Crypto Seminar - Yu Wei

— 5:30pm

Location:
Virtual Presentation - ET - Remote Access - Zoom

Speaker:
YU WEI , Ph.D. StudentCollege of Computing, Georgia Institute of Technology
https://www.yuweii.com/

Black-box Estimation of Differential Privacy in Machine Learning

Private data publication with provable privacy guarantees, such as Differential Privacy (DP), becomes pressing as ML algorithms increasingly deployed on sensitive data. Yet many widely used randomized algorithms were designed before privacy became a central concern, and too complex or nonstandard for existing DP tools, leaving their deployed privacy guarantees largely unknown. In this talk, we will discuss how to address this challenge by developing tools for analyzing DP and its variants in general randomized algorithms.

First, I will present a general black-box framework for estimating the DP guarantees of arbitrary randomized algorithms without requiring access to their internal code or algorithmic description. The idea is to recast privacy estimation as a binary classification problem, which yields tight estimates of privacy parameters together with finite-sample theoretical guarantees.

Second, I extend this approach to f-differential privacy, a hypothesis-testing–based refinement of DP, and add an explicit auditing layer on top. I will show how this framework can audit DP-SGD implementations with comparable tightness and computational cost to prior methods, while requiring strictly less information about the underlying training procedure.

We conclude with applications of our black-box estimators: recovering the privacy profiles of nonstandard randomized ML methods, such as random projection and approximate least squares, and showing how, combined with analytical results, they can be upgraded into DP mechanisms with minimal modification.

—

Yu Wei is a fifth year PhD student at the Georgia Institute of Technology, advised by Professor Vassilis Zikas. He has a broad research interest in cryptography, privacy, and machine learning. His recent research focuses on differential privacy and related topics in secure computation and game-theoretic cryptography. His work has appeared in venues such as IEEE S&P, USENIX Security, and TCC.

Zoom Participation.  See announcement. 

For More Information:
tianyaog@andrew.cmu.edu

Add event to Google
Add event to iCal