no code implementations • 6 Dec 2023 • Sajjad Zarifzadeh, Philippe Liu, Reza Shokri
Under computation constraints, where only a limited number of pre-trained reference models (as few as 1) are available, and also when we vary other elements of the attack, our method performs exceptionally well, unlike some prior attacks that approach random guessing.
no code implementations • 27 Oct 2023 • Niloofar Mireshghallah, Hyunwoo Kim, Xuhui Zhou, Yulia Tsvetkov, Maarten Sap, Reza Shokri, Yejin Choi
The interactive use of large language models (LLMs) in AI assistants (at work, home, etc.)
1 code implementation • 29 Sep 2023 • Jiayuan Ye, Anastasia Borovykh, Soufiane Hayou, Reza Shokri
We introduce an analytical framework to quantify the changes in a machine learning algorithm's output distribution following the inclusion of a few data points in its training set, a notion we define as leave-one-out distinguishability (LOOD).
1 code implementation • 11 Sep 2023 • Zebang Shen, Jiayuan Ye, Anmin Kang, Hamed Hassani, Reza Shokri
Repeated parameter sharing in federated learning causes significant information leakage about private data, thus defeating its main purpose: data privacy.
1 code implementation • 5 Sep 2023 • Hongyan Chang, Reza Shokri
Our work calls for auditing group fairness in federated learning and designing learning algorithms that are robust to bias propagation.
no code implementations • 9 Jul 2023 • Prakhar Ganesh, Hongyan Chang, Martin Strobel, Reza Shokri
We investigate the impact on group fairness of different sources of randomness in training neural networks.
no code implementations • 17 May 2023 • Niloofar Mireshghallah, Justus Mattern, Sicun Gao, Reza Shokri, Taylor Berg-Kirkpatrick
With the advent of fluent generative language models that can produce convincing utterances very similar to those written by humans, distinguishing whether a piece of text is machine-generated or human-written becomes more challenging and more important, as such models could be used to spread misinformation, fake news, fake reviews and to mimic certain authors and figures.
no code implementations • 14 Sep 2022 • Martin Strobel, Reza Shokri
The privacy risks of machine learning models is a major concern when training them on sensitive and personal data.
no code implementations • 31 Mar 2022 • Florian Tramèr, Reza Shokri, Ayrton San Joaquin, Hoang Le, Matthew Jagielski, Sanghyun Hong, Nicholas Carlini
We show that an adversary who can poison a training dataset can cause models trained on this dataset to leak significant private details of training points belonging to other parties.
no code implementations • 10 Mar 2022 • Jiayuan Ye, Reza Shokri
We prove that, in these settings, our privacy bound converges exponentially fast and is substantially smaller than the composition bounds, notably after a few number of training epochs.
no code implementations • 8 Mar 2022 • FatemehSadat Mireshghallah, Kartik Goyal, Archit Uniyal, Taylor Berg-Kirkpatrick, Reza Shokri
The wide adoption and application of Masked language models~(MLMs) on sensitive data (from legal to medical) necessitates a thorough quantitative investigation into their privacy vulnerabilities -- to what extent do MLMs leak information about their training data?
no code implementations • 11 Feb 2022 • Hannah Brown, Katherine Lee, FatemehSadat Mireshghallah, Reza Shokri, Florian Tramèr
Language models lack the ability to understand the context and sensitivity of text, and tend to memorize phrases present in their training sets.
1 code implementation • 18 Nov 2021 • Jiayuan Ye, Aadyaa Maddi, Sasi Kumar Murakonda, Vincent Bindschaedler, Reza Shokri
Membership inference attacks are used as an auditing tool to quantify this leakage.
no code implementations • 29 Sep 2021 • Jiayuan Ye, Aadyaa Maddi, Sasi Kumar Murakonda, Reza Shokri
In this paper, we present a framework that can explain the implicit assumptions and also the simplifications made in the prior work.
no code implementations • NeurIPS 2021 • Rishav Chourasia, Jiayuan Ye, Reza Shokri
What is the information leakage of an iterative randomized learning algorithm about its training data, when the internal state of the algorithm is \emph{private}?
1 code implementation • 7 Nov 2020 • Hongyan Chang, Reza Shokri
We show that fairness comes at the cost of privacy, and this cost is not distributed equally: the information leakage of fair models increases significantly on the unprivileged subgroups, which are the ones for whom we need fair learning.
1 code implementation • 25 Jul 2020 • Anshul Aggarwal, Trevor E. Carlson, Reza Shokri, Shruti Tople
In this setting, our objective is to protect the confidentiality of both the users' input queries as well as the model parameters at the server, with modest computation and communication overhead.
no code implementations • 22 Jul 2020 • Milad Nasr, Reza Shokri, Amir Houmansadr
We show that our mechanism outperforms the state-of-the-art DPSGD; for instance, for the same model accuracy of $96. 1\%$ on MNIST, our technique results in a privacy bound of $\epsilon=3. 2$ compared to $\epsilon=6$ of DPSGD, which is a significant improvement.
1 code implementation • 18 Jul 2020 • Sasi Kumar Murakonda, Reza Shokri
In addition to the threats of illegitimate access to data through security breaches, machine learning models pose an additional privacy risk to the data by indirectly revealing about it through the model predictions and parameters.
no code implementations • 16 Jun 2020 • Neel Patel, Reza Shokri, Yair Zick
The drawback is that model explanations can leak information about the training data and the explanation data used to generate them, thus undermining data privacy.
1 code implementation • 15 Jun 2020 • Hongyan Chang, Ta Duy Nguyen, Sasi Kumar Murakonda, Ehsan Kazemi, Reza Shokri
Optimizing prediction accuracy can come at the expense of fairness.
no code implementations • 24 Dec 2019 • Hongyan Chang, Virat Shejwalkar, Reza Shokri, Amir Houmansadr
Collaborative (federated) learning enables multiple parties to train a model without sharing their private data, but through repeated sharing of the parameters of their local models.
no code implementations • 27 Sep 2019 • Congzheng Song, Reza Shokri
In this paper, we present \emph{membership encoding} for training deep neural networks and encoding the membership information, i. e. whether a data point is used for training, for a subset of training data.
no code implementations • 29 Jun 2019 • Reza Shokri, Martin Strobel, Yair Zick
We analyze connections between model explanations and the leakage of sensitive information about the model's training set.
1 code implementation • 31 May 2019 • Te Juin Lester Tan, Reza Shokri
Many detection algorithms are designed to detect backdoors on input samples or model parameters, through the statistical difference between the latent representations of adversarial and clean input samples in the poisoned model.
no code implementations • 29 May 2019 • Sasi Kumar Murakonda, Reza Shokri, George Theodorakopoulos
It provides a measure of the potential leakage of a model given its structure, as a function of the model complexity and the size of the training set.
1 code implementation • 24 May 2019 • Liwei Song, Reza Shokri, Prateek Mittal
To perform the membership inference attacks, we leverage the existing inference methods that exploit model predictions.
4 code implementations • 3 Dec 2018 • Milad Nasr, Reza Shokri, Amir Houmansadr
Deep neural networks are susceptible to various inference attacks as they remember information about their training data.
1 code implementation • 16 Jul 2018 • Milad Nasr, Reza Shokri, Amir Houmansadr
In this paper, we focus on such attacks against black-box models, where the adversary can only observe the output of the model, but not its parameters.
no code implementations • 15 Mar 2018 • Tyler Hunt, Congzheng Song, Reza Shokri, Vitaly Shmatikov, Emmett Witchel
Existing ML-as-a-service platforms require users to reveal all training data to the service operator.
Cryptography and Security
no code implementations • 26 Aug 2017 • Vincent Bindschaedler, Reza Shokri, Carl A. Gunter
We demonstrate the efficiency of this generative technique on a large dataset; it is shown to preserve the utility of original data with respect to various statistical analysis and machine learning measures.
12 code implementations • 18 Oct 2016 • Reza Shokri, Marco Stronati, Congzheng Song, Vitaly Shmatikov
We quantitatively investigate how machine learning models leak information about the individual data records on which they were trained.
no code implementations • 1 Sep 2016 • Richard McPherson, Reza Shokri, Vitaly Shmatikov
We demonstrate that modern image recognition methods based on artificial neural networks can recover hidden information from images protected by various forms of obfuscation.
no code implementations • 14 Feb 2014 • Reza Shokri
We optimize utility subject to a joint guarantee of differential privacy (indistinguishability) and distortion privacy (inference error).
Cryptography and Security Computer Science and Game Theory