Search Results for author:
Found 46 papers, 14 papers with code
Context Aware Local Differential Privacy
The original definition of LDP assumes that all the elements in the data domain are equally sensitive.
Confidential Federated Computations
Federated Learning and Analytics (FLA) have seen widespread adoption by technology platforms for processing sensitive on-device data.
Can LLMs get help from other LLMs without revealing private information?
In this work, we show the feasibility of applying cascade systems in such setups by equipping the local model with privacy-preserving techniques that reduce the risk of leaking private information when querying the remote model.
Privacy-Preserving Instructions for Aligning Large Language Models
Service providers of large language model (LLM) applications collect user instructions in the wild and use them in further aligning LLMs with users' intentions.
User Inference Attacks on Large Language Models
Fine-tuning is a common and effective method for tailoring large language models (LLMs) to specialized tasks and applications.
Private Federated Learning with Autotuned Compression
We propose new techniques for reducing communication in private federated learning without the need for setting or tuning compression rates.
Private Federated Frequency Estimation: Adapting to the Hardness of the Instance
For single-round FFE, it is known that count sketching is nearly information-theoretically optimal for achieving the fundamental accuracy-communication trade-offs [Chen et al., 2022].
Federated Learning of Gboard Language Models with Differential Privacy
We train language models (LMs) with federated learning (FL) and differential privacy (DP) in the Google Keyboard (Gboard).
One-shot Empirical Privacy Estimation for Federated Learning
Privacy estimation techniques for differentially private (DP) algorithms are useful for comparing against analytical bounds, or to empirically measure privacy loss in settings where known analytical bounds are not tight.
The Poisson binomial mechanism for secure and private federated learning
Unlike previous discrete DP schemes based on additive noise, our mechanism encodes local information into a parameter of the binomial distribution, and hence the output distribution is discrete with bounded support.
Algorithms for bounding contribution for histogram estimation under user-level privacy
In this scenario, the amount of noise injected into the histogram to obtain differential privacy is proportional to the maximum user contribution, which can be amplified by few outliers.
The Fundamental Price of Secure Aggregation in Differentially Private Federated Learning
We consider the problem of training a $d$ dimensional model with distributed differential privacy (DP) where secure aggregation (SecAgg) is used to ensure that the server only sees the noisy sum of $n$ model updates in every training round.
Privacy-Utility Trades in Crowdsourced Signal Map Obfuscation
Cellular providers and data aggregating companies crowdsource celluar signal strength measurements from user devices to generate signal maps, which can be used to improve network performance.
Towards Sparse Federated Analytics: Location Heatmaps under Distributed Differential Privacy with Secure Aggregation
We design a scalable algorithm to privately generate location heatmaps over decentralized data from millions of user devices.
Optimal Compression of Locally Differentially Private Mechanisms
Compressing the output of \epsilon-locally differentially private (LDP) randomizers naively leads to suboptimal utility.
The Skellam Mechanism for Differentially Private Federated Learning
We introduce the multi-dimensional Skellam mechanism, a discrete differential privacy mechanism based on the difference of two independent Poisson random variables.
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning
While recent works have indicated that federated learning (FL) may be vulnerable to poisoning attacks by compromised clients, their real impact on production FL systems is not fully understood.
A Field Guide to Federated Optimization
Federated learning and analytics are a distributed approach for collaboratively learning models (or statistics) from decentralized data, motivated by and designed for privacy protection.
Breaking The Dimension Dependence in Sparse Distribution Estimation under Communication Constraints
For the interactive setting, we propose a novel tree-based estimation scheme and show that the minimum sample-size needed to achieve dimension-free convergence can be further reduced to $n^*(s, d, b) = \tilde{O}\left( {s^2\log^2 d}/{2^b} \right)$.
On the Renyi Differential Privacy of the Shuffle Model
The central question studied in this paper is Renyi Differential Privacy (RDP) guarantees for general discrete local mechanisms in the shuffle privacy model.
Practical and Private (Deep) Learning without Sampling or Shuffling
We consider training models with differential privacy (DP) using mini-batch gradients.
The Distributed Discrete Gaussian Mechanism for Federated Learning with Secure Aggregation
To ensure privacy, we add on-device noise and use secure aggregation so that only the noisy sum is revealed to the server.
Estimating Sparse Discrete Distributions Under Local Privacy and Communication Constraints
We consider the problem of estimating sparse discrete distributions under local differential privacy (LDP) and communication constraints.
Shuffled Model of Federated Learning: Privacy, Communication and Accuracy Trade-offs
We consider a distributed empirical risk minimization (ERM) optimization problem with communication efficiency and privacy requirements, motivated by the federated learning (FL) framework.
Fast Dimension Independent Private AdaGrad on Publicly Estimated Subspaces
In particular, we show that if the gradients lie in a known constant rank subspace, and assuming algorithmic access to an envelope which bounds decaying sensitivity, one can achieve faster convergence to an excess empirical risk of $\tilde O(1/\epsilon n)$, where $\epsilon$ is the privacy budget and $n$ the number of samples.
Breaking the Communication-Privacy-Accuracy Trilemma
In particular, we consider the problems of mean estimation and frequency estimation under $\varepsilon$-local differential privacy and $b$-bit communication constraints.
Privacy Amplification via Random Check-Ins
It has privacy/accuracy trade-offs similar to privacy amplification by subsampling/shuffling.
DP-CGAN: Differentially Private Synthetic Data and Label Generation
Generative Adversarial Networks (GANs) are one of the well-known models to generate synthetic data including images, especially for research communities that cannot use original sensitive datasets because they are not publicly accessible.
Advances and Open Problems in Federated Learning
FL embodies the principles of focused data collection and minimization, and can mitigate many of the systemic privacy risks and costs resulting from traditional, centralized machine learning and data science approaches.
Can You Really Backdoor Federated Learning?
This paper focuses on backdoor attacks in the federated learning setting, where the goal of the adversary is to reduce the performance of the model on targeted tasks while maintaining good performance on the main task.
Generative Models for Effective ML on Private, Decentralized Datasets
To improve real-world applications of machine learning, experienced modelers develop intuition about their datasets, their models, and how the two interact.
Theoretical Guarantees for Model Auditing with Finite Adversaries
Privacy concerns have led to the development of privacy-preserving approaches for learning models from sensitive data.
Context-Aware Local Differential Privacy
Local differential privacy (LDP) is a strong notion of privacy for individual users that often comes at the expense of a significant drop in utility.
Generating Fair Universal Representations using Adversarial Models
We present a data-driven framework for learning fair universal representations (FUR) that guarantee statistical fairness for any learning task that may not be known a priori.
A Tunable Loss Function for Robust Classification: Calibration, Landscape, and Generalization
We introduce a tunable loss function called $\alpha$-loss, parameterized by $\alpha \in (0,\infty]$, which interpolates between the exponential loss ($\alpha = 1/2$), the log-loss ($\alpha = 1$), and the 0-1 loss ($\alpha = \infty$), for the machine learning setting of classification.
Generative Adversarial Models for Learning Private and Fair Representations
We present Generative Adversarial Privacy and Fairness (GAPF), a data-driven framework for learning private and fair representations of the data.
A Tunable Loss Function for Binary Classification
We present $\alpha$-loss, $\alpha \in [1,\infty]$, a tunable loss function for binary classification that bridges log-loss ($\alpha=1$) and $0$-$1$ loss ($\alpha = \infty$).
A General Approach to Adding Differential Privacy to Iterative Training Procedures
In this work we address the practical challenges of training machine learning models on privacy-sensitive datasets by introducing a modular approach that minimizes changes to training algorithms, provides a variety of configuration strategies for the privacy mechanism, and then isolates and simplifies the critical logic that computes the final privacy guarantees.
Understanding Compressive Adversarial Privacy
Designing a data sharing mechanism without sacrificing too much privacy can be considered as a game between data holders and malicious attackers.
Generative Adversarial Privacy
We present a data-driven framework called generative adversarial privacy (GAP).
Siamese Generative Adversarial Privatizer for Biometric Data
Extensive evaluation on a biometric dataset of fingerprints and cartoon faces confirms usefulness of our simple yet effective method.
Context-Aware Generative Adversarial Privacy
On the one hand, context-free privacy solutions, such as differential privacy, provide strong privacy guarantees, but often lead to a significant reduction in utility.
Discrete Distribution Estimation under Local Privacy
The collection and analysis of user data drives improvements in the app and web ecosystems, but comes with risks to privacy.
Secure Multi-party Differential Privacy
In this setting, each party is interested in computing a function on its private bit and all the other parties' bits.
Spy vs. Spy: Rumor Source Obfuscation
Whether for fear of judgment or personal endangerment, it is crucial to keep anonymous the identity of the user who initially posted a sensitive message.
The Composition Theorem for Differential Privacy
Sequential querying of differentially private mechanisms degrades the overall privacy level.
Data Structures and Algorithms Cryptography and Security Information Theory Information Theory
