Section: Partnerships and Cooperations

Regional Initiatives


  • Program: DATAIA Call for Research Projects

  • Project title: Leakage of Sensitive Training Data from Deep Neural Networks

  • Duration: October 2019 - September 2022

  • Coordinators: Catuscia Palamidessi, Inria Saclay, EPI Comète and Pablo Piantanida, Centrale Supèlec

  • Other PI's and partner institutions: Georg Pichler, TU Wien, Austria

  • Abstract: The overall project goal is to develop a fundamental understanding with experimental validation of the information-leakage of training data from deep learning systems. More specifically, we aim at:

    • Developing a compelling case study based on state-of-the-art algorithms to perform model inversion attacks, showcasing the feasibility of uncovering specified sensitive information from a trained software (model) on real data.

    • Quantifying information leakage. Based on the uncovered attacks, the amount of sensitive information present in trained software will be measured or quantified. The resulting measure of leakage will serve as a basis for the analysis of attacks and for the development of robust mitigation techniques.

    • Mitigating information leakage. Strategies will be explored to avoid the uncovered attacks and minimize the potential information leakage of a trained model.