This code provides a wrapper for the released code from the "Scalable Private Learning with PATE" paper by Papernot, Song et al (https://arxiv.org/abs/1802.08908) with the goal of making more accessible and easier to use.
python 3.x
numpy
scipy
pate_core.pyandsmooth_sensitivity.pycontain the actual analysis code taken from https://github.com/tensorflow/privacy/tree/master/researchaliases.pyimports from above files and renames and comments functions for easier use.pate_accountant.pyprovides a class for easy use of the GNMax mechanisms (basic, confident and interactive) with PATE analysis.- Function gn_max() is used to release a lable for a given input and compute data-dependent privacy cost.
- Function release_epsilon_fixed_order() is called after training to choose an order lambda and release the overall privacy cost via GNSS mechanism with smooth senistivity analysis.
mnist_cnn.pycontains and trains the reference CNN model used in the papertest_application/validation_experiments.pyuses the vote data provided by the authors to verify that the pate_accountant outputs reasonable results.- This file also contains a small running example of how the PATE accountant may be applied to compute confident GNMax vote release and privacy cost.
pate_writeup.pdfcontains an overview of the structure of the proofs from the paper, some notes, and a pseudocode version of the confident GNMax algorithm.
This is a work in progress. It may well contain errors and the functionality and clarity of explanation will hopefully improve in the coming months.
At the moment I'm working on other things, but the following extensions would make sense when I get to it
- implement efficient labeling function directly for pytorch
- Provide full working example code including trained models
- improve clarity in naming and documentation of code
- rework the write-up from a loose collection of thoughts into a comprehensive read
If you have any questions, comments or corrections, please don't hesitate to contact me.