Search Results for author:
Found 25 papers, 4 papers with code
Quantifying and Mitigating Privacy Risks for Tabular Generative Models
The backbone technology of tabular synthesizers is rooted in image generative models, ranging from Generative Adversarial Networks (GANs) to recent diffusion models.
Batch Clipping and Adaptive Layerwise Clipping for Differential Private Stochastic Gradient Descent
In this paper, we propose {\em a new ALC and provide rigorous DP proofs for both BC and ALC}.
Considerations on the Theory of Training Models with Differential Privacy
In federated learning collaborative learning takes place by a set of clients who each want to remain in control of how their local training data is used, in particular, how can each client's local training data remain private?
Gradient Descent-Type Methods: Background and Simple Unified Convergence Analysis
In this book chapter, we briefly describe the main components that constitute the gradient descent method and its accelerated and stochastic variants.
Generalizing DP-SGD with Shuffling and Batch Clipping
Classical differential private DP-SGD implements individual clipping with random subsampling, which forces a mini-batch SGD approach.
Game Theoretic Mixed Experts for Combinational Adversarial Machine Learning
First, how can the low transferability between defenses be utilized in a game theoretic framework to improve the robustness?
Finite-Sum Optimization: A New Perspective for Convergence to a Global Solution
How and under what assumptions is guaranteed convergence to a \textit{global} minimum possible?
Back in Black: A Comparative Evaluation of Recent State-Of-The-Art Black-Box Attacks
In this paper, we seek to help alleviate this problem by systematizing the recent advances in adversarial machine learning black-box attacks since 2019.
New Perspective on the Global Convergence of Finite-Sum Optimization
How and under what assumptions is guaranteed convergence to a \textit{global} minimum possible?
On the Robustness of Vision Transformers to Adversarial Examples
In this paper, we study the robustness of Vision Transformers to adversarial examples.
Proactive DP: A Multple Target Optimization Framework for DP-SGD
Generally, DP-SGD is $(\epsilon\leq 1/2,\delta=1/N)$-DP if $\sigma=\sqrt{2(\epsilon +\ln(1/\delta))/\epsilon}$ with $T$ at least $\approx 2k^2/\epsilon$ and $(2/e)^2k^2-1/2\geq \ln(N)$, where $T$ is the total number of rounds, and $K=kN$ is the total number of gradient computations where $k$ measures $K$ in number of epochs of size $N$ of the local data set.
Buffer Zone based Defense against Adversarial Examples in Image Classification
Based on our study of these defenses, we develop three contributions.
Hogwild! over Distributed Local Data Sets with Linearly Increasing Mini-Batch Sizes
We consider big data analysis where training data is distributed among local data sets in a heterogeneous way -- and we wish to move SGD computations to local compute nodes where local data resides.
Asynchronous Federated Learning with Reduced Number of Rounds and with Differential Privacy from Less Aggregated Gaussian Noise
The feasibility of federated learning is highly constrained by the server-clients infrastructure in terms of network communication.
Beware the Black-Box: on the Robustness of Recent Defenses to Adversarial Examples
We provide this large scale study and analyses to motivate the field to move towards the development of more robust black-box defenses.
A Hybrid Stochastic Policy Gradient Algorithm for Reinforcement Learning
We propose a novel hybrid stochastic policy gradient estimator by combining an unbiased policy gradient estimator, the REINFORCE estimator, with another biased one, an adapted SARAH estimator for policy optimization.
A Unified Convergence Analysis for Shuffling-Type Gradient Methods
We also study uniformly randomized shuffling variants with different learning rates and model assumptions.
BUZz: BUffer Zones for defending adversarial examples in image classification
We argue that our defense based on buffer zones offers significant improvements over state-of-the-art defenses.
Finite-Sum Smooth Optimization with SARAH
The total complexity (measured as the total number of gradient computations) of a stochastic first-order optimization algorithm that finds a first-order stationary point of a finite-sum smooth nonconvex objective function $F(w)=\frac{1}{n} \sum_{i=1}^n f_i(w)$ has been proven to be at least $\Omega(\sqrt{n}/\epsilon)$ for $n \leq \mathcal{O}(\epsilon^{-2})$ where $\epsilon$ denotes the attained accuracy $\mathbb{E}[ \|\nabla F(\tilde{w})\|^2] \leq \epsilon$ for the outputted approximation $\tilde{w}$ (Fang et al., 2018).
DTN: A Learning Rate Scheme with Convergence Rate of $\mathcal{O}(1/t)$ for SGD
This paper has some inconsistent results, i. e., we made some failed claims because we did some mistakes for using the test criterion for a series.
New Convergence Aspects of Stochastic Gradient Algorithms
We show the convergence of SGD for strongly convex objective function without using bounded gradient assumption when $\{\eta_t\}$ is a diminishing sequence and $\sum_{t=0}^\infty \eta_t \rightarrow \infty$.
Tight Dimension Independent Lower Bound on the Expected Convergence Rate for Diminishing Step Sizes in SGD
We study the convergence of Stochastic Gradient Descent (SGD) for strongly convex objective functions.
Characterization of Convex Objective Functions and Optimal Expected Convergence Rates for SGD
We study Stochastic Gradient Descent (SGD) with diminishing step sizes for convex objective functions.
SGD and Hogwild! Convergence Without the Bounded Gradients Assumption
In (Bottou et al., 2016), a new analysis of convergence of SGD is performed under the assumption that stochastic gradients are bounded with respect to the true gradient norm.
Intrinsically Reliable and Lightweight Physical Obfuscated Keys
Physical Obfuscated Keys (POKs) allow tamper-resistant storage of random keys based on physical disorder.
Cryptography and Security
