Nahid Farhady Ghalaty and Vincent Pham, Capital One
Machine Learning coupled with the new cloud and serverless technologies has enabled organizations to leverage big data analytics to create predictive and recommendation platforms at a larger scale for different applications. However, an often overlooked danger with all this exciting technology is the privacy of the data and privacy attacks on machine learning models.
In this talk, we identify and explore different points of leakage in machine learning models that can be exploited for privacy attacks such as attacks on training data, or model inversion attacks. Using the information on the attacks, we also propose the methods for model developers to protect their data and models. These methods are able to camouflage the main operations and computations of machine algorithms by injecting noise and dummy instructions in between. The key takeaway for the audience of this talk is to be able to learn and identify threats to the models they develop along with a demo of an attack and defense on a financial application.
Nahid Farhady Ghalaty, Capital One
Nahid Farhady is Machine Learning Engineer at the CyberML team within Capital One. She has obtained her PhD in Electrical and Computer Engineering from Virginia Tech in 2016. Her research interest is on embedded systems security, Fault Attacks and Side Channel Attacks, and Cryptography. Her research has been published in several peer reviewed conferences and journals such as DATE, FDTC, and IEEE ESL.
Vincent Pham, Capital One
Vincent Pham is also a Machine Learning Engineer at the CyberML team. He obtained his Masters in Analytics at The University of San Francisco. Over the past four years at Capital One, he has also worked on other machine learning domains such as generative adversarial networks, fraudulent merchant detector via label propagation, and reinforcement learning with AWS deep racer.
OpML '20 Open Access Sponsored by NetApp
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Nahid Farhady Ghalaty and Vincent Pham},
title = {"{SECRETS} {ARE} {LIES}, {SHARING} {IS} {CARING}, {PRIVACY} {IS} {THEFT.}" - A Dive into Privacy Preserving Machine Learning},
year = {2020},
publisher = {USENIX Association},
month = jul
}