权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

Collaborative Research: SaTC: CORE: Medium: Private Model Personalization

协作研究：SaTC：核心：媒介：私人模型个性化

基本信息

批准号：
2232694
负责人：
Adam Smith
金额：
$ 45万
依托单位：
Trustees of Boston University
依托单位国家：
美国
项目类别：
Standard Grant
财政年份：
2023
资助国家：
美国
起止时间：
2023-04-15 至 2027-03-31
项目状态：
未结题

来源：
https://www.nsf.gov/awardsearch/showAward?AWD_ID=2232694&HistoricalAwards=false
关键词：
Collaborative Research SaTC CORE Medium

项目摘要

Modern machine learning's success has brought with it a serious challenge for privacy: it is now widely documented that the models currently in use encode individual inputs in surprising ways. Understanding how to detect such memorization, and training methods that avoid it, is a major topic of current research. However, prior investigations have focused mostly on the batch model of machine learning, in which training data are all drawn from a single underlying population.This project seeks to understand the privacy risks that arise when the training data from many populations are pooled in order to take advantage of structure that is shared across populations. For example, many individuals’ photos could be pooled to train better face recognition algorithms (even though each person is interested in a different set of faces). Such settings—called “model personalization”, “multitask learning” or “meta-learning”—provide a powerful framework for combining insights from far-flung, disparate data sources. However, their power raises fundamental questions about the extent to which the results of joint analysis violate the privacy of individual users' data. The project looks both at attacks on privacy—methods for extracting individual-level or dataset-level information from the resulting predictions or models—as well as mitigation strategies based on the now-standard, state-of-the-art framework, differential privacy. The project involves both theoretical analysis and real-world experimentation. It will inform the development of training algorithms for these complex settings and provide tools for use by companies and other research groups. This impact will be facilitated by the project team's existing collaborations with industry researchers.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

现代机器学习的成功给隐私带来了严峻的挑战：目前广泛记录的是，目前使用的模型以令人惊讶的方式编码个人输入。了解如何检测这种记忆，以及如何训练避免这种记忆的方法，是当前研究的一个主要课题。然而，之前的研究主要集中在机器学习的批处理模型上，其中训练数据都是从单个潜在人群中提取的。该项目旨在了解为了利用跨群体共享的结构，将来自许多群体的训练数据汇集在一起时所产生的隐私风险。例如，许多人的照片可以汇集起来训练更好的人脸识别算法（即使每个人对一组不同的面孔感兴趣）。这样的设置——被称为“模型个性化”、“多任务学习”或“元学习”——提供了一个强大的框架，可以将来自遥远的、不同的数据源的见解结合起来。然而，他们的权力引发了一个根本性的问题，即联合分析的结果在多大程度上侵犯了个人用户的数据隐私。该项目着眼于对隐私的攻击——从结果预测或模型中提取个人级或数据集级信息的方法——以及基于现在标准的、最先进的框架——差分隐私的缓解策略。这个项目包括理论分析和现实世界的实验。它将为这些复杂设置的训练算法的开发提供信息，并为公司和其他研究团体提供使用工具。项目团队与行业研究人员的现有合作将促进这种影响。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

期刊论文数量（6）

专著数量（0）

科研奖励数量（0）

会议论文数量（0）

专利数量（0）

Counting Distinct Elements in the Turnstile Model with Differential Privacy under Continual Observation

在持续观察下计算具有差异隐私的旋转栅门模型中的不同元素

DOI：
发表时间：
2023
期刊：
NeurIPS 2023
影响因子：
0
作者：
Kalemaj, Iden;Jain, Palak;Raskhodnikova, Sofya;Sivakumar, Satchit;Smith, Adam D
通讯作者：
Smith, Adam D

Node-Differentially Private Estimation of the Number of Connected Components

DOI：
10.1145/3584372.3588671
发表时间：
2023-04
期刊：
Proceedings of the 42nd ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems
影响因子：
0
作者：
Iden Kalemaj;Sofya Raskhodnikova;Adam D. Smith;Charalampos E. Tsourakakis
通讯作者：
Iden Kalemaj;Sofya Raskhodnikova;Adam D. Smith;Charalampos E. Tsourakakis

Fast, Sample-Efficient, Affine-Invariant Private Mean and Covariance Estimation for Subgaussian DistributionsGavin Brown and Samuel B. Hopkins and Adam D. Smith

亚高斯分布的快速、样本高效、仿射不变私有均值和协方差估计Gavin Brown、Samuel B. Hopkins 和 Adam D. Smith