Umeå universitets logga

umu.sePublikationer
Ändra sökning
Avgränsa sökresultatet
1 - 5 av 5
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1.
    Kwatra, Saloni
    et al.
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Torra, Vicenç
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    A k-Anonymised Federated Learning Framework with Decision Trees2022Ingår i: Data Privacy Management, Cryptocurrencies and Blockchain Technology / [ed] Garcia-Alfaro J.; Muñoz-Tapia J.L.; Navarro-Arribas G.; Soriano M., Springer Science+Business Media B.V., 2022, Vol. 13140, s. 106-120Konferensbidrag (Refereegranskat)
    Abstract [en]

    We propose a privacy-preserving framework using Mondrian k-anonymity with decision trees in a Federated Learning (FL) setting for the horizontally partitioned data. Data heterogeneity in FL makes the data non-IID (Non-Independent and Identically Distributed). We use a novel approach to create non-IID partitions of data by solving an optimization problem. In this work, each device trains a decision tree classifier. Devices share the root node of their trees with the aggregator. The aggregator merges the trees by choosing the most common split attribute and grows the branches based on the split values of the chosen split attribute. This recursive process stops when all the nodes to be merged are leaf nodes. After the merging operation, the aggregator sends the merged decision tree to the distributed devices. Therefore, we aim to build a joint machine learning model based on the data from multiple devices while offering k-anonymity to the participants.

  • 2.
    Kwatra, Saloni
    et al.
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Torra, Vicenç
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    A Survey on Tree Aggregation2021Ingår i: 2021 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE), IEEE, 2021, Vol. 2021-JulyKonferensbidrag (Refereegranskat)
    Abstract [en]

    The research dedicated to the aggregation of classification trees and general trees (hierarchical structure of objects) has made enormous progress in the past decade. The problem statement for aggregation of classification trees or general trees is as follows: Given k classification or general trees for a set of objects, we aim to build a consensus tree (classification or general). That is, a representative tree for the given trees. In this paper, we explore different perspectives for the motivation to construct a single tree from multiple trees given by researchers. The survey presents the approaches for the aggregation of both the classification trees as well as general trees. We bifurcate our study of the aggregation approaches into two categories: Selecting a single tree from multiple trees and merging trees. We will discuss these categories and the aggregation approaches under these categories in the paper comprehensively. We also discuss the privacy aspects of tree aggregation approaches and the possible directions for new research like using the technique of aggregating decision trees in the field of Federated Learning, which is a booming topic.

  • 3.
    Kwatra, Saloni
    et al.
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Torra, Vicenç
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Data reconstruction attack against principal component analysis2023Ingår i: Security and Privacy in Social Networks and Big Data: 9th International Symposium, SocialSec 2023, Canterbury, UK, August 14–16, 2023 / [ed] Budi Arief; Anna Monreale; Michael Sirivianos; Shujun Li, Springer Science+Business Media B.V., 2023, s. 79-92Konferensbidrag (Refereegranskat)
    Abstract [en]

    Attacking machine learning models is one of the many ways to measure the privacy of machine learning models. Therefore, studying the performance of attacks against machine learning techniques is essential to know whether somebody can share information about machine learning models, and if shared, how much can be shared? In this work, we investigate one of the widely used dimensionality reduction techniques Principal Component Analysis (PCA). We refer to a recent paper that shows how to attack PCA using a Membership Inference Attack (MIA). When using membership inference attacks against PCA, the adversary gets access to some of the principal components and wants to determine if a particular record was used to compute those principal components. We assume that the adversary knows the distribution of training data, which is a reasonable and useful assumption for a membership inference attack. With this assumption, we show that the adversary can make a data reconstruction attack, which is a more severe attack than the membership attack. For a protection mechanism, we propose that the data guardian first generate synthetic data and then compute the principal components. We also compare our proposed approach with Differentially Private Principal Component Analysis (DPPCA). The experimental findings show the degree to which the adversary successfully attempted to recover the users’ original data. We obtained comparable results with DPPCA. The number of principal components the attacker intercepted affects the attack’s outcome. Therefore, our work aims to answer how much information about machine learning models is safe to disclose while protecting users’ privacy.

  • 4.
    Kwatra, Saloni
    et al.
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Torra, Vicenç
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Empirical evaluation of synthetic data created by generative models via attribute inference attack2024Ingår i: Privacy and identity management: sharing in a digital world / [ed] Felix Bieker; Silvia de Conca; Nils Gruschka; Meiko Jensen; Ina Schiering, Springer, 2024, s. 282-291Konferensbidrag (Refereegranskat)
    Abstract [en]

    The disclosure risk of synthetic/artificial data is still being determined. Studies show that synthetic data generation techniques generate similar data to the original data and sometimes even the exact original data. Therefore, publishing synthetic datasets can endanger the privacy of users. In our work, we study the synthetic data generated from different synthetic data generation techniques, including the most recent diffusion models. We perform a disclosure risk assessment of synthetic datasets via an attribute inference attack, in which an attacker has access to a subset of publicly available features and at least one synthesized dataset, and the aim is to infer the sensitive features unknown to the attacker. We also compute the predictive accuracy and F1 score of the random forest classifier trained on several synthetic datasets. For sensitive categorical features, we show that Attribute Inference Attack is not highly feasible or successful. In contrast, for continuous attributes, we can have an approximate inference. This holds true for the synthetic datasets derived from Diffusion models, GANs, and DPGANs, which shows that we can only have approximated Attribute Inference, not the exact Attribute Inference.

    Ladda ner fulltext (pdf)
    fulltext
  • 5.
    Kwatra, Saloni
    et al.
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Varshney, Ayush K.
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Torra, Vicenç
    Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
    Integrally private model selection for support vector machine2024Ingår i: Computer Security. ESORICS 2023 International Workshops: CyberICS, DPM, CBT, and SECPRE, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part I / [ed] Sokratis Katsikas; Frédéric Cuppens; Nora Cuppens-Boulahia; Costas Lambrinoudakis; Joaquin Garcia-Alfaro; Guillermo Navarro-Arribas; Pantaleone Nespoli; Christos Kalloniatis; John Mylopoulos; Annie Antón; Stefanos Gritzalis, Springer Nature, 2024, s. 249-259Konferensbidrag (Refereegranskat)
    Abstract [en]

    Today, there are unlimited applications of data mining techniques. According to ongoing privacy regulations, data mining techniques that preserve users’ privacy are a primary requirement. Our work contributes to the Privacy-Preserving Data Mining (PPDM) domain. We work with Integral Privacy, which provides users with private machine learning model recommendations and privacy against model comparison attacks. For machine learning, we work with Support Vector Machine (SVM), which is based on the structural risk minimization principle. Our experiments show that we obtain highly recurrent SVM models due to their peculiar properties, requiring only a subset of the training data to learn well. Not only high recurrence, but from our empirical results, we show that integrally private SVM models obtain good results in accuracy, recall, precision, and F1-score compared with the baseline SVM model and the ϵ Differentially Private SVM (DPSVM) model.

1 - 5 av 5
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf