Abstract Machine Learning (ML) models are ubiquitous in real-world applications and are a
constant focus of research. Modern ML models have become more complex, deeper, and …

We propose a scheme for auditing differentially private machine learning systems with a
single training run. This exploits the parallelism of being able to add or remove multiple …

The use of synthetic data is a promising solution to facilitate the sharing and reuse of health-
related data beyond its initial collection while addressing privacy concerns. However, there …

Although large language models (LLMs) are widely deployed, the data used to train them is
rarely disclosed. Given the incredible scale of this data, up to trillions of tokens, it is all but …

In a backdoor attack, an adversary injects corrupted data into a model's training dataset in
order to gain control over its predictions on images with a specific attacker-defined trigger. A …

Empirical defenses for machine learning privacy forgo the provable guarantees of
differential privacy in the hope of achieving higher utility while resisting realistic adversaries …

Most current approaches for protecting privacy in machine learning (ML) assume that
models exist in a vacuum. Yet, in reality, these models are part of larger systems that include …

We present a rigorous methodology for auditing differentially private machine learning by
adding multiple carefully designed examples called canaries. We take a first principles …

Privacy estimation techniques for differentially private (DP) algorithms are useful for
comparing against analytical bounds, or to empirically measure privacy loss in settings …

Background Artificial intelligence (AI) models are increasingly used in the medical domain.
However, as medical data is highly sensitive, special precautions to ensure its protection are …