Search Results for author:
Found 21 papers, 7 papers with code
Decentralised, Collaborative, and Privacy-preserving Machine Learning for Multi-Hospital Data
In addition, the ML models trained with DeCaPH framework in general outperform those trained solely with the private datasets from individual parties, showing that DeCaPH enhances the model generalizability.
Memorization in Self-Supervised Learning Improves Downstream Generalization
Our definition compares the difference in alignment of representations for data points and their augmented views returned by both encoders that were trained on these data points and encoders that were not.
Have it your way: Individualized Privacy Assignment for DP-SGD
DP-SGD is the canonical approach to training models with differential privacy.
Reconstructing Individual Data Points in Federated Learning Hardened with Differential Privacy and Secure Aggregation
FL is promoted as a privacy-enhancing technology (PET) that provides data minimization: data never "leaves" personal devices and users share only model updates with a server (e. g., a company) coordinating the distributed training.
Private Multi-Winner Voting for Machine Learning
We use our mechanisms to enable privacy-preserving multi-label learning in the central setting by extending the canonical single-label technique: PATE.
Dataset Inference for Self-Supervised Models
We introduce a new dataset inference defense, which uses the private training set of the victim encoder model to attribute its ownership in the event of stealing.
$p$-DkNN: Out-of-Distribution Detection Through Statistical Testing of Deep Representations
We introduce $p$-DkNN, a novel inference procedure that takes a trained deep neural network and analyzes the similarity structures of its intermediate hidden representations to compute $p$-values associated with the end-to-end model prediction.
Selective Classification Via Neural Network Training Dynamics
Selective classification is the task of rejecting inputs a model would predict incorrectly on through a trade-off between input space coverage and model accuracy.
On the Difficulty of Defending Self-Supervised Learning against Model Extraction
We construct several novel attacks and find that approaches that train directly on a victim's stolen representations are query efficient and enable high accuracy for downstream models.
Individualized PATE: Differentially Private Machine Learning with Individual Privacy Guarantees
Applying machine learning (ML) to sensitive domains requires privacy protection of the underlying training data through formal privacy frameworks, such as differential privacy (DP).
Increasing the Cost of Model Extraction with Calibrated Proof of Work
Since we calibrate the effort required to complete the proof-of-work to each query, this only introduces a slight overhead for regular users (up to 2x).
When the Curious Abandon Honesty: Federated Learning Is Not Private
Instead, these devices share gradients, parameters, or other model updates, with a central party (e. g., a company) coordinating the training.
On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples
In the white-box setting, we instantiate this class with a joint, multi-stage optimization attack.
CaPC Learning: Confidential and Private Collaborative Learning
There is currently no method that enables machine learning in such a setting, where both confidentiality and privacy need to be preserved, to prevent both explicit and implicit sharing of data.
Pretrained Transformers Improve Out-of-Distribution Robustness
Although pretrained Transformers such as BERT achieve high accuracy on in-distribution examples, do they generalize to new distributions?
Machine Learning enabled Spectrum Sharing in Dense LTE-U/Wi-Fi Coexistence Scenarios
The promise of ML techniques in solving non-linear problems influenced this work which aims to apply known ML techniques and develop new ones for wireless spectrum sharing between Wi-Fi and LTE in the unlicensed spectrum.
Analysis of Random Perturbations for Robust Convolutional Neural Networks
Recent work has extensively shown that randomized perturbations of neural networks can improve robustness to adversarial attacks.
Machine Learning based detection of multiple Wi-Fi BSSs for LTE-U CSAT
This approach delivers an accuracy close to 100% compared to auto-correlation (AC) and energy detection (ED) approaches.
Band-limited Training and Inference for Convolutional Neural Networks
The convolutional layers are core building blocks of neural network architectures.
A Perturbation Analysis of Input Transformations for Adversarial Attacks
The existence of adversarial examples, or intentional mis-predictions constructed from small changes to correctly predicted examples, is one of the most significant challenges in neural network research today.
Testing Robustness Against Unforeseen Adversaries
To narrow in on this discrepancy between research and reality we introduce ImageNet-UA, a framework for evaluating model robustness against a range of unforeseen adversaries, including eighteen new non-L_p attacks.
