Program Highlights »
Sat Dec 8th 08:00 AM -- 06:30 PM @ Room 512 CDGH
Privacy Preserving Machine Learning
Aurélien Bellet · Adria Gascon · Niki Kilbertus · Olga Ohrimenko · Mariana Raykova · Adrian Weller

Workshop Home Page



This one day workshop focuses on privacy preserving techniques for training, inference, and disclosure in large scale data analysis, both in the distributed and centralized settings. We have observed increasing interest of the ML community in leveraging cryptographic techniques such as Multi-Party Computation (MPC) and Homomorphic Encryption (HE) for privacy preserving training and inference, as well as Differential Privacy (DP) for disclosure. Simultaneously, the systems security and cryptography community has proposed various secure frameworks for ML. We encourage both theory and application-oriented submissions exploring a range of approaches, including:

- secure multi-party computation techniques for ML
- homomorphic encryption techniques for ML
- hardware-based approaches to privacy preserving ML
- centralized and decentralized protocols for learning on encrypted data
- differential privacy: theory, applications, and implementations
- statistical notions of privacy including relaxations of differential privacy
- empirical and theoretical comparisons between different notions of privacy
- trade-offs between privacy and utility

We think it will be very valuable to have a forum to unify different perspectives and start a discussion about the relative merits of each approach. The workshop will also serve as a venue for networking people from different communities interested in this problem, and hopefully foster fruitful long-term collaboration.

08:30 AM Welcom and introduction (Introduction)
08:50 AM Invited talk 1: Scalable PATE and the Secret Sharer (Talk)
Ian Goodfellow
09:40 AM Invited talk 2: Machine Learning and Cryptography: Challenges and Opportunities (Talk)
Shafi Goldwasser
10:30 AM Coffee Break 1 (Break)
11:00 AM Contributed talk 1: Privacy Amplification by Iteration (Talk)
Vitaly Feldman
11:15 AM Contributed talk 2: Subsampled Renyi Differential Privacy and Analytical Moments Accountant (Talk)
Yu-Xiang Wang
11:30 AM Contributed talk 3: The Power of The Hybrid Model for Mean Estimation (Talk)
Yatharth A Dubey
11:45 AM Contributed talk 4: Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity (Talk)
Úlfar Erlingsson
12:00 PM Lunch Break (Break)
01:30 PM Invited talk 3: Challenges in the Privacy-Preserving Analysis of Structured Data (Talk)
Kamalika Chaudhuri
02:20 PM Invited talk 4: Models for private data analysis of distributed data (Talk)
Adam Smith
03:10 PM Coffee Break 2 (Break)
03:30 PM Contributed talk 5: DP-MAC: The Differentially Private Method of Auxiliary Coordinates for Deep Learning (Talk)
Frederik Harder
03:45 PM Contributed talk 6: Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware (Talk)
Florian Tramer
04:00 PM Contributed talk 7: Secure Two Party Distribution Testing (Talk)
Negev Shekel Nosatzki
04:15 PM Contributed talk 8: Private Machine Learning in TensorFlow using Secure Computation (Talk)
Morten Dahl
04:30 PM Spotlight talks (Spotlights)
05:15 PM Poster Session
Phillipp Schoppmann, Patrick Yu, Valerie Chen, Travis Dick, Marc Joye, Ningshan Zhang, Frederik Harder, Olli Saarikivi, Théo Ryffel, Yunhui Long, Théo JOURDAN, Di Wang, Antonio Marcedone, Negev Shekel Nosatzki, Yatharth A Dubey, Antti Koskela, Peter Bloem, Aleksandra Korolova, Martin Bertran, Hao Chen, Galen Andrew, Natalia Martinez, Jana Kulkarni, Jonathan Passerat-Palmbach, Guillermo Sapiro, Amrita Roy Chowdhury
06:15 PM Wrap up