Collaborative Research: III: Medium: A consolidated framework of computational privacy and machine learning

合作研究：III：媒介：计算隐私和机器学习的综合框架

• 批准号: 2212174
• 负责人: Jiayu Zhou
• 金额: $ 26.8万
• 依托单位: Michigan State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2212174&HistoricalAwards=false
• 关键词: Collaborative; Research; III; Medium; consolidated

Machine learning has grown to increase prominence over the past years, finding applications in various domains from image and speech processing to disease diagnosis. Despite the great success of machine learning techniques, massive amounts of data are collected and used to train the machine learning models. The privacy of sensitive data has become a big concern. Existing efforts are still preliminary, and enormous challenges remain to be resolved. Crucially, stronger privacy protection guarantees often sacrifice important properties of machine learning models, such as predictive utility and fairness, which can be undesirable or completely unacceptable. This project develops a consolidated privacy protection framework for machine learning systems that comprehensively considers the optimal trade-offs between computational privacy and several critical properties of machine learning, including utility, fairness, and distributed learning. The project will provide a comprehensive set of tools to protect data privacy for real-world machine learning applications under different circumstances. The privacy-preserving techniques will have a transformative impact on machine learning systems used by various sectors, allowing companies and hospitals to enjoy the advantages of machine learning techniques on big data while protecting data privacy under corresponding regulations.The research project thoroughly examines and discusses the real-world complicacy or restrictions when applying differential privacy, from privacy-utility trade-off, privacy-fairness relation, privacy in distributed learning, to post-learning privacy protection. The framework developed by the project takes deep root in rigorous optimization frameworks, often accompanied by theoretical guarantees and aided by cutting-edge algorithmic tools such as meta-learning, adversarial learning, and federated learning. Besides, the framework carries the following methodological innovations: differential privacy tailored to learning problems; customized privacy addressing heterogeneity in collaborative learning; privacy-protection of learned models through unlearning; consolidated privacy and fairness in learning. Those efforts will significantly augment the practicality and scalability of differential privacy. The project will be systematically evaluated on various real-world medical applications, and the tools will be readily used to tackle critical challenges in medical research. The outcomes will be incorporated into multiple courses at both undergraduate and graduate levels. The research outcomes will be disseminated broadly and comprehensively through open-source software releases and workshops, the involvement of undergraduate research, and outreach to K-12 education, focusing on minorities and under-representative groups in STEM education. Students at different levels and disciplines, STEM and liberal arts, will be participating in the research on privacy and machine learning.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

在过去的几年里，机器学习的重要性日益凸显，在从图像和语音处理到疾病诊断的各个领域都有应用。尽管机器学习技术取得了巨大成功，但仍然收集了大量数据并用于训练机器学习模型。敏感数据的隐私已成为一个大问题。现有的努力仍处于初步阶段，还有巨大的挑战有待解决。至关重要的是，更强的隐私保护保证通常会牺牲机器学习模型的重要属性，例如预测效用和公平性，这可能是不可取的或完全不可接受的。该项目为机器学习系统开发了一个统一的隐私保护框架，该框架综合考虑了计算隐私与机器学习的几个关键属性（包括效用、公平性和分布式学习）之间的最佳权衡。该项目将提供一套全面的工具来保护不同情况下真实机器学习应用程序的数据隐私。隐私保护技术将对各行业使用的机器学习系统产生变革性影响，让企业和医院在享受相应法规下的数据隐私保护的同时，享受机器学习技术在大数据上的优势。该研究项目深入研究和讨论了应用差分隐私时现实世界的复杂性或限制，从隐私-效用权衡、隐私-公平关系、分布式学习中的隐私，到学习后隐私保护。该项目开发的框架深深植根于严格的优化框架，往往伴有理论保证，并辅以元学习、对抗学习、联邦学习等前沿算法工具。此外，该框架还具有以下方法创新：针对学习问题的差异隐私；定制隐私解决协作学习中的异构性；通过取消学习来保护学习模型的隐私；巩固学习中的隐私和公平。这些努力将显着增强差异隐私的实用性和可扩展性。该项目将在各种现实世界的医疗应用中进行系统评估，并且这些工具将很容易用于应对医学研究中的关键挑战。研究成果将被纳入本科生和研究生的多个课程中。研究成果将通过开源软件发布和研讨会、本科生研究的参与以及 K-12 教育的推广来广泛、全面地传播，重点关注 STEM 教育中的少数群体和代表性不足的群体。不同级别和学科、STEM 和文科的学生都将参与隐私和机器学习的研究。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Robust Unsupervised Domain Adaptation from A Corrupted Source

• DOI: 10.1109/icdm54844.2022.00171
• 发表时间: 2022-11
• 期刊: 2022 IEEE International Conference on Data Mining (ICDM)
• 作者: Shuyang Yu;Zhuangdi Zhu;Boyang Liu;Anil K. Jain;Jiayu Zhou

Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork

• DOI: 10.48550/arxiv.2210.06428
• 发表时间: 2022-10
• 期刊: Advances in neural information processing systems
• 作者: Haotao Wang;Junyuan Hong;Aston Zhang;Jiayu Zhou;Zhangyang Wang

Revisiting Data-Free Knowledge Distillation with Poisoned Teachers

• DOI: 10.48550/arxiv.2306.02368
• 发表时间: 2023-06
• 作者: Junyuan Hong;Yi Zeng;Shuyang Yu;L. Lyu;R. Jia;Jiayu Zhou

Turning the Curse of Heterogeneity in Federated Learning into a Blessing for Out-of-Distribution Detection

• 发表时间: 2023
• 作者: Shuyang Yu;Junyuan Hong;Haotao Wang;Zhangyang Wang;Jiayu Zhou

How Robust is Your Fairness? Evaluating and Sustaining Fairness under Unseen Distribution Shifts

• DOI: 10.48550/arxiv.2207.01168
• 发表时间: 2022-07
• 期刊: Transactions on machine learning research
• 作者: Haotao Wang;Junyuan Hong;Jiayu Zhou;Zhangyang Wang