Curvature Clues: Decoding Deep Learning Privacy with Input Loss Curvature
Authors: Deepak Ravikumar, Efstathia Soufleri, Kaushik Roy
NeurIPS 2024 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We validate our theoretical findings through experiments in computer vision classification tasks, demonstrating that input loss curvature surpasses existing methods in membership inference effectiveness. |
| Researcher Affiliation | Academia | Deepak Ravikumar Efstathia Soufleri Kaushik Roy Department of Electrical and Computer Engineering Purdue University West Lafayette, IN 47907 {dravikum, esoufler, kaushik}@purdue.edu |
| Pseudocode | Yes | The pseudo-code for obtaining input loss curvature score using zero order estimation shown in Algorithm 1 in Appendix A.1. |
| Open Source Code | Yes | Code available at https://github.com/Deepak Tatachar/Curvature-Clues |
| Open Datasets | Yes | Specifically, we use the CIFAR10, CIFAR100 [Krizhevsky et al., 2009] and Image Net [Russakovsky et al., 2015] datasets. |
| Dataset Splits | Yes | Shadow models for CIFAR10 and CIFAR100 were trained on a 50% subset of the data for 300 epochs. For Image Net, we used pre-trained models from Feldman and Zhang [2020], trained on a 70% subset of Image Net. |
| Hardware Specification | Yes | All of the experiments were performed on a heterogeneous compute cluster consisting of 9 1080Ti s, 6 2080Ti s and 4 A40 NVIDIA GPUs, with a total of 100 CPU cores and a combined 1.2 TB of main system memory. |
| Software Dependencies | No | The paper mentions using the "Opacus library [Yousefpour et al., 2021]" and cites a paper on "Py Torch 2 [Ansel et al., 2024]", but it does not provide specific version numbers for these software components or any other key libraries or dependencies used in the experiments. |
| Experiment Setup | Yes | Details regrading hyperparameters are provided in Appendix A.13. The initial learning rate was set to 0.001. The learning rate is decreased by 10 at epochs 12 and 16 with a batch size of 128. We used SGD optimizer with the initial learning rate set to 0.1, weight decay of 1 10 4 and momenutm of 0.9. The learning rate was decayed by 0.1 at 180th and 240th epoch. Our code uses 2 hyper parameters for zero-order input loss curvature estimation. The niter and h in Algorithm 1. We used niter = 10 and h = 0.001. |