Section: Partnerships and Cooperations

Regional Initiatives

LOST2DNN

• Program: DATAIA Call for Research Projects

• Project title: Leakage of Sensitive Training Data from Deep Neural Networks

• Duration: October 2019 - September 2022

• Coordinators: Catuscia Palamidessi, Inria Saclay, EPI Comète and Pablo Piantanida, Centrale Supèlec

• Other PI's and partner institutions: Georg Pichler, TU Wien, Austria

• Abstract: The overall project goal is to develop a fundamental understanding with experimental validation of the information-leakage of training data from deep learning systems. More specifically, we aim at:

  • Developing a compelling case study based on state-of-the-art algorithms to perform model inversion attacks, showcasing the feasibility of uncovering specified sensitive information from a trained software (model) on real data.

  • Quantifying information leakage. Based on the uncovered attacks, the amount of sensitive information present in trained software will be measured or quantified. The resulting measure of leakage will serve as a basis for the analysis of attacks and for the development of robust mitigation techniques.

  • Mitigating information leakage. Strategies will be explored to avoid the uncovered attacks and minimize the potential information leakage of a trained model.