• Aucun résultat trouvé

Adversarial learning and differential privacy for machine learning

N/A
N/A
Info
Télécharger
Protected

Academic year: 2022

Partager "Adversarial learning and differential privacy for machine learning"

Copied!
6
0
0

Chargement.... (Voir le texte intégral maintenant)

Texte intégral

(1)

Ayşe Ünsal

Adversarial learning & Differential privacy

EURECOM

(2)

Federated Learning and Privacy

• FL is a machine learning procedure to train a model where the data is distributed over

independent providers (or clients)

‐ Contributions from individuals with confidential/

sensitive data poses privacy concerns

‐ Requirement for privacy guarantee for individuals

‐ Criteria for preserving privacy  differential privacy

(3)

Differential Privacy

• DP: the absence or presence of a single database

item does not affect the outcome of the analysis.

(4)

What if DP is the attack tool?

• What if adversary’s aware of and tries to benefit from DP to strengthen his/her attack?

‐ An adversary is able to modify (add, replace, delete, etc.) the published information

‐ Modification is differentially private

• Summary: Conflicting goals of the adversary

‐ To maximize the possible damage

‐ To Minimize detection.

(5)

Problem Formulation

• On the defender’s end: preserve differential privacy.

• Trade-off between

‐ the attack (the change in the output applied by the adversary),

‐ the privacy parameter ,

‐ the sensitivity of the system the amount of change that any single argument to the system can change its output.

• Research goals

‐ Generalize this trade-off to all possible types of queries and changes that can be applied onto the system output by the adversary

(6)

References

1. C. Dwork, “Differential Privacy”. Automata, Languages and Programming, pgs. 1-12, 2006

2. J. Giraldo, A.A. Cardenas, M. Kantarcıoglu and J. Katz,

“Adversarial Classification Under Differential Privacy”, NDSS 2020

3. C. Dwork, F. McSherry, K. Nissim and A. Smith, “Calibrating Noise to Sensitivity in Private Data Analysis”, TCC 2006

4. P. Cuff and L. Yu, “Differential Privacy as a Mutual

Information Constraint”, ACM CCS 2016

Références

Télécharger maintenant ( PDF - 6 Page - 598.39 KB )

Documents relatifs

MACHINE LEARNING

The fundamental mathematical tools needed to understand machine learning include linear algebra, analytic geometry, matrix decompositions, vector calculus, optimization,

How is Machine Learning Useful for Macroeconomic Forecasting?

Figure 18: This graph display the marginal (un)improvements by variables and horizons to opt for the SVR in-sample loss function in comparing the data-poor and data-rich

Machine Learning

It’s a supervised learning method, so the usual route for getting a support vector machine set up would be to have some training data and some data to test the algorithm..

machine learning

Machine learning provides these, developing methods that can automatically detect patterns in data and use the uncovered patterns to predict future data.. This textbook offers

Machine Learning

• those that are specic to the random forest: q, bootstrap sample size, number of trees. Random forest are not very sensitive to hyper-parameters setting: default values for q

Is there a place for Machine Learning in Law?

The paper is inspired by work on logic-based formaliza- tion of legal reasoning, (Prakken and Sartor 1996), (Prakken and Sartor 1997), (Prakken and Sartor 1998), (Prakken and

Data for Machine Learning unix

Récupérez sur le site ftp à l’aide d’une ligne de commande le fichier suivant splice .tar.gz que l’on peut trouver à l’URL suivante : ftp.cs.toronto.edu dans le répertoire

Privacy-Aware Machine Learning Systems

We focus on the basic membership inference attack: given a data record and black-box access to a model, determine if the record was in the model’s training dataset.. To