ResearchTrend.AI
44
0

Privacy and Accuracy-Aware AI/ML Model Deduplication

Hong Guan
Lei Yu
Lixi Zhou
Li Xiong
Kanchan Chowdhury
Lulu Xie
Xusheng Xiao
Jia Zou
ArXivPDFHTML
Abstract

With the growing adoption of privacy-preserving machine learning algorithms, such as Differentially Private Stochastic Gradient Descent (DP-SGD), training or fine-tuning models on private datasets has become increasingly prevalent. This shift has led to the need for models offering varying privacy guarantees and utility levels to satisfy diverse user requirements. However, managing numerous versions of large models introduces significant operational challenges, including increased inference latency, higher resource consumption, and elevated costs. Model deduplication is a technique widely used by many model serving and database systems to support high-performance and low-cost inference queries and model diagnosis queries. However, none of the existing model deduplication works has considered privacy, leading to unbounded aggregation of privacy costs for certain deduplicated models and inefficiencies when applied to deduplicate DP-trained models. We formalize the problems of deduplicating DP-trained models for the first time and propose a novel privacy- and accuracy-aware deduplication mechanism to address the problems. We developed a greedy strategy to select and assign base models to target models to minimize storage and privacy costs. When deduplicating a target model, we dynamically schedule accuracy validations and apply the Sparse Vector Technique to reduce the privacy costs associated with private validation data. Compared to baselines that do not provide privacy guarantees, our approach improved the compression ratio by up to 35×35\times for individual models (including large language models and vision transformers). We also observed up to 43×43\times inference speedup due to the reduction of I/O operations.

View on arXiv
@article{guan2025_2503.02862,
  title={ Privacy and Accuracy-Aware AI/ML Model Deduplication },
  author={ Hong Guan and Lei Yu and Lixi Zhou and Li Xiong and Kanchan Chowdhury and Lulu Xie and Xusheng Xiao and Jia Zou },
  journal={arXiv preprint arXiv:2503.02862},
  year={ 2025 }
}
Comments on this paper