Who is behind these predictions Reconciling transparency and privacy in machine learning

Abstract

In this project we will analyse whether it is possible to capture the (near-)exact machine learning family used for training the model attacked (e.g., decision stumps, decision trees, set of rules or linear discriminants) as well as other intrinsic characteristics (feature space significance, transformations between features, context or behavioural changes, etc.) from a given relevant subset of queries. We will present appropriate query generation strategies that analyse both the relevance of the attributes with some levels of error and confidence, as well as the most valuable attributes according to the attacker’s value function. Finally, we will explore several countermeasures to reduce the effectiveness of the attacks, including attribute transformations (univariate and multivariate) or context or behavioural changes (such as cost matrices adjustments, threshold modifications, etc.) Furthermore, we will define metrics of internal interpretability and of external obfuscation (and the optimal trade-off between them).

Document Details

Document Type
DoD Grant Award
Publication Date
Jul 28, 2017
Source ID
FA95501710287

Entities

People

  • Maria Jose Ramirez Quintana

Organizations

  • Air Force Office of Scientific Research
  • Technical University of Valencia
  • United States Air Force

Tags

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Neural Network Machine Learning.
  • Regression Analysis.

Technology Areas

  • AI & ML
  • AI & ML - Neural Networks
  • Space