To comply with AI and data regulations, the need to forget private or copyrighted information from trained machine learning models is increasingly important. The key challenge in unlearning is forgetting the necessary data in a timely manner, while preserving model performance. In this work, we address the zero-shot unlearning scenario, whereby an unlearning algorithm must be able to remove data given only a trained model and the data to be forgotten. Under such a definition, existing state-of-the-art methods are insufficient. Building on the concepts of Lipschitz continuity, we present a method that induces smoothing of the forget sample's output, with respect to perturbations of that sample. We show this smoothing successfully results in forgetting while preserving general model performance. We perform extensive empirical evaluation of our method over a range of contemporary benchmarks, verifying that our method achieves state-of-the-art performance under the strict constraints of zero-shot unlearning.

翻译：为遵守人工智能及数据相关法规，从已训练的机器学习模型中移除隐私或版权信息的必要性日益凸显。机器遗忘的核心挑战在于：在及时遗忘必要数据的同时，保持模型性能不降。本文针对零样本遗忘场景展开研究——在此场景下，遗忘算法必须仅凭已训练模型和待遗忘数据即可执行数据移除。现有最先进方法在该场景下均存在不足。基于Lipschitz连续性的思想，我们提出了一种方法：通过对遗忘样本施加扰动，诱导其输出平滑化。实验证明，这种平滑化处理既能有效实现遗忘，又能保持模型整体性能。我们在多个当代基准数据集上进行了广泛实证评估，验证了该方法在零样本遗忘严格约束下达到了最先进水平。