Boyd Kendrick, Lantz Eric, Page David
Department of Computer Sciences, University of Wisconsin-Madison.
Department of Biostatistics and Medical Informatics, University of Wisconsin-Madison.
AISec. 2015;2015:15-23. doi: 10.1145/2808769.2808775. Epub 2015 Oct 16.
Differential privacy provides powerful guarantees that individuals incur minimal additional risk by including their personal data in a database. Most work in differential privacy has focused on differentially private algorithms that produce models, counts, and histograms. Nevertheless, even with a classification model produced by a differentially private algorithm, directly reporting the classifier's performance on a database has the potential for disclosure. Thus, differentially private computation of evaluation metrics for machine learning is an important research area. We find effective mechanisms for area under the receiver-operating characteristic (ROC) curve and average precision.
差分隐私提供了强有力的保证,即个人将其个人数据包含在数据库中时所承担的额外风险最小。差分隐私领域的大多数工作都集中在生成模型、计数和直方图的差分隐私算法上。然而,即使使用差分隐私算法生成的分类模型,直接在数据库上报告分类器的性能也存在披露风险。因此,机器学习评估指标的差分隐私计算是一个重要的研究领域。我们找到了计算接收者操作特征(ROC)曲线下面积和平均精度的有效机制。
