Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
119 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Efficient Knowledge Deletion from Trained Models through Layer-wise Partial Machine Unlearning (2403.07611v1)

Published 12 Mar 2024 in cs.LG and cs.AI

Abstract: Machine unlearning has garnered significant attention due to its ability to selectively erase knowledge obtained from specific training data samples in an already trained machine learning model. This capability enables data holders to adhere strictly to data protection regulations. However, existing unlearning techniques face practical constraints, often causing performance degradation, demanding brief fine-tuning post unlearning, and requiring significant storage. In response, this paper introduces a novel class of machine unlearning algorithms. First method is partial amnesiac unlearning, integration of layer-wise pruning with amnesiac unlearning. In this method, updates made to the model during training are pruned and stored, subsequently used to forget specific data from trained model. The second method assimilates layer-wise partial-updates into label-flipping and optimization-based unlearning to mitigate the adverse effects of data deletion on model efficacy. Through a detailed experimental evaluation, we showcase the effectiveness of proposed unlearning methods. Experimental results highlight that the partial amnesiac unlearning not only preserves model efficacy but also eliminates the necessity for brief post fine-tuning, unlike conventional amnesiac unlearning. Moreover, employing layer-wise partial updates in label-flipping and optimization-based unlearning techniques demonstrates superiority in preserving model efficacy compared to their naive counterparts.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (42)
  1. Machine learning: Trends, perspectives, and prospects. Science, 349(6245):255–260, 2015.
  2. Very deep convolutional networks for large-scale image recognition, 2015.
  3. Deep learning. nature, 521(7553):436, 2015.
  4. Lifelong Machine Learning. Morgan & Claypool Publishers, 2nd edition, 2018. ISBN 1681733021.
  5. European Parliament and Council of the European Union. Regulation (EU) 2016/679 of the European Parliament and of the Council, 2016.
  6. A closer look at memorization in deep networks. In Proceedings of the 34th International Conference on Machine Learning - Volume 70, page 233–242. JMLR.org, 2017.
  7. Understanding deep learning requires rethinking generalization. In International Conference on Learning Representations, 2017.
  8. Membership inference attacks against machine learning models. 2017 IEEE Symposium on Security and Privacy (SP), pages 3–18, 2016.
  9. Label-only membership inference attacks. In Marina Meila and Tong Zhang, editors, Proceedings of the 38th International Conference on Machine Learning, volume 139, pages 1964–1974. PMLR, 18–24 Jul 2021.
  10. Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, page 1322–1333. Association for Computing Machinery, 2015.
  11. Plug & play attacks: Towards robust and flexible model inversion attacks. In Kamalika Chaudhuri, Stefanie Jegelka, Le Song, Csaba Szepesvari, Gang Niu, and Sivan Sabato, editors, Proceedings of the 39th International Conference on Machine Learning, volume 162, pages 20522–20545. PMLR, 17–23 Jul 2022.
  12. Machine unlearning: A survey. ACM Comput. Surv., 56(1), aug 2023.
  13. Machine unlearning, 2020.
  14. Certified defenses for data poisoning attacks. In Proceedings of the 31st International Conference on Neural Information Processing Systems, page 3520–3532, Red Hook, NY, USA, 2017.
  15. Verifiable and provably secure machine unlearning, 2023.
  16. Towards making systems forget with machine unlearning. In IEEE Symposium on Security and Privacy, pages 463–480, 2015.
  17. Machine unlearning for random forests. In Marina Meila and Tong Zhang, editors, Proceedings of the 38th International Conference on Machine Learning, volume 139, pages 1092–1104. PMLR, 18–24 Jul 2021.
  18. DeltaGrad: Rapid retraining of machine learning models. In Hal Daumé III and Aarti Singh, editors, Proceedings of the 37th International Conference on Machine Learning, volume 119, pages 10355–10366. PMLR, 13–18 Jul 2020.
  19. Machine unlearning. In 2021 IEEE Symposium on Security and Privacy (SP), pages 141–159, 2021.
  20. Descent-to-delete: Gradient-based methods for machine unlearning. In Vitaly Feldman, Katrina Ligett, and Sivan Sabato, editors, Proceedings of the 32nd International Conference on Algorithmic Learning Theory, volume 132, pages 931–962. PMLR, 16–19 Mar 2021.
  21. Eternal sunshine of the spotless net: Selective forgetting in deep networks. 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), pages 9301–9309, 2019.
  22. Machine unlearning: Linear filtration for logit-based classifiers. Mach. Learn., 111(9):3203–3226, sep 2022.
  23. Certified data removal from machine learning models. In Proceedings of the 37th International Conference on Machine Learning. JMLR.org, 2020.
  24. Amnesiac machine learning. In AAAI Conference on Artificial Intelligence, 2020.
  25. Knowledge unlearning for mitigating privacy risks in language models. In Anna Rogers, Jordan Boyd-Graber, and Naoaki Okazaki, editors, Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), pages 14389–14408. Association for Computational Linguistics, July 2023.
  26. Machine unlearning of features and labels. ArXiv, abs/2108.11577, 2021.
  27. Fast yet effective machine unlearning. IEEE transactions on neural networks and learning systems, PP, 2021.
  28. Zero-shot machine unlearning. IEEE Transactions on Information Forensics and Security, 18:2345–2354, 2022.
  29. M. Godavarti and A.O. Hero. Partial update lms algorithms. IEEE Transactions on Signal Processing, 53(7):2382–2399, 2005.
  30. Mnist handwritten digit database. ATT Labs [Online]. Available: http://yann.lecun.com/exdb/mnist, 2, 2010.
  31. Medmnist v2: A large-scale lightweight benchmark for 2d and 3d biomedical image classification. Nature Scientific Data, 2022.
  32. Gradient-based learning applied to document recognition. Proceedings of the IEEE, 86(11):2278–2324, 1998.
  33. Imagenet classification with deep convolutional neural networks. In F. Pereira, C. J. C. Burges, L. Bottou, and K. Q. Weinberger, editors, Advances in Neural Information Processing Systems 25, pages 1097–1105. Curran Associates, Inc., 2012.
  34. Deep Residual Learning for Image Recognition. In Proceedings of 2016 IEEE Conference on Computer Vision and Pattern Recognition, pages 770–778. IEEE, June 2016.
  35. When machine unlearning jeopardizes privacy. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, page 896–911. Association for Computing Machinery, 2021. ISBN 9781450384544.
  36. Unlearnable examples: Making personal data unexploitable. In ICLR, 2021.
  37. Framu: Attention-based machine unlearning using federated reinforcement learning, 2023.
  38. Graph unlearning. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, CCS ’22, page 499–513, New York, NY, USA, 2022. Association for Computing Machinery.
  39. Federaser: Enabling efficient client-level data removal from federated learning models. In 2021 IEEE/ACM 29th International Symposium on Quality of Service (IWQOS), pages 1–10, 2021.
  40. Federated unlearning with knowledge distillation. ArXiv, abs/2201.09441, 2022.
  41. Pytorch: An imperative style, high-performance deep learning library, 2019.
  42. The liver tumor segmentation benchmark (lits). Medical Image Analysis, 84:102680, 2023. ISSN 1361-8415.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (2)
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now