Skip to content
/ Industry-Project Public

Experiments on post-facto methods inspired by Differential Privacy to protect BERT embeddings from inversion attacks while keeping the utility intact. The project explores the tradeoff between privacy and utility .

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

divK12/Industry-Project

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Differential Privacy- Adding Noise to BERT Embeddings .pdf
Differential Privacy- Adding Noise to BERT Embeddings .pdf
 
 
README.md
README.md
 
 

Repository files navigation

Differential Privacy: Adding Noise to BERT Embeddings

Duration: Jan 2025 - April 2025
Organization: Coriolis Technologies

Project Overview

Lightweight, post-processing defenses to protect BERT embeddings from privacy leakage (embedding inversion attacks) without modifying the model architecture.

Project Details

Objective: Enhance privacy of pretrained embeddings while preserving utility.

Techniques:

  • Post-facto noise (Gaussian, Laplace, Uniform)
  • Random projection
  • Random rotation
  • Squaring select dimensions (sign-preserved)

Evaluation:

  • Datasets: STS-B, QQP
  • Metrics: cosine similarity deviation, token retrieval, attack success reduction

For in-depth methodology and findings, see the full report

About

Experiments on post-facto methods inspired by Differential Privacy to protect BERT embeddings from inversion attacks while keeping the utility intact. The project explores the tradeoff between privacy and utility .

Topics

research pytorch noise bert differential-privacy mathematical-methods finetuning embedding-inversion-attack dp-forward

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published