Contact person
Olof Mogren
Senior Researcher
Contact Olof
Privacy preserving machine learning
Today, large amounts of data are used to train AI systems that can be of great benefit to humanity. But what the trained systems remember from the training data is not always clear. We work to make it clear what a system remembers, and to create methods that can guarantee that the system remembers what we want.
Privacy preserving machine learning is techniques that can provide some privacy for users. For example, some users may agree to share personal data for a study, but require that certain attributes may not be included in the data. Examples of such sensitive attributes can be addresses, social security numbers, telephone numbers and names. Mechanisms that privatize the data more or less automatically may be possible strategies for such settings.
RISE is engaged in the development of machine learning for sensitive data, which can be medical texts or images, or personal data such as photographs on social media. In the paper below, we present an approach for images, based on adversarial learning (with convolutional neural networks); a strategy where the model is pitted against an a learned adversary module. This is an area that we pursue actively both in image analysis and natural language processing.
Relevant publications:
John Martinsson, Edvin Listo Zec, Daniel Gillblad, Olof Mogren, Adversarial representation learning for synthetic replacement of private attributes, arxiv preprint, 2020, https://arxiv.org/abs/2006.08039
David Ericsson, Adam Östberg, Edvin Listo Zec, John Martinsson, Olof Mogren, Adversarial representation learning for private speech generation, arxiv preprint, 2020, https://arxiv.org/abs/2006.09114
