基于随机掩码和对抗训练的文本隐私保护实验  

Privacy preservation experiment based on random masking and adversarial training for text representation

在线阅读下载全文

作  者:吴舟婷 罗森林[1] WU Zhouting;LUO Senlin(School of Information and Electronics,Beijing Institute of Technology,Beijing 100081,China)

机构地区:[1]北京理工大学信息与电子学院,北京100081

出  处:《实验技术与管理》2023年第8期72-76,共5页Experimental Technology and Management

基  金:国家242信息安全专项(2019A021,2020A065)。

摘  要:针对深度学习文本表示隐私保护面临可用性与隐私性难以平衡的问题,该文提出一种基于随机掩码和对抗训练的文本表示隐私保护算法RMAT。该算法首先对原始输入文本序列做随机掩盖,之后注入差分隐私噪声,并结合模拟攻击器与任务分类器间的对抗训练,实现深度学习文本表示的隐私脱敏。文章通过理论推导证明了算法满足差分隐私要求,并用5个公开数据集的实验结果验证了算法在提供完备隐私保障的同时提升了脱敏文本的可用性。通过本项实验,学生不仅对深度学习文本表示模型面临的安全风险有了更清晰的认识,还提升了利用深度学习方法分析和解决安全问题的能力。To address the problem of striking the privacy-utility balance for the privacy protection of deep-learning based text representation,this paper proposes a privacy preservation algorithm for text representation based on random mask and adversarial training.The algorithm first masks the original input text sequence randomly,and then injects differential privacy noise,and combines the adversarial training between the simulated attacker and the task classifier to realize the privacy preservation of deep learning text representation.Through theoretical derivation,the paper proves that the algorithm meets the differential privacy requirements,and verifies that the algorithm improves the usability of desensitized text while providing complete privacy protection with experimental results of five public datasets.Through this experiment,students not only have a clearer understanding of the security risks faced by the deep-learning text representation model,but also improve their ability to analyze and solve security problems by using the deep learning method.

关 键 词:隐私安全 文本表示 差分隐私 对抗训练 

分 类 号:TP391.1[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象