Diffprivlib is a general-purpose library for experimenting with, investigating and developing applications in, differential privacy.
Use diffprivlib if you are looking to:
Diffprivlib supports Python versions 3.8 to 3.12.
We're using the Iris dataset, so let's load it and perform an 80/20 train/test split.
from sklearn import datasets
from sklearn.model_selection import train_test_split
dataset = datasets.load_iris()
X_train, X_test, y_train, y_test = train_test_split(dataset.data, dataset.target, test_size=0.2)
Now, let's train a differentially private naive Bayes classifier. Our classifier runs just like an sklearn
classifier, so you can get up and running quickly.
diffprivlib.models.GaussianNB
can be run without any parameters, although this will throw a warning (we need to specify the bounds
parameter to avoid this). The privacy level is controlled by the parameter epsilon
, which is passed to the classifier at initialisation (e.g. GaussianNB(epsilon=0.1)
). The default is epsilon = 1.0
.
from diffprivlib.models import GaussianNB
clf = GaussianNB()
clf.fit(X_train, y_train)
We can now classify unseen examples, knowing that the trained model is differentially private and preserves the privacy of the 'individuals' in the training set (flowers are entitled to their privacy too!).
clf.predict(X_test)
Every time the model is trained with .fit()
, a different model is produced due to the randomness of differential privacy. The accuracy will therefore change, even if it's re-trained with the same training data. Try it for yourself to find out!
print("Test accuracy: %f" % clf.score(X_test, y_test))
We can easily evaluate the accuracy of the model for various epsilon
values and plot it with matplotlib
.
import numpy as np
import matplotlib.pyplot as plt
epsilons = np.logspace(-2, 2, 50)
bounds = ([4.3, 2.0, 1.1, 0.1], [7.9, 4.4, 6.9, 2.5])
accuracy = list()
for epsilon in epsilons:
clf = GaussianNB(bounds=bounds, epsilon=epsilon)
clf.fit(X_train, y_train)
accuracy.append(clf.score(X_test, y_test))
plt.semilogx(epsilons, accuracy)
plt.title("Differentially private Naive Bayes accuracy")
plt.xlabel("epsilon")
plt.ylabel("Accuracy")
plt.show()
Congratulations, you've completed your first differentially private machine learning task with the Differential Privacy Library! Check out more examples in the notebooks directory, or dive straight in.
Diffprivlib is comprised of four major components:
BudgetAccountant
class can be used to track privacy budget and calculate total privacy loss using advanced composition techniques. pip
The library is designed to run with Python 3.
The library can be installed from the PyPi repository using pip
(or pip3
):
pip install diffprivlib
For the most recent version of the library, either download the source code or clone the repository in your directory of choice:
git clone https://github.com/IBM/differential-privacy-library
To install diffprivlib
, do the following in the project folder (alternatively, you can run python3 -m pip install .
):
pip install .
The library comes with a basic set of unit tests for pytest
. To check your install, you can run all the unit tests by calling pytest
in the install folder:
pytest
If you use diffprivlib for research, please consider citing the following reference paper:
@article{diffprivlib,
title={Diffprivlib: the {IBM} differential privacy library},
author={Holohan, Naoise and Braghin, Stefano and Mac Aonghusa, P{\'o}l and Levacher, Killian},
year={2019},
journal = {ArXiv e-prints},
archivePrefix = "arXiv",
volume = {1907.02444 [cs.CR]},
primaryClass = "cs.CR",
month = jul
}
Work in this repository was partially supported by the European Union's Horizon 2020 research and innovation programme under grant number 951911 – AI4Media.