A Surgical Machine Unlearning library for edge devices using PyTorch
Project description
Verril-Learn 🧠✂️
A Surgical Machine Unlearning Library for Edge Devices
🎯 What is Verril-Learn?
Verril-Learn is a novel machine unlearning library designed specifically for edge devices. It enables you to surgically remove the influence of specific data points from a trained model without full retraining.
Key Features
- 🔬 Surgical Unlearning: Remove specific data influence using Fisher Information + Gradient Ascent
- 🎭 Data Poisoning Simulation: Built-in tools to simulate and study data attacks
- 📱 Edge-Device Optimized: Lightweight algorithms suitable for resource-constrained environments
- 🔒 Privacy-Compliant: Implements concepts aligned with GDPR's "Right to be Forgotten"
📦 Installation
pip install -e .
Or install dependencies directly:
pip install -r requirements.txt
🚀 Quick Start
from verril_learn import get_poisoned_mnist, SimpleCNN, surgical_unlearn
# Step 1: Load poisoned MNIST (10% of '7's mislabeled as '1's)
train_loader, test_loader, poison_indices = get_poisoned_mnist(poison_ratio=0.1)
# Step 2: Train your model (standard PyTorch training loop)
model = SimpleCNN()
# ... train the model ...
# Step 3: Surgically unlearn the poisoned data
unlearned_model = surgical_unlearn(
model=model,
poisoned_data=poisoned_loader,
retain_data=clean_loader,
fisher_weight=0.1,
unlearn_lr=0.001,
unlearn_steps=10
)
🧪 The Algorithm
1. Fisher Information Matrix (Diagonal Approximation)
Identifies which weights are critical for the retain data:
F_ii = E[(∂L/∂θ_i)²]
2. Gradient Ascent on Poisoned Data
Maximizes the loss to make the model "forget":
θ = θ + α * ∇L(θ; D_poison)
3. Fisher-Weighted Regularization
Prevents catastrophic forgetting by penalizing large changes to critical weights:
L_total = -L_poison + λ * Σ F_ii * (θ_i - θ_i^original)²
📁 Project Structure
verril-learn/
├── setup.py # Package configuration
├── requirements.txt # Dependencies
├── README.md # This file
└── verril_learn/
├── __init__.py # Public API
├── data_loader.py # MNIST loading + poisoning
├── model.py # CNN architecture
└── core.py # Surgical unlearning algorithm
📚 References
📄 License
MIT License - See LICENSE file for details.
Built with ❤️ for the ML Security & Privacy community
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file verril_learn-0.1.0.tar.gz.
File metadata
- Download URL: verril_learn-0.1.0.tar.gz
- Upload date:
- Size: 12.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
52369d0e7851925562331be68a9c0e5211563f0632d802051ab70b1dab639cc1
|
|
| MD5 |
a90bb1f85e438b71917020d5dcf6c541
|
|
| BLAKE2b-256 |
84cafb6f939b7c54fb2dff909ccc759fe4e0e657c2cd7aad4f14bdb3d9ae9a20
|
File details
Details for the file verril_learn-0.1.0-py3-none-any.whl.
File metadata
- Download URL: verril_learn-0.1.0-py3-none-any.whl
- Upload date:
- Size: 12.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1c79fc4d67c82ce6d950aefe38e3036d2f19ecb73ddf41bee5d5bd43d37da62d
|
|
| MD5 |
8a5b163d1c7eacfce90c07644e1b840c
|
|
| BLAKE2b-256 |
da1f294594a3cab0afcbeaaedaa3cffc1c8d97890b8ce533fd2b6d72c805c6a6
|
