EVENT

Event News

Talk on "Privacy-Preserving Machine Learning Systems" by Prof. Cristian Borcea from New Jersey Institute of Technology, USA

We are pleased to inform you about the upcoming seminar by Prof. Cristian Borcea from New Jersey Institute of Technology, USA titled : "Privacy-Preserving Machine Learning Systems" Everyone interested is cordially invited to attend!

Title:

Privacy-Preserving Machine Learning Systems

Abstract:

Machine Learning (ML) privacy is crucial for safeguarding individuals'data, securing intellectual property, complying with legal regulations, minimizing the effect of data breaches, and maintaining trust. This talk presents two recent privacy-preserving ML systems, based on secure multi-party computation (SMPC), that target federated learning (FL) and graph neural networks (GNN).
The first part of the talk we present FedMTL, a privacy-preserving system for federated multi-task learning (MTL). MTL enables simultaneous learning of related tasks, enhancing the generalization performance of each task and facilitating faster training and inference on resource-constrained devices. FL can further enhance performance by enabling collaboration among devices, effectively leveraging distributed data to improve model performance, while ensuring that the raw data remains on the respective devices. However, conventional FL is inadequate for handling MTL models trained on different sets of tasks. FedMTL solves this challenge through a layer-wise aggregation technique that handles task heterogeneity across clients. FedMTL generates personalized MTL models based on task similarities, which are determined by analyzing the parameters for the task-specific layers of the trained models. FedMTL preserves the privacy of the parameters of the client's models, the types and numbers of the tasks executed by each client, and the size of the training datasets. To achieve this objective, it employs SMPC protocols that ensures data privacy even when P-1 out of P servers collude with each other. Extensive experiments on three datasets demonstrate that FedMTL performs better than state-of-the-art approaches. Additionally, it can achieve the same accuracy with its plaintext version while preserving privacy.
The second part of the talk presents CryptGNN, a privacy-preserving inference system for GNN models in the cloud, which protects the privacy of the model parameters and the client data using novel SMPC protocols. The SMPC parties in the cloud compute the forward pass of the model, as the model architecture is known, while CryptGNN protects the model parameters in additive secret-shared format. To protect the client input graph, CryptGNN encrypts the node features and the graph structure in an additive secret-shared format before uploading the data to the SMPC parties. CryptGNN uses two novel protocols to enable privacy-preserving inference of encrypted GNN models on encrypted input graph data in the cloud. CryptMPL executes the message-passing layers, while preserving the privacy of input data. CryptMUL executes the secure multiplication operations required for evaluating the linear and nonlinear feature transformation layers in GNN models. Both protocols can work with any number of SMPC parties, even when P-1 out of P parties collude with each other. Our theoretical analysis proves that CryptGNN is correct and secure, as models using CryptGNN achieve the same accuracy as plain-text models while protecting privacy. Our experiments demonstrate that CryptGNN achieves lower latency and overhead than state-of-the-art solutions.
The talk concludes with ongoing work on federated unlearning to recover attacked models and private code generation using LLMs, as well as lessons learned from building privacy-preserving ML systems.

Speaker Bio:

Cristian Borcea is a Professor in the Department of Computer Science at New Jersey Institute of Technology (NJIT). He also holds a Visiting Professor appointment at the National Institute of Informatics, Tokyo, Japan. His research interests include mobile computing & sensing; vehicular computing & networks; cloud & distributed systems; and computational advertising & online privacy. His current projects focus on federated learning and privacy. His recent research has been funded by NSF, AT&T, and Qualcomm.
More information:https://cs.njit.edu/~borcea/

Time/Date:

14:00 September 20 (Friday), 2024

Place:

Room 1509 NII and Online

Online:

zoom

Contact:

If you would like to join, please contact by email.
Email :kei[at]nii.ac.jp

entry6520

SPECIAL