Abstract

While deep learning models have achieved great success, they are also vulnerable to potential manipulations, ranging from model inversion attacks that attempt to infer sensitive training data from a model, to adversarial example attacks that create manipulated data instances to deceive a model. In this talk, I will present our recent work on achieving differential privacy (DP) to ensure privacy of the training data and certified robustness against adversarial examples for deep learning models. While DP has become a standard technique for privacy-preserving machine learning, the understanding of the utility of DP deep learning models is very limited due to their nonconvex loss functions. We theoretically show for the first time that DP nonconvex optimization can achieve the same utility rate as the nonprivate counterpart under certain conditions. Certified robustness is a principled approach developed in the image domain that can theoretically certify a model is robust against adversarial examples. We establish the connection between DP and certified robustness in the discrete text domain and develop the first certified robustness approach for text classification models. We also develop an integer-arithmetic-only algorithm to achieve certified robustness for quantized neural networks for the first time. Finally, while most existing work achieve DP and certified robustness independently, we propose a novel framework that kill two birds with one stone and achieve them simultaneously. I will conclude with open research questions towards privacy-preserving and robust machine learning.

Short Bio:

Li Xiong is a Professor of Computer Science and Biomedical Informatics at Emory University. She held a Winship Distinguished Research Professorship from 2015-2018. She has a Ph.D. from Georgia Institute of Technology, an MS from Johns Hopkins University, and a BS from the University of Science and Technology of China. She and her research lab, Assured Information Management and Sharing (AIMS), conduct research on the intersection of data management, machine learning, and data privacy and security. She has published over 130 papers and received six best paper (runner up) awards. She has served and serves as associate editor for IEEE TKDE, VLDBJ, IEEE TDSC, general or program co-chairs for ACM CIKM 2022, IEEE BigData 2020, and ACM SIGSPATIAL 2018, 2020. Her research is supported by National Science Foundation (NSF), AFOSR (Air Force Office of Scientific Research), National Institute of Health (NIH), and Patient-Centered Outcomes Research Institute (PCORI). She is also a recipient of Google Research Award, IBM Smarter Healthcare Faculty Innovation Award, Cisco Research Awards, AT&T Research Gift, and Woodrow Wilson Career Enhancement Fellowship. She is an ACM distinguished member. More details at http://www. cs.emory.edu/~lxiong.

Abstract

Recent cyberattacks have shown that the leakage/stealing of big data may result in enormous monetary loss and damage to organizational reputation, and increased identity theft risks for individuals. Furthermore, in the age of big data and Artificial Intelligence (AI), protecting the security and privacy of stored data is paramount for maintaining public trust, accountability and getting the full value from the collected data. Therefore, we need to address security and privacy challenges ranging from allowing access to big data to building novel AI models using the privacy sensitive data. In this talk, I provide an overview of our end-to-end solution framework that addresses these security and privacy challenges arise in the age of AI. In addition, we will discuss our federated learning framework that is designed to be robust against poisoning attacks

Short Bio:

Dr. Murat Kantarcioglu is a Professor in the Computer Science Department and Director of the Data Security and Privacy Lab at The University of Texas at Dallas (UTD). He received a PhD in Computer Science from Purdue University in 2005 where he received the Purdue CERIAS Diamond Award for Academic excellence. He is also a faculty associate at Harvard Data Privacy Lab and a visiting scholar at UC Berkeley RISE Labs. Dr. Kantarcioglu's research focuses on the integration of cyber security, data science and blockchains for creating technologies that can efficiently and securely process and share data.

His research has been supported by grants including from NSF, AFOSR, ARO, ONR, NSA, and NIH. He has published over 170 peer reviewed papers in top tier venues such as ACM KDD, SIGMOD, ICDM, ICDE, PVLDB, NDSS, USENIX Security and several IEEE/ACM Transactions as well as served as program co-chair for conferences such as IEEE ICDE, ACM SACMAT, IEEE Cloud, ACM CODASPY. Some of his research work has been covered by the media outlets such as the Boston Globe, ABC News, PBS/KERA, DFW Television, and has received multiple best paper awards. He is the recipient of various awards including NSF CAREER award, the AMIA (American Medical Informatics Association) 2014 Homer R Warner Award and the IEEE ISI (Intelligence and Security Informatics) 2017 Technical Achievement Award presented jointly by IEEE SMC and IEEE ITS societies for his research in data security and privacy. He is also a fellow of AAAS and distinguished member of ACM.

Abstract

Mobile Crowd Sensing (MCS), as a new sensing paradigm that harnesses the power of the crowd, has become a promising research field in recent years. Numerous studies have been done on the research challenges such as optimized worker selection, incentive mechanisms, efficient data transmission, crowd data quality/trust, novel MCS applications, and so on. In this talk, we will discuss about the recent development and future directions of MCS. In particular, we will talk about Crowd Computing, the aggregation and fusion of heterogeneous crowd-contributed data for comprehensive urban sensing. We will report the recent progress of our group towards this promising research area.

Short Bio:

Dr. Bin Guo is a professor with Northwestern Polytechnical University, China. He received his Ph.D. degree in computer science from Keio University, Tokyo, Japan, in 2009. His current research interests include Ubiquitous Computing, Mobile Crowd Sensing, and Urban Computing. He has published over 100 papers in refereed journals and conference proceedings such as IEEE Comm. Surveys and Tutorials, ACM Computing Surveys, IEEE TMC, IEEE THMS, UbiComp, PerCom, etc. He has served as an associate editor of IEEE Communications Magazine, IEEE Trans. on Human-Machine-Systems, ACM IMWUT, and so on. He is the program chair of IEEE CPSCom’16 and UIC’13, the general co-chair of UIC’15 (CCF-ranked conference) and IEEE IoP’17. He is a senior member of IEEE and CCF. He received the support of the National Science Fund for Distinguished Young Scholars in 2020, and the support from the National Youth Talent Support Program (Ten Thousand People Plan) in 2016.

Abstract

Conventional sketching methods on counting stream item frequencies use hash functions for mapping data items to a concise structure, e.g., a two-dimensional array, at the expense of overcounting due to hashing collisions. Despite the popularity, however, the accumulated errors originated in hashing collisions deteriorate the sketching accuracies at the rapid pace of data increasing, which poses a great challenge to sketch big data streams at web scale. In this paper, we propose a novel structure, called XY-sketch, which estimates the frequency of a data item by estimating the probability of this item appearing in the data stream. The framework associated with XY-sketch consists of two phases, namely decomposition and recomposition phases. A data item is split into a set of compactly stored basic elements, which can be stringed up in a probabilistic manner for query evaluation during the recomposition phase. Throughout, we conduct optimization under space constraints and detailed theoretical analysis. Experiments on both real and synthetic datasets are done to show the superior scalability on sketching large-scale streams. Remarkably, XY-sketch is orders of magnitudes more accurate than existing solutions, when the space budget is small.

Short Bio:

Xike Xie is currently a research professor in the School of Computer Science and Technology, University of Science and Technology of China. Prior to that, he was an assistant professor in Aalborg University, Denmark. His research interests include big data management, graph computing, mobile computing, and spatiotemporal databases.