Protecting Privacy in Classifiers by Token Manipulation

Re'em Harel, Yair Elboher, Yuval Pinter

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Using language models as a remote service entails sending private information to an untrusted provider. In addition, potential eavesdroppers can intercept the messages, thereby exposing the information. In this work, we explore the prospects of avoiding such data exposure at the level of text manipulation. We focus on text classification models, examining various token mapping and contextualized manipulation functions in order to see whether classifier accuracy may be maintained while keeping the original text unrecoverable. We find that although some token mapping functions are easy and straightforward to implement, they heavily influence performance on the downstream task, and via a sophisticated attacker can be reconstructed. In comparison, contextualized manipulation provides an improvement in performance.

Original languageEnglish
Title of host publicationPrivateNLP 2024 - 5th Workshop on Privacy in Natural Language Processing, Proceedings of the Workshop
EditorsIvan Habernal, Sepideh Ghanavati, Abhilasha Ravichander, Vijayanta Jain, Patricia Thaine, Timour Igamberdiev, Niloofar Mireshghallah, Oluwaseyi Feyisetan
PublisherAssociation for Computational Linguistics (ACL)
Pages29-38
Number of pages10
ISBN (Electronic)9798891761391
StatePublished - 1 Jan 2024
Event5th Workshop on Privacy in Natural Language Processing, PrivateNLP 2024 - Co-located with ACL 2024 - Bangkok, Thailand
Duration: 15 Aug 2024 → …

Publication series

NamePrivateNLP 2024 - 5th Workshop on Privacy in Natural Language Processing, Proceedings of the Workshop

Conference

Conference5th Workshop on Privacy in Natural Language Processing, PrivateNLP 2024 - Co-located with ACL 2024
Country/TerritoryThailand
CityBangkok
Period15/08/24 → …

ASJC Scopus subject areas

  • Language and Linguistics
  • Artificial Intelligence
  • Software
  • Linguistics and Language

Fingerprint

Dive into the research topics of 'Protecting Privacy in Classifiers by Token Manipulation'. Together they form a unique fingerprint.

Cite this