Search Results for author:
Found 8 papers, 3 papers with code
Gradients Look Alike: Sensitivity is Often Overestimated in DP-SGD
Put all together, our evaluation shows that this novel DP-SGD analysis allows us to now formally show that DP-SGD leaks significantly less privacy for many datapoints (when trained on common benchmarks) than the current data-independent guarantee.
Proof-of-Learning is Currently More Broken Than You Think
They empirically argued the benefit of this approach by showing how spoofing--computing a proof for a stolen model--is as expensive as obtaining the proof honestly by training the model.
On the Necessity of Auditable Algorithmic Definitions for Machine Unlearning
Machine unlearning, i. e. having a model forget about some of its training data, has become increasingly more important as privacy legislation promotes variants of the right-to-be-forgotten.
A Zest of LIME: Towards Architecture-Independent Model Distances
In this paper, we instead propose to compute distance between black-box models by comparing their Local Interpretable Model-Agnostic Explanations (LIME).
SoK: Machine Learning Governance
The application of machine learning (ML) in computer systems introduces not only many benefits but also risks to society.
Proof-of-Learning: Definitions and Practice
In particular, our analyses and experiments show that an adversary seeking to illegitimately manufacture a proof-of-learning needs to perform *at least* as much work than is needed for gradient descent itself.
Entangled Watermarks as a Defense against Model Extraction
Such pairs are watermarks, which are not sampled from the task distribution and are only known to the defender.
Machine Unlearning
Once users have shared their data online, it is generally difficult for them to revoke access and ask for the data to be deleted.
