Kolloquium WiSe 2020/21
Prof. Dr. Esfandiar Mohammadi
Universität zu Lübeck
Institute for IT Security
When: Mo, 14.12.2020, at 17:15
You will receive the registration data via an email invitation. Please register for this at https://mailhost.informatik.uni-hamburg.de/mailman/listinfo/kolloquium.
Towards differentially private machine learning
Neural networks are used to tackle a wide variety of non-trivial problems if they are fed a massive amount of training data. As this training data can contain sensitive information, naturally the question arises: do neural networks leak any information about their training data? A rich body of literature has shown: yes, they can indeed leak information about their training data, even if only black-box access is possible, e.g., in a cloud service (MLaaS). It has been shown that the privacy notion of differential privacy can help against this kind of attacks. In this talk, I will discuss methods for differentially private training of neural networks, present our improved analysis methods, discuss limitations of current training methods, and give a glimpse into our ongoing work on improving differentially private training methods.
Prof. Dr. Mathias Fischer