Proof of Unlearning: Definitions and Instantiation

10/20/2022
by   Jiasi Weng, et al.
0

The "Right to be Forgotten" rule in machine learning (ML) practice enables some individual data to be deleted from a trained model, as pursued by recently developed machine unlearning techniques. To truly comply with the rule, a natural and necessary step is to verify if the individual data are indeed deleted after unlearning. Yet, previous parameter-space verification metrics may be easily evaded by a distrustful model trainer. Thus, Thudi et al. recently present a call to action on algorithm-level verification in USENIX Security'22. We respond to the call, by reconsidering the unlearning problem in the scenario of machine learning as a service (MLaaS), and proposing a new definition framework for Proof of Unlearning (PoUL) on algorithm level. Specifically, our PoUL definitions (i) enforce correctness properties on both the pre and post phases of unlearning, so as to prevent the state-of-the-art forging attacks; (ii) highlight proper practicality requirements of both the prover and verifier sides with minimal invasiveness to the off-the-shelf service pipeline and computational workloads. Under the definition framework, we subsequently present a trusted hardware-empowered instantiation using SGX enclave, by logically incorporating an authentication layer for tracing the data lineage with a proving layer for supporting the audit of learning. We customize authenticated data structures to support large out-of-enclave storage with simple operation logic, and meanwhile, enable proving complex unlearning logic with affordable memory footprints in the enclave. We finally validate the feasibility of the proposed instantiation with a proof-of-concept implementation and multi-dimensional performance evaluation.

READ FULL TEXT
research
03/09/2021

Proof-of-Learning: Definitions and Practice

Training machine learning (ML) models typically involves expensive itera...
research
01/15/2022

Mechanizing Matching Logic in Coq

Matching logic is a formalism for specifying and reasoning about structu...
research
03/10/2022

Designing ML-Resilient Locking at Register-Transfer Level

Various logic-locking schemes have been proposed to protect hardware fro...
research
05/20/2020

Some Common Mistakes in the Teaching and Textbooks of Modal Logic

We discuss four common mistakes in the teaching and textbooks of modal l...
research
11/29/2021

Third-Party Hardware IP Assurance against Trojans through Supervised Learning and Post-processing

System-on-chip (SoC) developers increasingly rely on pre-verified hardwa...
research
05/12/2023

Linearizability Analysis of the Contention-Friendly Binary Search Tree

We present a formal framework for proving the correctness of set impleme...
research
04/17/2020

Reducing Commutativity Verification to Reachability with Differencing Abstractions

Commutativity of data structure methods is of ongoing interest, with roo...

Please sign up or login with your details

Forgot password? Click here to reset