Papers
Topics
Authors
Recent
Search
2000 character limit reached

Synthetic Image Learning: Preserving Performance and Preventing Membership Inference Attacks

Published 22 Jul 2024 in cs.CV, cs.AI, cs.CR, and cs.LG | (2407.15526v2)

Abstract: Generative artificial intelligence has transformed the generation of synthetic data, providing innovative solutions to challenges like data scarcity and privacy, which are particularly critical in fields such as medicine. However, the effective use of this synthetic data to train high-performance models remains a significant challenge. This paper addresses this issue by introducing Knowledge Recycling (KR), a pipeline designed to optimise the generation and use of synthetic data for training downstream classifiers. At the heart of this pipeline is Generative Knowledge Distillation (GKD), the proposed technique that significantly improves the quality and usefulness of the information provided to classifiers through a synthetic dataset regeneration and soft labelling mechanism. The KR pipeline has been tested on a variety of datasets, with a focus on six highly heterogeneous medical image datasets, ranging from retinal images to organ scans. The results show a significant reduction in the performance gap between models trained on real and synthetic data, with models based on synthetic data outperforming those trained on real data in some cases. Furthermore, the resulting models show almost complete immunity to Membership Inference Attacks, manifesting privacy properties missing in models trained with conventional techniques.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (37)
  1. Bridging the gap: Enhancing the utility of synthetic data via post-processing techniques. British Machine Vision Conference, 2023.
  2. Membership inference attacks against machine learning models. In Symposium on Security and Privacy, 2017.
  3. Generative adversarial networks. Advances in Neural Information Processing Systems, 2014.
  4. Denoising diffusion probabilistic models. Advances in Neural Information Processing Systems, 2020.
  5. Scaling up gans for text-to-image synthesis. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2023.
  6. Sdxl: Improving latent diffusion models for high-resolution image synthesis. In International Conference on Learning Representations, 2024.
  7. Gan-based synthetic medical image augmentation for increased cnn performance in liver lesion classification. Neurocomputing, 2018.
  8. Generating synthetic medical images by using gan to improve cnn performance in skin cancer classification. In International Conference on Robotics and Mechatronics, 2019.
  9. Gan-based synthetic brain pet image generation. Brain informatics, 2020.
  10. Sgde: Secure generative data exchange for cross-silo federated learning. In International Conference on Artificial Intelligence and Pattern Recognition, 2022.
  11. Dataset distillation by matching training trajectories. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2022.
  12. Fake it till you make it: Learning transferable representations from synthetic imagenet clones. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2023.
  13. Seeing is not necessarily believing: Limitations of biggans for data augmentation. International Conference on Learning Representations, 2019.
  14. This dataset does not exist: training models from generated images. In International Conference on Acoustics, Speech and Signal Processing, 2020.
  15. Stable diffusion dataset generation for downstream classification tasks. arXiv preprint arXiv:2405.02698, 2024.
  16. Classifier training from a generative model. In International Conference on Content-Based Multimedia Indexing, 2019.
  17. Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, 2015.
  18. Stealing machine learning models via prediction {{\{{APIs}}\}}. In USENIX Security Symposium, 2016.
  19. Poisoning attacks against support vector machines. In Proceedings of the International Conference on Machine Learning, 2012.
  20. Deep learning with differential privacy. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, 2016.
  21. On the utility and protection of optimization with differential privacy and classic regularization techniques. In International Conference on Machine Learning, Optimization, and Data Science, 2022.
  22. Discriminative adversarial privacy: Balancing accuracy and membership privacy in neural networks. British Machine Vision Conference, 2023.
  23. Privacy auditing with one (1) training run. Advances in Neural Information Processing Systems, 2024.
  24. Deep residual learning for image recognition. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2016.
  25. Sgdr: Stochastic gradient descent with warm restarts. In International Conference on Learning Representations, 2022.
  26. Trivialaugment: Tuning-free yet state-of-the-art data augmentation. In Proceedings of the IEEE/CVF international conference on computer vision, 2021.
  27. mixup: Beyond empirical risk minimization. In International Conference on Learning Representations, 2018.
  28. Fast high-resolution image synthesis with latent adversarial diffusion distillation. arXiv preprint arXiv:2403.12015, 2024.
  29. Large scale gan training for high fidelity natural image synthesis. In International Conference on Learning Representations, 2018.
  30. Spectral normalization for generative adversarial networks. In International Conference on Learning Representations, 2018.
  31. Improved techniques for training gans. Advances in Neural Information Processing Systems, 2016.
  32. Gans trained by a two time-scale update rule converge to a local nash equilibrium. Advances in Neural Information Processing Systems, 2017.
  33. Consistency-diversity-realism pareto fronts of conditional image generative models. arXiv preprint, 2024.
  34. Classification accuracy score for conditional generative models. Advances in Neural Information Processing Systems, 2019.
  35. Algorithms for hyper-parameter optimization. Advances in Neural Information Processing Systems, 2011.
  36. Hyperband: A novel bandit-based approach to hyperparameter optimization. Journal of Machine Learning Research, 2018.
  37. Medmnist v2-a large-scale lightweight benchmark for 2d and 3d biomedical image classification. Scientific Data, 2023.
Citations (1)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Collections

Sign up for free to add this paper to one or more collections.

Sign Up