFZ_gHgJeE6c2a9kj6W1WigoWPG4bJMJbmmTuEmF_vumpPQ0L8PzzsDD2CNCggjmZbWYfyUcOCTcZIIrecVGqJSONXC8vmQUt-yubTcAUqLORgxmRE00q3fOV9GkcE3nOl9X0Y_vfqOZL0sKVHXebaPP4P9dfrhnN6XbtvRwnmP2PX9dTd_j5cfbYjpZxjk3oot5SqUqc5kZToLA9Nu1cKhSNFLodVrwArkoCmckAXAyKkuNkX0BEAUUYsyeh7tNqP_21HZ2U-9D1b-0XBjkGrXSPYUDlYe6bQOVtgl-58LBItiTGHsSY09i7FlM33kaOp6ILrwBqTMEcQRVzFxH</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2391261656</pqid></control><display><type>article</type><title>Deep Domain Adaptation With Differential Privacy</title><source>IEEE Electronic Library (IEL) Journals</source><creator>Wang, Qian ; Li, Zixi ; Zou, Qin ; Zhao, Lingchen ; Wang, Song</creator><creatorcontrib>Wang, Qian ; Li, Zixi ; Zou, Qin ; Zhao, Lingchen ; Wang, Song</creatorcontrib><description>Nowadays, it usually requires a massive amount of labeled data to train a deep neural network. When no labeled data is available in some application scenarios, domain adaption can be employed to transfer a learner from one or more source domains with labeled data to a target domain with unlabeled data. However, due to the exposure of the trained model to the target domain, the user privacy may potentially be compromised. Nevertheless, the private information may be encoded into the representations in different stages of the deep neural networks, i.e., hierarchical convolutional feature maps, which poses a great challenge for a full-fledged privacy protection. In this paper, we propose a novel differentially private domain adaptation framework called DPDA to achieve domain adaptation with privacy assurance. Specifically, we perform domain adaptation in an adversarial-learning manner and embed the differentially private design into specific layers and learning processes. Although applying differential privacy techniques directly will undermine the performance of deep neural networks, DPDA can increase the classification accuracy for the unlabeled target data compared to the prior arts. We conduct extensive experiments on standard benchmark datasets, and the results show that our proposed DPDA can indeed achieve high accuracy in many domain adaptation tasks with only a modest privacy loss.</description><identifier>ISSN: 1556-6013</identifier><identifier>EISSN: 1556-6021</identifier><identifier>DOI: 10.1109/TIFS.2020.2983254</identifier><identifier>CODEN: ITIFA6</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Adaptation ; Adaptation models ; Artificial neural networks ; convolutional neural network ; Data models ; deep learning ; Differential privacy ; Domain adaptation ; Domains ; Feature maps ; Machine learning ; Neural networks ; Privacy ; privacy preservation ; Training ; Training data</subject><ispartof>IEEE transactions on information forensics and security, 2020, Vol.15, p.3093-3106</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2020</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3</citedby><cites>FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3</cites><orcidid>0000-0003-4152-5295 ; 0000-0002-8967-8525 ; 0000-0001-7955-0782</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9046810$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,4024,27923,27924,27925,54796</link.rule.ids></links><search><creatorcontrib>Wang, Qian</creatorcontrib><creatorcontrib>Li, Zixi</creatorcontrib><creatorcontrib>Zou, Qin</creatorcontrib><creatorcontrib>Zhao, Lingchen</creatorcontrib><creatorcontrib>Wang, Song</creatorcontrib><title>Deep Domain Adaptation With Differential Privacy</title><title>IEEE transactions on information forensics and security</title><addtitle>TIFS</addtitle><description>Nowadays, it usually requires a massive amount of labeled data to train a deep neural network. When no labeled data is available in some application scenarios, domain adaption can be employed to transfer a learner from one or more source domains with labeled data to a target domain with unlabeled data. However, due to the exposure of the trained model to the target domain, the user privacy may potentially be compromised. Nevertheless, the private information may be encoded into the representations in different stages of the deep neural networks, i.e., hierarchical convolutional feature maps, which poses a great challenge for a full-fledged privacy protection. In this paper, we propose a novel differentially private domain adaptation framework called DPDA to achieve domain adaptation with privacy assurance. Specifically, we perform domain adaptation in an adversarial-learning manner and embed the differentially private design into specific layers and learning processes. Although applying differential privacy techniques directly will undermine the performance of deep neural networks, DPDA can increase the classification accuracy for the unlabeled target data compared to the prior arts. We conduct extensive experiments on standard benchmark datasets, and the results show that our proposed DPDA can indeed achieve high accuracy in many domain adaptation tasks with only a modest privacy loss.</description><subject>Adaptation</subject><subject>Adaptation models</subject><subject>Artificial neural networks</subject><subject>convolutional neural network</subject><subject>Data models</subject><subject>deep learning</subject><subject>Differential privacy</subject><subject>Domain adaptation</subject><subject>Domains</subject><subject>Feature maps</subject><subject>Machine learning</subject><subject>Neural networks</subject><subject>Privacy</subject><subject>privacy preservation</subject><subject>Training</subject><subject>Training data</subject><issn>1556-6013</issn><issn>1556-6021</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><recordid>eNo9kE1Lw0AQhhdRsFZ_gHgJeE6c2a9kj6W1WigoWPG4bJMJbmmTuEmF_vumpPQ0L8PzzsDD2CNCggjmZbWYfyUcOCTcZIIrecVGqJSONXC8vmQUt-yubTcAUqLORgxmRE00q3fOV9GkcE3nOl9X0Y_vfqOZL0sKVHXebaPP4P9dfrhnN6XbtvRwnmP2PX9dTd_j5cfbYjpZxjk3oot5SqUqc5kZToLA9Nu1cKhSNFLodVrwArkoCmckAXAyKkuNkX0BEAUUYsyeh7tNqP_21HZ2U-9D1b-0XBjkGrXSPYUDlYe6bQOVtgl-58LBItiTGHsSY09i7FlM33kaOp6ILrwBqTMEcQRVzFxH</recordid><startdate>2020</startdate><enddate>2020</enddate><creator>Wang, Qian</creator><creator>Li, Zixi</creator><creator>Zou, Qin</creator><creator>Zhao, Lingchen</creator><creator>Wang, Song</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7TB</scope><scope>8FD</scope><scope>FR3</scope><scope>JQ2</scope><scope>KR7</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0003-4152-5295</orcidid><orcidid>https://orcid.org/0000-0002-8967-8525</orcidid><orcidid>https://orcid.org/0000-0001-7955-0782</orcidid></search><sort><creationdate>2020</creationdate><title>Deep Domain Adaptation With Differential Privacy</title><author>Wang, Qian ; Li, Zixi ; Zou, Qin ; Zhao, Lingchen ; Wang, Song</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>Adaptation</topic><topic>Adaptation models</topic><topic>Artificial neural networks</topic><topic>convolutional neural network</topic><topic>Data models</topic><topic>deep learning</topic><topic>Differential privacy</topic><topic>Domain adaptation</topic><topic>Domains</topic><topic>Feature maps</topic><topic>Machine learning</topic><topic>Neural networks</topic><topic>Privacy</topic><topic>privacy preservation</topic><topic>Training</topic><topic>Training data</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Wang, Qian</creatorcontrib><creatorcontrib>Li, Zixi</creatorcontrib><creatorcontrib>Zou, Qin</creatorcontrib><creatorcontrib>Zhao, Lingchen</creatorcontrib><creatorcontrib>Wang, Song</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE/IET Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Mechanical & Transportation Engineering Abstracts</collection><collection>Technology Research Database</collection><collection>Engineering Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on information forensics and security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Wang, Qian</au><au>Li, Zixi</au><au>Zou, Qin</au><au>Zhao, Lingchen</au><au>Wang, Song</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Deep Domain Adaptation With Differential Privacy</atitle><jtitle>IEEE transactions on information forensics and security</jtitle><stitle>TIFS</stitle><date>2020</date><risdate>2020</risdate><volume>15</volume><spage>3093</spage><epage>3106</epage><pages>3093-3106</pages><issn>1556-6013</issn><eissn>1556-6021</eissn><coden>ITIFA6</coden><abstract>Nowadays, it usually requires a massive amount of labeled data to train a deep neural network. When no labeled data is available in some application scenarios, domain adaption can be employed to transfer a learner from one or more source domains with labeled data to a target domain with unlabeled data. However, due to the exposure of the trained model to the target domain, the user privacy may potentially be compromised. Nevertheless, the private information may be encoded into the representations in different stages of the deep neural networks, i.e., hierarchical convolutional feature maps, which poses a great challenge for a full-fledged privacy protection. In this paper, we propose a novel differentially private domain adaptation framework called DPDA to achieve domain adaptation with privacy assurance. Specifically, we perform domain adaptation in an adversarial-learning manner and embed the differentially private design into specific layers and learning processes. Although applying differential privacy techniques directly will undermine the performance of deep neural networks, DPDA can increase the classification accuracy for the unlabeled target data compared to the prior arts. We conduct extensive experiments on standard benchmark datasets, and the results show that our proposed DPDA can indeed achieve high accuracy in many domain adaptation tasks with only a modest privacy loss.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TIFS.2020.2983254</doi><tpages>14</tpages><orcidid>https://orcid.org/0000-0003-4152-5295</orcidid><orcidid>https://orcid.org/0000-0002-8967-8525</orcidid><orcidid>https://orcid.org/0000-0001-7955-0782</orcidid></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1556-6013 |
| ispartof | IEEE transactions on information forensics and security, 2020, Vol.15, p.3093-3106 |
| issn | 1556-6013 1556-6021 |
| language | eng |
| recordid | cdi_proquest_journals_2391261656 |
| source | IEEE Electronic Library (IEL) Journals |
| subjects | Adaptation Adaptation models Artificial neural networks convolutional neural network Data models deep learning Differential privacy Domain adaptation Domains Feature maps Machine learning Neural networks Privacy privacy preservation Training Training data |
| title | Deep Domain Adaptation With Differential Privacy |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T23%3A30%3A52IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Deep%20Domain%20Adaptation%20With%20Differential%20Privacy&rft.jtitle=IEEE%20transactions%20on%20information%20forensics%20and%20security&rft.au=Wang,%20Qian&rft.date=2020&rft.volume=15&rft.spage=3093&rft.epage=3106&rft.pages=3093-3106&rft.issn=1556-6013&rft.eissn=1556-6021&rft.coden=ITIFA6&rft_id=info:doi/10.1109/TIFS.2020.2983254&rft_dat=%3Cproquest_ieee_%3E2391261656%3C/proquest_ieee_%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c293t-27ef5fc4892e3e09c29b3a15719436b7d2d123dda94e002e9587994c4801130d3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2391261656&rft_id=info:pmid/&rft_ieee_id=9046810&rfr_iscdi=true |