View Notebook
Differential Privacy In Deep Learning - Based Recommendation Systems
Overview
In an increasingly data-centric world, the need to protect privacy while maintaining data utility or the ability to leverage data for useful purposes is a pressing concern, especially in recommendation systems.
The recommendation models employing the deep learning technique require substantial user data to capture complex patterns and deliver personalized recommendations, compromising users’ data privacy.
This project aims to explore and employ the concept of differential privacy, a noise-infusion technique that ensures rigorous privacy protection, to examine its influence on the performance of deep learning models.
As the noise injection affects the model performance, the paper navigates the inherent tension between data privacy and the utility trade-off. The impact of differential privacy on the accuracy of recommendations is evaluated across a wide range of privacy budgets, from low to high epsilon values, in Collaborative Filtering Recommender Systems utilizing the MovieLens 1M dataset.
Our findings demonstrate that injecting noise, as a privacy mechanism in the model training, does influence the model performance in terms of loss and accuracy. However, with a suitably selected value of epsilon, the differential private recommendation models can still generate recommendation accuracy while still offering robust privacy protection.
The research highlights the potential of differential privacy as a tool for developing privacy-aware recommender systems and provides a foundation for further research in personalized marketing strategies without compromising consumer privacy.
Research Question
"What is the optimal value of epsilon (ε) that provides the best balance between privacy protection and recommendation accuracy?".
Outline
Part 1: Research Background & Motivation
Why Deep-Learning Recommendation Systems?
Why Protect "Privacy"?
Privacy Definitions
Part 2: Research Question & Hypotheses
Part 3: Methodology
TensorFlow DP-SGD Algorithm
Part 4: Research Results
Model Performance ( with and without differential privacy)
Privacy and Recommendation Accuracy Trade-Off
Part 5: Conclusion & Discussions
Part 6: Limitations & Future Research
Recommendation System
Recommendation systems are information filtering systems that assist users in making decisions by predicting the preferences or ratings that users might give to an item, such as products or services, and suggesting those items to users (Resnick & Varian, 1997).
Recommendation systems are broadly categorized into three main types: content-based filtering, collaborative filtering, and hybrid approach. Collaborative Filtering is the approach that leverages the collaborative power of the ratings provided by multiple users to make recommendations. Recommendations are generated based on past interactions between users and items (user-item interactions), which can be either explicit (e.g., user's previous ratings) or implicit feedback (e.g., browsing history) (Adomavicius & Tuzhilin, 2005).
Recently, researchers have turned to deep learning and neural network approaches as potential alternatives to conventional models to enhance the performance of recommendation systems and overcome some previous limitations. Table below provides an overview of traditional recommendation approaches' performance compared to deep learning techniques.
