Privacy in Image Classification Models: Informed Attacks and Practical Defences
Time: August 24, 2023, 2:00pm (1:00pm CEST)
Venue: E207, Physicum building, Kumpula campus of University of Helsinki (Gustaf Hällströmin katu 2, Helsinki) / Zoom
Abstract:
In this talk Borja will discuss two recent works on privacy attacks and differentially private training for image classification models. On the attacks front he will describe a learning-based method capable of extracting complete training images from standard image classification models. Then he will present some recent advances in private training for large image classification models that achieved state-of-the-art results on challenging benchmarks like CIFAR-10 and ImageNet.