Machine unlearning techniques, which involve retracting data records and reducing influence of said data on trained models, help with the user privacy protection objective but incur significant computational costs. Weight perturbation-based unlearning is a general approach, but it typically involves globally modifying the parameters. We propose fine-grained Top-K and Random-k parameters perturbed inexact machine unlearning strategies that address the privacy needs while keeping the computational costs tractable. In order to demonstrate the efficacy of our strategies we also tackle the challenge of evaluating the effectiveness of machine unlearning by considering the model's generalization performance across both unlearning and remaining data. To better assess the unlearning effect and model generalization, we propose novel metrics, namely, the forgetting rate and memory retention rate. However, for inexact machine unlearning, current metrics are inadequate in quantifying the degree of forgetting that occurs after unlearning strategies are applied. To address this, we introduce SPD-GAN, which subtly perturbs the distribution of data targeted for unlearning. Then, we evaluate the degree of unlearning by measuring the performance difference of the models on the perturbed unlearning data before and after the unlearning process. By implementing these innovative techniques and metrics, we achieve computationally efficacious privacy protection in machine learning applications without significant sacrifice of model performance. Furthermore, this approach provides a novel method for evaluating the degree of unlearning.

翻译：机器遗忘技术旨在撤销数据记录并降低其对已训练模型的影响，有助于实现用户隐私保护目标，但会带来显著的计算成本。基于权重扰动的遗忘是一种通用方法，但通常涉及全局性参数修改。我们提出了细粒度的Top-K与Random-k参数扰动非精确机器遗忘策略，在满足隐私需求的同时保持计算成本可控。为验证策略的有效性，我们还通过考虑模型在遗忘数据与剩余数据上的泛化性能，解决了机器遗忘效果评估的挑战。为更好评估遗忘效果与模型泛化能力，我们提出了新颖的度量指标：遗忘率与记忆保持率。然而对于非精确机器遗忘，现有指标难以量化遗忘策略实施后的遗忘程度。为此，我们引入SPD-GAN，通过微妙扰动待遗忘数据的分布，进而通过比较模型在扰动后的遗忘数据上于遗忘过程前后的性能差异来评估遗忘程度。通过实施这些创新技术与度量指标，我们在机器学习应用中实现了计算高效的隐私保护，且未显著牺牲模型性能。此外，该方法为评估遗忘程度提供了全新的方法论。