Go to ICML 2025 Conference homepageAdapting to Linear Separable Subsets with Large-Margin in Differentially Private Learning
Abstract: This paper studies the problem of differentially private empirical risk minimization (DP-ERM) for binary linear classification.
We obtain an efficient $(\varepsilon,\delta)$-DP algorithm with an empirical zero-one risk bound of $\tilde{O}\left(\frac{1}{\gamma^2\varepsilon n} + \frac{|S_{\mathrm{out}}|}{\gamma n}\right)$ where $n$ is the number of data points, $S_{\mathrm{out}}$ is an arbitrary subset of data one can remove and $\gamma$ is the margin of linear separation of the remaining data points (after $S_{\mathrm{out}}$ is removed). Here, $\tilde{O}(\cdot)$ hides only logarithmic terms. In the agnostic case, we improve the existing results when the number of outliers is small. Our algorithm is highly adaptive because it does not require knowing the margin parameter $\gamma$ or outlier subset $S_{\mathrm{out}}$. We also derive a utility bound for the advanced private hyperparameter tuning algorithm.
Lay Summary: This paper presents a differentially private algorithm for binary classification. It automatically adapts without knowing the data’s margin or outliers in advance and achieves good privacy-utility trade-offs.
Primary Area: Social Aspects->Privacy
Keywords: Differential Privacy, Learning half-spaces, margin theory, private optimization
Submission Number: 7968
Loading