基于随机掩码和对抗训练的文本隐私保护实验

To address the problem of striking the privacy-utility balance for the privacy protection of deep-learning based text representation, this paper proposes a privacy preservation algorithm for text representation based on random mask and adversarial training. The algorithm first masks the original input text sequence randomly, and then injects differential privacy noise, and combines the adversarial training between the simulated attacker and the task classifier to realize the privacy preservation of deep learning text representation. Through theoretical derivation, the paper proves that the algorithm meets the differential privacy requirements, and verifies that the algorithm improves the usability of desensitized text while providing complete privacy protection with experimental results of five public datasets. Through this experiment, students not only have a clearer understanding of the security risks faced by the deep-learning text representation model, but also improve their ability to analyze and solve security problems by using the deep learning method.