no code implementations • 28 Mar 2018 • Shayak Sen, Piotr Mardziel, Anupam Datta, Matthew Fredrikson
Standard methods for training classifiers that minimize empirical risk do not constrain the behavior of the classifier on such datapoints.
no code implementations • 22 May 2017 • Anupam Datta, Matthew Fredrikson, Gihyuk Ko, Piotr Mardziel, Shayak Sen
For a specific instantiation of this definition, we present a program analysis technique that detects instances of proxy use in a model, and provides a witness that identifies which parts of the corresponding program exhibit the behavior.
no code implementations • 20 Dec 2015 • Xi Wu, Matthew Fredrikson, Wentao Wu, Somesh Jha, Jeffrey F. Naughton
Perhaps more importantly, our theory reveals that the most basic mechanism in differential privacy, output perturbation, can be used to obtain a better tradeoff for all convex-Lipschitz-bounded learning tasks.