Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Game-Theoretic Machine Unlearning: Mitigating Extra Privacy Leakage

Hengzhu Liu, Tianqing Zhu, Lefeng Zhang, Ping Xiong

TL;DR

A game-theoretic machine unlearning algorithm that simulates the competitive relationship between unlearning performance and privacy protection and demonstrates its effectiveness and its ability to generate an unlearned model with a performance similar to that of the retrained one while mitigating extra privacy leakage risks.

Abstract

With the extensive use of machine learning technologies, data providers encounter increasing privacy risks. Recent legislation, such as GDPR, obligates organizations to remove requested data and its influence from a trained model. Machine unlearning is an emerging technique designed to enable machine learning models to erase users' private information. Although several efficient machine unlearning schemes have been proposed, these methods still have limitations. First, removing the contributions of partial data may lead to model performance degradation. Second, discrepancies between the original and generated unlearned models can be exploited by attackers to obtain target sample's information, resulting in additional privacy leakage risks. To address above challenges, we proposed a game-theoretic machine unlearning algorithm that simulates the competitive relationship between unlearning performance and privacy protection. This algorithm comprises unlearning and privacy modules. The unlearning module possesses a loss function composed of model distance and classification error, which is used to derive the optimal strategy. The privacy module aims to make it difficult for an attacker to infer membership information from the unlearned data, thereby reducing the privacy leakage risk during the unlearning process. Additionally, the experimental results on real-world datasets demonstrate that this game-theoretic unlearning algorithm's effectiveness and its ability to generate an unlearned model with a performance similar to that of the retrained one while mitigating extra privacy leakage risks.

Game-Theoretic Machine Unlearning: Mitigating Extra Privacy Leakage

TL;DR

A game-theoretic machine unlearning algorithm that simulates the competitive relationship between unlearning performance and privacy protection and demonstrates its effectiveness and its ability to generate an unlearned model with a performance similar to that of the retrained one while mitigating extra privacy leakage risks.

Abstract

With the extensive use of machine learning technologies, data providers encounter increasing privacy risks. Recent legislation, such as GDPR, obligates organizations to remove requested data and its influence from a trained model. Machine unlearning is an emerging technique designed to enable machine learning models to erase users' private information. Although several efficient machine unlearning schemes have been proposed, these methods still have limitations. First, removing the contributions of partial data may lead to model performance degradation. Second, discrepancies between the original and generated unlearned models can be exploited by attackers to obtain target sample's information, resulting in additional privacy leakage risks. To address above challenges, we proposed a game-theoretic machine unlearning algorithm that simulates the competitive relationship between unlearning performance and privacy protection. This algorithm comprises unlearning and privacy modules. The unlearning module possesses a loss function composed of model distance and classification error, which is used to derive the optimal strategy. The privacy module aims to make it difficult for an attacker to infer membership information from the unlearned data, thereby reducing the privacy leakage risk during the unlearning process. Additionally, the experimental results on real-world datasets demonstrate that this game-theoretic unlearning algorithm's effectiveness and its ability to generate an unlearned model with a performance similar to that of the retrained one while mitigating extra privacy leakage risks.

Paper Structure

This paper contains 29 sections, 2 theorems, 25 equations, 6 figures, 6 tables, 2 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. Current machine unlearning solutions
  4. Privacy risks in machine unlearning
  5. Preliminaries
  6. Notations
  7. Machine unlearning
  8. Membership inference attacks
  9. Game theory
  10. Game-theoretic machine unlearning method
  11. Problem definition
  12. The overview of proposed method
  13. The unlearning module
  14. The privacy module
  15. Analysis of the game
  16. ...and 14 more sections

Key Result

Theorem 1

The unlearning module and the privacy module sequentially search for optimal strategies, finally converging to an equilibrium, as shown in Eq. nash.

Figures (6)

  • Figure 1: The overview of proposed method
  • Figure 2: The privacy risks of our method compared with retraining at sample-level unlearning
  • Figure 3: The loss of our method at sample-level unlearning
  • Figure 4: The privacy risks of our method compared with retraining at class-level unlearning
  • Figure 5: The loss of our method at class-level unlearning
  • ...and 1 more figures

Theorems & Definitions (4)

  • Definition 1: Machine Unlearning bourtoule2021
  • Definition 2: Membership Inference Attacks shokri2017
  • Theorem 1
  • Theorem 2