Collaborative Research: III: Medium: A consolidated framework of computational privacy and machine learning

合作研究：III：媒介：计算隐私和机器学习的综合框架

• 批准号: 2212174
• 负责人: Jiayu Zhou
• 金额: $ 26.8万
• 依托单位: Michigan State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2212174&HistoricalAwards=false
• 关键词: Collaborative; Research; III; Medium; consolidated

Machine learning has grown to increase prominence over the past years, finding applications in various domains from image and speech processing to disease diagnosis. Despite the great success of machine learning techniques, massive amounts of data are collected and used to train the machine learning models. The privacy of sensitive data has become a big concern. Existing efforts are still preliminary, and enormous challenges remain to be resolved. Crucially, stronger privacy protection guarantees often sacrifice important properties of machine learning models, such as predictive utility and fairness, which can be undesirable or completely unacceptable. This project develops a consolidated privacy protection framework for machine learning systems that comprehensively considers the optimal trade-offs between computational privacy and several critical properties of machine learning, including utility, fairness, and distributed learning. The project will provide a comprehensive set of tools to protect data privacy for real-world machine learning applications under different circumstances. The privacy-preserving techniques will have a transformative impact on machine learning systems used by various sectors, allowing companies and hospitals to enjoy the advantages of machine learning techniques on big data while protecting data privacy under corresponding regulations.The research project thoroughly examines and discusses the real-world complicacy or restrictions when applying differential privacy, from privacy-utility trade-off, privacy-fairness relation, privacy in distributed learning, to post-learning privacy protection. The framework developed by the project takes deep root in rigorous optimization frameworks, often accompanied by theoretical guarantees and aided by cutting-edge algorithmic tools such as meta-learning, adversarial learning, and federated learning. Besides, the framework carries the following methodological innovations: differential privacy tailored to learning problems; customized privacy addressing heterogeneity in collaborative learning; privacy-protection of learned models through unlearning; consolidated privacy and fairness in learning. Those efforts will significantly augment the practicality and scalability of differential privacy. The project will be systematically evaluated on various real-world medical applications, and the tools will be readily used to tackle critical challenges in medical research. The outcomes will be incorporated into multiple courses at both undergraduate and graduate levels. The research outcomes will be disseminated broadly and comprehensively through open-source software releases and workshops, the involvement of undergraduate research, and outreach to K-12 education, focusing on minorities and under-representative groups in STEM education. Students at different levels and disciplines, STEM and liberal arts, will be participating in the research on privacy and machine learning.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

在过去的几年里，机器学习已经变得越来越突出，在从图像和语音处理到疾病诊断的各个领域都有应用。尽管机器学习技术取得了巨大的成功，但仍需要收集大量数据并用于训练机器学习模型。敏感数据的隐私已经成为一个大问题。现有的努力仍是初步的，巨大的挑战仍有待解决。至关重要的是，更强的隐私保护保证往往会牺牲机器学习模型的重要属性，例如预测效用和公平性，这可能是不可取的或完全不可接受的。该项目为机器学习系统开发了一个统一的隐私保护框架，该框架全面考虑了计算隐私与机器学习的几个关键属性（包括效用、公平性和分布式学习）之间的最佳权衡。该项目将提供一套全面的工具，在不同情况下保护真实世界机器学习应用程序的数据隐私。隐私保护技术将对各行各业使用的机器学习系统产生变革性的影响，使企业和医院在享受大数据机器学习技术优势的同时，在相应的法规下保护数据隐私。本研究项目从隐私-效用权衡、隐私-公平关系、隐私-安全关系、隐私-安全关系、隐私-公平关系、隐私-安全关系、隐私-安全关系分布式学习中的隐私问题，到学习后的隐私保护。该项目开发的框架深深植根于严格的优化框架，通常伴随着理论保证，并得到元学习，对抗学习和联邦学习等尖端算法工具的帮助。此外，该框架进行了以下方法的创新：差异隐私量身定制的学习问题;定制隐私解决协作学习中的异质性;通过unlearning学习模型的隐私保护;巩固隐私和学习的公平性。这些努力将大大增强差异隐私的实用性和可扩展性。该项目将在各种现实医学应用中进行系统评估，这些工具将随时用于应对医学研究中的关键挑战。其成果将纳入本科和研究生级别的多门课程中。研究成果将通过开源软件发布和研讨会，本科生研究的参与以及K-12教育的推广广泛而全面地传播，重点关注STEM教育中的少数民族和代表性不足的群体。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Robust Unsupervised Domain Adaptation from A Corrupted Source

• DOI: 10.1109/icdm54844.2022.00171
• 发表时间: 2022-11
• 期刊: 2022 IEEE International Conference on Data Mining (ICDM)
• 作者: Shuyang Yu;Zhuangdi Zhu;Boyang Liu;Anil K. Jain;Jiayu Zhou

Revisiting Data-Free Knowledge Distillation with Poisoned Teachers

• DOI: 10.48550/arxiv.2306.02368
• 发表时间: 2023-06
• 作者: Junyuan Hong;Yi Zeng;Shuyang Yu;L. Lyu;R. Jia;Jiayu Zhou

Trap and Replace: Defending Backdoor Attacks by Trapping Them into an Easy-to-Replace Subnetwork

• DOI: 10.48550/arxiv.2210.06428
• 发表时间: 2022-10
• 期刊: Advances in neural information processing systems
• 作者: Haotao Wang;Junyuan Hong;Aston Zhang;Jiayu Zhou;Zhangyang Wang

Turning the Curse of Heterogeneity in Federated Learning into a Blessing for Out-of-Distribution Detection

• 发表时间: 2023
• 作者: Shuyang Yu;Junyuan Hong;Haotao Wang;Zhangyang Wang;Jiayu Zhou

How Robust is Your Fairness? Evaluating and Sustaining Fairness under Unseen Distribution Shifts

• DOI: 10.48550/arxiv.2207.01168
• 发表时间: 2022-07
• 期刊: Transactions on machine learning research
• 作者: Haotao Wang;Junyuan Hong;Jiayu Zhou;Zhangyang Wang