2,702 research outputs found
Hacking Smart Machines with Smarter Ones: How to Extract Meaningful Data from Machine Learning Classifiers
Machine Learning (ML) algorithms are used to train computers to perform a
variety of complex tasks and improve with experience. Computers learn how to
recognize patterns, make unintended decisions, or react to a dynamic
environment. Certain trained machines may be more effective than others because
they are based on more suitable ML algorithms or because they were trained
through superior training sets. Although ML algorithms are known and publicly
released, training sets may not be reasonably ascertainable and, indeed, may be
guarded as trade secrets. While much research has been performed about the
privacy of the elements of training sets, in this paper we focus our attention
on ML classifiers and on the statistical information that can be unconsciously
or maliciously revealed from them. We show that it is possible to infer
unexpected but useful information from ML classifiers. In particular, we build
a novel meta-classifier and train it to hack other classifiers, obtaining
meaningful information about their training sets. This kind of information
leakage can be exploited, for example, by a vendor to build more effective
classifiers or to simply acquire trade secrets from a competitor's apparatus,
potentially violating its intellectual property rights
Federated and Transfer Learning: A Survey on Adversaries and Defense Mechanisms
The advent of federated learning has facilitated large-scale data exchange
amongst machine learning models while maintaining privacy. Despite its brief
history, federated learning is rapidly evolving to make wider use more
practical. One of the most significant advancements in this domain is the
incorporation of transfer learning into federated learning, which overcomes
fundamental constraints of primary federated learning, particularly in terms of
security. This chapter performs a comprehensive survey on the intersection of
federated and transfer learning from a security point of view. The main goal of
this study is to uncover potential vulnerabilities and defense mechanisms that
might compromise the privacy and performance of systems that use federated and
transfer learning.Comment: Accepted for publication in edited book titled "Federated and
Transfer Learning", Springer, Cha
- …