Robust Privacy: Inference-Stage Privacy through Certified Robustness
Two new research papers explore advanced privacy techniques for machine learning models. The first paper introduces "Robust Privacy" (RP), a method that leverages certified robustness to protect sensitive attributes during inference, significantly reducing attribute-inference precision and model inversion attack success rates. The second paper presents the "balloon mean," a computationally tractable and robust differentially private mean estimator that performs well in contaminated data settings and outperforms existing methods in simulations. AI
IMPACT These papers introduce new theoretical frameworks and practical estimators for enhancing privacy in machine learning models, potentially leading to more secure AI applications.