GitHub - pytorch/opacus: Training PyTorch models with differential privacy (original) (raw)

Opacus

PyPI Downloads GitHub Actions Coverage Status PRs Welcome License

Opacus is a library that enables training PyTorch models with differential privacy. It supports training with minimal code changes required on the client, has little impact on training performance, and allows the client to online track the privacy budget expended at any given moment.

Target audience

This code release is aimed at two target audiences:

  1. ML practitioners will find this to be a gentle introduction to training a model with differential privacy as it requires minimal code changes.
  2. Differential Privacy researchers will find this easy to experiment and tinker with, allowing them to focus on what matters.

Latest updates

2024-12-18: We updated this tutorial to show how LoRA and peft library could be used in conjuncture with DP-SGD.

2024-08-20: We introduced Fast Gradient Clipping and Ghost Clipping(https://arxiv.org/abs/2110.05679) to Opacus, significantly reducing the memory requirements of DP-SGD. Please refer to our blogpost for more information.

Installation

The latest release of Opacus can be installed via pip:

OR, alternatively, via conda:

conda install -c conda-forge opacus

You can also install directly from the source for the latest features (along with its quirks and potentially occasional bugs):

git clone https://github.com/pytorch/opacus.git cd opacus pip install -e .

Getting started

To train your model with differential privacy, all you need to do is to instantiate a PrivacyEngine and pass your model, data_loader, and optimizer to the engine's make_private() method to obtain their private counterparts.

define your components as usual

model = Net() optimizer = SGD(model.parameters(), lr=0.05) data_loader = torch.utils.data.DataLoader(dataset, batch_size=1024)

enter PrivacyEngine

privacy_engine = PrivacyEngine() model, optimizer, data_loader = privacy_engine.make_private( module=model, optimizer=optimizer, data_loader=data_loader, noise_multiplier=1.1, max_grad_norm=1.0, )

Now it's business as usual

TheMNIST exampleshows an end-to-end run using Opacus. Theexamples folder contains more such examples.

Learn more

Interactive tutorials

We've built a series of IPython-based tutorials as a gentle introduction to training models with privacy and using various Opacus features.

Technical report and citation

The technical report introducing Opacus, presenting its design principles, mathematical foundations, and benchmarks can be foundhere.

Consider citing the report if you use Opacus in your papers, as follows:

@article{opacus,
  title={Opacus: {U}ser-Friendly Differential Privacy Library in {PyTorch}},
  author={Ashkan Yousefpour and Igor Shilov and Alexandre Sablayrolles and Davide Testuggine and Karthik Prasad and Mani Malek and John Nguyen and Sayan Ghosh and Akash Bharadwaj and Jessica Zhao and Graham Cormode and Ilya Mironov},
  journal={arXiv preprint arXiv:2109.12298},
  year={2021}
}

Blogposts and talks

If you want to learn more about DP-SGD and related topics, check out our series of blogposts and talks:

FAQ

Check out the FAQ page for answers to some of the most frequently asked questions about differential privacy and Opacus.

Contributing

See theCONTRIBUTING file for how to help out. Do also check out the README files inside the repo to learn how the code is organized.

License

This code is released under Apache 2.0, as found in theLICENSE file.