2024-08-21 CERIAS - Privacy and Security in ML: A Priority, not an Afterthought

Recorded: 08/21/2024 CERIAS Security Seminar at Purdue University Privacy and Security in ML: A Priority, not an Afterthought Shagufta Mehnaz, The Pennsylvania State University The increased use of machine learning (ML) technologies on proprietary and sensitive datasets has led to increased privacy breaches in many sectors, including healthcare and personalized medicine. Although federated learning (FL) systems allow multiple parties to train ML models collaboratively without sharing their raw data with third-party entities, security concerns arise from the involvement of potentially malicious FL clients aiming to disrupt the learning process. In this talk, I will present how my research addresses these challenges by developing frameworks to analyze and improve the privacy and security aspects of ML. First, I will talk about model inversion attacks that allow an adversary to infer part of the sensitive training data with only black-box access to a vulnerable classification model. I will then present FLShield, a novel FL framework that utilizes benign data from FL participants to validate the local models before taking them into account for generating the global model. I will conclude with a discussion of challenges in building practical data-driven systems that take into account data privacy and security while keeping the intended functionality of the system unimpaired. (Visit: www.cerias.purdue.edu)