Redirecting to original paper in 30 seconds...

Click below to go immediately or wait for automatic redirect

arxiv_ai 95% Match Research Paper ML Engineers,Privacy Officers,AI Ethicists,Compliance Officers 2 weeks ago

PRUNE: A Patching Based Repair Framework for Certifiable Unlearning of Neural Networks

ai-safety › privacy
📄 Abstract

Abstract: It is often desirable to remove (a.k.a. unlearn) a specific part of the training data from a trained neural network model. A typical application scenario is to protect the data holder's right to be forgotten, which has been promoted by many recent regulation rules. Existing unlearning methods involve training alternative models with remaining data, which may be costly and challenging to verify from the data holder or a thirdparty auditor's perspective. In this work, we provide a new angle and propose a novel unlearning approach by imposing carefully crafted "patch" on the original neural network to achieve targeted "forgetting" of the requested data to delete. Specifically, inspired by the research line of neural network repair, we propose to strategically seek a lightweight minimum "patch" for unlearning a given data point with certifiable guarantee. Furthermore, to unlearn a considerable amount of data points (or an entire class), we propose to iteratively select a small subset of representative data points to unlearn, which achieves the effect of unlearning the whole set. Extensive experiments on multiple categorical datasets demonstrates our approach's effectiveness, achieving measurable unlearning while preserving the model's performance and being competitive in efficiency and memory consumption compared to various baseline methods.
Authors (4)
Xuran Li
Jingyi Wang
Xiaohan Yuan
Peixin Zhang
Submitted
May 10, 2025
arXiv Category
cs.LG
arXiv PDF

Key Contributions

Proposes PRUNE, a novel patching-based framework for certifiable unlearning of neural networks. Instead of retraining, it applies lightweight 'patches' to the original model to achieve targeted forgetting with verifiable guarantees. This approach is more efficient and easier to verify than retraining from scratch.

Business Value

Enables organizations to comply with data privacy regulations (like GDPR's 'right to be forgotten') efficiently and with strong guarantees, reducing legal and reputational risks associated with data handling.

Paper Metadata

Innovation Type

Methodological

Deployment Feasibility

Moderate. Requires integration into ML pipelines and potentially specialized tools for patch generation and verification. The 'certifiable guarantee' aspect is key for adoption.

Limitations Addressed

Addresses the high cost and verification challenges of existing unlearning methods (which typically involve retraining). Solves the difficulty in providing certifiable guarantees for data deletion.

Performance Gains

Significantly reduces computational cost and improves verifiability compared to retraining-based unlearning methods.

Technical Tags

Neural Network UnlearningData DeletionPrivacy PreservationRight to be ForgottenModel RepairCertifiable UnlearningPatching FrameworkTargeted Forgetting

Research Topics

AI EthicsMachine Learning PrivacyModel Interpretability and RepairRegulatory Compliance

Methods & Architectures

Patching frameworkNeural network repair techniquesIterative selection of patchesCertifiable guarantee mechanism Neural Networks (general)

Applications & Tasks

Data Privacy Regulatory Compliance (GDPR, CCPA) Machine Learning Security Efficiently and verifiably removing specific data points from trained modelsEnsuring compliance with data deletion requests Unlearning specific data points or classesVerifying data deletionRepairing neural networks

Related Fields

Machine LearningPrivacyAI EthicsModel DebuggingRegulatory Compliance

Keywords

UnlearningData DeletionPrivacyGDPRRight to be ForgottenNeural Network RepairCertifiable AIModel PatchingTargeted ForgettingMachine Learning SecurityData Governance

Academic Context

#AI Ethics#Machine Learning Privacy#Model Interpretability and Repair#Regulatory Compliance

Commercial Potential

Potential Products
Privacy-preserving ML platformsTools for automated compliance with data deletion requestsModel auditing services
Target Industries
TechnologyFinanceHealthcareAny industry handling sensitive user data
Use Case Examples
Removing a specific customer's data from a trained recommendation modelEnsuring a medical imaging AI model no longer contains data from a specific patientComplying with data erasure requests for user data used in training chatbots
Competitive Edge
Offers a more efficient and verifiable alternative to retraining for model unlearning, directly addressing regulatory requirements.
Market Opportunity
Increasing regulatory pressure for data privacy and deletion.,Growing market for privacy-preserving AI solutions.
Revenue Models
Licensing the technologyoffering unlearning-as-a-service.

Resource Requirements

Compute Needs
Lower than retraining, but requires compute for patch generation and verification.
Data Requirements
Access to the trained model and potentially information about the data to be unlearned.
Deployment Constraints
Requires careful integration into existing model deployment and update pipelines.
Scalability
Scalability depends on the efficiency of the patching and verification process, especially for large numbers of data points to unlearn.
Regulatory Considerations
Directly addresses GDPR, CCPA, and similar privacy regulations.

Production Readiness

Maturity Level

Research

Time to Market

2-3 years

Patent Potential

Potential for patents on the patching framework and verification methods.

View Full Paper Back to Papers