ELLIS Distinguished Lecture
Borja Balle: Privacy in Image Classification Models: Informed Attacks and Practical Defenses
Time: August 24, 2023, 2:00pm (1:00pm CEST)
Venue: E207, Physicum building, Kumpula campus of University of Helsinki (Gustaf Hällströmin katu 2, Helsinki) / Zoom
Abstract:
In this talk I will discuss two recent works on privacy attacks and differentially private training for image classification models. On the attacks front I will describe a learning-based method capable of extracting complete training images from standard image classification models. Then I will present some recent advances in private training for large image classification models that achieved state-of-the-art results on challenging benchmarks like CIFAR-10 and ImageNet.
Bio:
Borja Balle is a Staff Research Scientist at DeepMind. His current research focuses on privacy-preserving training and privacy auditing for large-scale machine learning systems. He obtained his PhD from Universitat Politècnica de Catalunya in 2013, and then held positions as post-doctoral fellow at McGill University (2013-2015), lecturer at Lancaster University (2015-2017) and machine learning scientist at Amazon Research Cambridge (2017-2019).
