brokered agreements in multi party machine learning
play

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS - PowerPoint PPT Presentation

Feb 08, 2024 •162 likes •596 views

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1 The emerging ML economy With the explosion of machine

  1. Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1

  2. The emerging ML economy ● With the explosion of machine learning (ML), data is the new currency! Good quality data is vital to the health of ML ecosystems ○ ● Improve models with more data from more sources! 2

  3. Actors in the ML economy ● Data providers: Owners of potentially private datasets ○ Contribute data to the ML process ○ ● Model owners: Define model task and goals ○ Deploy and profit from trained model ○ ● Infrastructure providers: Host training process and model ○ Expose APIs for training and prediction ○ 3

  4. Actors in today’s ML economy ● Data providers supply data for model owners ● Model owners: Manage infrastructure to host computation ○ Provide privacy and security for data providers ○ Use the model for profit once training is complete ○ Information Transfer 4

  5. In-House privacy solutions [1] Wired 2016. [2] Apple. “ Learning with Privacy at Scale” Apple Machine Learning Journal V1.8 2017. 5 [3] Wired 2017.

  6. In-House privacy solutions [1] Wired 2016. [2] Apple. “ Learning with Privacy at Scale” Apple Machine Learning Journal V1.8 2017. 6 [3] Wired 2017.

  7. Incentive trade-off in the ML economy ● Not only correctness, but there is an issue with incentives: Data providers want to keep their data as private as possible ○ Model owners want to extract as much value from the data as possible ○ ● Service providers lack incentives to provide fairness [1] Need solutions that can work without cooperation from the system ○ provider and are deployed from outside the system itself [1] Overdorf et al. “ Questioning the assumptions behind fairness solutions. ” NeurIPS 2018. 7

  8. Incentive trade-off in the ML economy ● Not only correctness, but there is an issue with incentives: Data providers want to keep their data as private as possible ○ Model owners want to extract as much value from the data as possible ○ We cannot trust model owners to control the ML ● Service providers lack incentives to provide fairness [1] Need solutions that can work without cooperation from the system ○ incentive tradeoff! provider and are deployed from outside the system itself [1] Overdorf et al. “ Questioning the assumptions behind fairness solutions. ” NeurIPS 2018. 8

  9. Incentives in today’s ML economy ● Data providers supply data for model owners ● Model owners: Manage infrastructure to host computation ○ Provide privacy and security for data providers ○ Use the model for profit once training is complete ○ Information Transfer 9

  10. Incentives in today’s ML economy ● Data providers supply data for model owners ● Model owners have incentive to: Manage infrastructure to host computation ○ Provide privacy and security for data providers ○ Use the model for profit once training is complete ○ Information Transfer 10

  11. Our contribution: Brokered learning ● Introduce a broker as a neutral infrastructure provider: Manage infrastructure to host ML computation ○ Provide privacy and security for data providers and model owners ○ Information Transfer Brokered Information Transfer Agreement Broker 11

  12. Federated learning ● A recent push for privacy-preserving multi-party ML [1]: Send model updates over network ○ Aggregate updates across multiple clients ○ Client-side differential privacy [2] ○ Better speed, no data transfer ○ Model M State of the art in multi-party ML ○ Brokered learning builds on ○ ! M ! M ! M federated learning [1] McMahan et al. “ Communication-Efficient Learning of Deep Networks from Decentralized Data ” AISTATS 2017. 12 [2] Geyer et al. “ Differentially Private Federated Learning: A Client Level Perspective ” NIPS 2017.

  13. Data providers are not to be trusted ● Giving data providers unmonitored control over compute: Providers can maximize privacy, give zero utility or attack system ○ Providers can attack ML model, compromising integrity [1] ○ Providers can attack other providers, compromising privacy [2] ○ [1] Bagdasaryan et al. “ How To Backdoor Federated Learning ” arXiv 2018. 13 [2] Hitaj et al. “ Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning ” CCS 2017.

  14. Data providers are not to be trusted ● Giving data providers unmonitored control over compute: Providers can maximize privacy, give zero utility or attack system ○ Providers can attack ML model, compromising integrity [1] ○ We also cannot trust data providers to control the Providers can attack other providers, compromising privacy [2] ○ ML incentive tradeoff! [1] Bagdasaryan et al. “ How To Backdoor Federated Learning ” arXiv 2018. 14 [2] Hitaj et al. “ Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning ” CCS 2017.

  15. Putting it all together ● The state of the art in multi-party ML Gives too much control to model owners ○ Not privacy focused and vulnerable ○ ● State of the art in private multi-party ML (federated learning) Require trust in model owners or data providers ○ But there is no incentive for either to do so ○ ● Data marketplaces (blockchains) [1] Security and system overkill ○ Much too slow for modern use cases ○ [1] Hynes et al. “ A Demonstration of Sterling: A Privacy-Preserving Data Marketplace ” VLDB 2018. 15

  16. Putting it all together More Centralized Less Centralized Less Private/Secure More Private/Secure 16

  17. Putting it all together Centralized Parameter Server More Centralized Less Centralized Less Private/Secure More Private/Secure 17

  18. Putting it all together Centralized Federated Parameter Server Learning More Centralized Less Centralized Less Private/Secure More Private/Secure 18

  19. Putting it all together Centralized Federated Blockchain-based Parameter Server Learning Multi-party ML More Centralized Less Centralized Less Private/Secure More Private/Secure 19

  20. Putting it all together Centralized Federated Brokered Blockchain-based Parameter Server Learning Learning Multi-party ML More Centralized Less Centralized Less Private/Secure More Private/Secure 20

  21. Our contributions Current multi-party ML systems use unsophisticated threat/incentive model: ● Trust the model owner ○ New brokered learning setting for privacy-preserving ML ● New defences against known ML attacks for this setting ● ● TorMentor: A brokered learning example of an anonymous ML system Brokered Learning : A new standard for incentives in secure ML 21

  22. Brokered Learning 22

  23. Brokered agreements in the ML economy ● Federated learning: ● Brokered learning Communicate with model owner Communicate with neutral broker ○ ○ Trust that model owner is not malicious Broker executes model owner’s ○ ○ Model owners have full control over validation services ○ model and process Decouple model owners and ○ infrastructure 23

  24. Brokered learning components ● Deployment verifier Interface for model owners (“curators”) ○ ● Provider verifier Interface for data providers ○ ● Aggregator Host ML deployments ○ Collect and aggregate model updates ○ Same as federated learning ○ 24

  25. Deployment verifier API ● Serves as model owner interface curate() : Launch curator deployment ○ Set provider verifier parameters ■ fetch() : Access to model once trained ○ ● Protects the ML model from abuse from curator during training ● E.g. Blockchain smart contracts [1] [1] Szabo, Nick. “ Formalizing and Securing Relationships on Public Networks ” 1997. 25

  26. Provider verifier API ● Serves as data provider interface Defined by curator ○ join() : Verify identity and allow provider join ○ update() : Verify and allow model update ○ ● Protect model from malicious data providers ● E.g. Access tokens and statistical tests 26

  27. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ 27

  28. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ ● Data providers: Join model Define personal privacy preferences ( ε ) ○ Pass verification on join ○ Admission Parameters 28

  29. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ ● Data providers: Join model and train Define personal privacy preferences ( ε ) ○ Pass verification on join ○ Iterative model updates ○ Pass verification on model update ○ 29

  30. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ ● Data providers: Join model and train Define personal privacy preferences ( ε ) ○ Pass verification on join ○ Iterative model updates ○ Pass verification on model update ○ ● Complete training Return model to curator ○ 30

Recommend

Brokered Agreements in in Mult lti-Party Machine Learnin ing 10th ACM SIGOPS Asia-Pacific

Brokered Agreements in in Mult lti-Party Machine Learnin ing 10th ACM SIGOPS Asia-Pacific

Brokered Agreements in in Mult lti-Party Machine Learnin ing 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1 The emerging ML economy With the explosion of

663 views • 42 slides
Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed Multi-Party Learning Distributions Data Providers 1 1 Model Multi-Party Learning (Round j) Distributions

540 views • 20 slides
Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed, ICML 2019 Multi-party Learning Application: Federated Learning Federated Learning : Train a centralized

589 views • 34 slides
REINFORCEMENT LEARNING IN MULTI-AGENT SYSTEMS MACHINE LEARNING MEETUP DR. ANA PELETEIRO

REINFORCEMENT LEARNING IN MULTI-AGENT SYSTEMS MACHINE LEARNING MEETUP DR. ANA PELETEIRO

REINFORCEMENT LEARNING IN MULTI-AGENT SYSTEMS MACHINE LEARNING MEETUP DR. ANA PELETEIRO RAMALLO 29-08-2016 TABLE OF CONTENTS MULTI-AGENT SYSTEMS GAME THEORY REINFORCEMENT LEARNING MULTI-AGENT LEARNING 2 ZALANDO Our purpose: to Zalando

1.45k views • 20 slides
Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
Introduction to Multi-Armed Bandits and Reinforcement Learning Training School on Machine

Introduction to Multi-Armed Bandits and Reinforcement Learning Training School on Machine

Introduction to Multi-Armed Bandits and Reinforcement Learning Training School on Machine Learning for Communications Paris, 23-25 September 2019 Who am I ? . Hi, Im Lilian Besson finishing my PhD in telecommunication and machine

1.73k views • 127 slides
Multi-Building WiFi Fingerprinting using Bayesian and Hierarchical Supervised Machine Learning

Multi-Building WiFi Fingerprinting using Bayesian and Hierarchical Supervised Machine Learning

Multi-Building WiFi Fingerprinting using Bayesian and Hierarchical Supervised Machine Learning assisted by GPS IPIN 2016, Track 3 Author: Yair Beer, Blockdox Outline Overview Bayesian Mac Address Machine Learning Hierarchical

487 views • 13 slides
Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

German Research Center for Artificial Intelligence GmbH Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party www.amiproject.org Conversations Conversations Feast, 30th September 2009 , 30th September

322 views • 28 slides
Deep multi-task learning with evolving weights Machine learning - computer vision published in

Deep multi-task learning with evolving weights Machine learning - computer vision published in

Deep multi-task learning with evolving weights Machine learning - computer vision published in European Symposium on Artificial Neural Networks (ESANN 2016) Soufiane Belharbi Romain Hrault Clment Chatelain Sbastien Adam

631 views • 44 slides
Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of Theoretical Computer Science ETH Zrich on joint work with R. Knzler, J. Mller-Quade, C. Lucas, U. Maurer, M. Fitzi Metaguse, 2009/10/04 Multi-Party

1.04k views • 83 slides
An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning http://www.cs.iastate.edu/~cs573x/bbsilab.html Machine Learning Software Preparing Data Building Classifiers Interpreting Results Machine Learning Software

496 views • 26 slides
MOCHA: Federated Multi-Task Learning NIPS 17 Virginia Smith Stanford / CMU Chao-Kai

MOCHA: Federated Multi-Task Learning NIPS 17 Virginia Smith Stanford / CMU Chao-Kai

MOCHA: Federated Multi-Task Learning NIPS 17 Virginia Smith Stanford / CMU Chao-Kai Chiang USC Maziar Sanjabi USC Ameet Talwalkar CMU MACHINE LEARNING WORKFLOW data & problem machine learning model n optimization

1.71k views • 35 slides
resolution over SLA issues between these parties be identified as unresolvable by either party

resolution over SLA issues between these parties be identified as unresolvable by either party

4. Performance Specifications 4.1 Goals and intentions of Service Level Agreements and Public Service Monitoring Goals of Service Level Agreements: Service Level Agreements are set between ICANN and Registry Operators to ensure predictable

247 views • 12 slides
Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by which computers can be trained through observation, rather than being explicitly programmed. Basically, a program is given input and adjusts its

556 views • 17 slides
Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done Party!!!!!! Party!!!!!! Curling Orientation Party!!!!!! Party!!!!!! Party!!!!!! National day parade Airport picking-uping Party!!!!!!

1.18k views • 69 slides
Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University January 12, 2015 Today: Readings: What is machine learning? The Discipline of ML Decision tree learning Mitchell, Chapter 3

872 views • 29 slides
Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

GCT634/AI613: Musical Applications of Machine Learning (Fall 2020) Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning Pipeline in Classification Tasks A set of hand-designed audio features are selected

398 views • 26 slides
Multi-Party Computation Based on One-Way Functions Sandro Coretti (New York University) Juan

Multi-Party Computation Based on One-Way Functions Sandro Coretti (New York University) Juan

Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions Sandro Coretti (New York University) Juan Garay (Yahoo Research) Martin Hirt (ETH Zurich) Vassilis Zikas (RPI) Secure Multi-Party Computation (MPC) [Yao82, GMW87,

677 views • 47 slides
BLAZE: BLAZING FAST PRIVACY-PRESERVING MACHINE LEARNING ARPITA PATRA AND AJITH SURESH Ajith

BLAZE: BLAZING FAST PRIVACY-PRESERVING MACHINE LEARNING ARPITA PATRA AND AJITH SURESH Ajith

BLAZE: BLAZING FAST PRIVACY-PRESERVING MACHINE LEARNING ARPITA PATRA AND AJITH SURESH Ajith Suresh CrIS Lab, IISc https://www.csa.iisc.ac.in/~cris Outline q Secure Multi-party Computation (MPC) q MPC for small number of parties (3PC) q Our

2.46k views • 53 slides
a web platform for collaborative analysis of multi-gigapixel images with machine learning Rapha

a web platform for collaborative analysis of multi-gigapixel images with machine learning Rapha

a web platform for collaborative analysis of multi-gigapixel images with machine learning Rapha el MAREE Renaud HOYOUX Gr egoire VINCKE Biomedical research and routine pathology Heavily rely on semantic annotation &

586 views • 30 slides
Optimizing Asynchronous Multi-Level Checkpoint/Restart Configurations with Machine Learning Ton

Optimizing Asynchronous Multi-Level Checkpoint/Restart Configurations with Machine Learning Ton

Optimizing Asynchronous Multi-Level Checkpoint/Restart Configurations with Machine Learning Ton onmoy oy Dey ey, Ken ento Sato2, Sa Ji Jian an Gu Guo2, Bog ogdan Nicol olae3, Jen ens Dom omke2, Wei eikuan Yu

329 views • 10 slides
Easily programmable secure multi-party computation on integers, strings and floating point

Easily programmable secure multi-party computation on integers, strings and floating point

Easily programmable secure multi-party computation on integers, strings and floating point numbers Dan Bogdanov Sharemind project lead dan@cyber.ee https://sharemind.cyber.ee/ sharemind a machine for fast privacy-preserving computations

643 views • 42 slides
Multi-armed bandits S Bubeck, N Cesa-Bianchi Foundations and Trends in Machine Learning 2012 *

Multi-armed bandits S Bubeck, N Cesa-Bianchi Foundations and Trends in Machine Learning 2012 *

Multi-armed bandits S Bubeck, N Cesa-Bianchi Foundations and Trends in Machine Learning 2012 * Real title: regret analysis of stochastic and nonstochastic multi-armed bandit problems Overview Stochastic, adversarial, extensions &

281 views • 7 slides
Third-Party Violence at Work- a multi-sectoral approach by European social partners Presentation

Third-Party Violence at Work- a multi-sectoral approach by European social partners Presentation

11/24/2016 Third-Party Violence at Work- a multi-sectoral approach by European social partners Presentation by Nadja Salson, EPSU policy staff third-party violence in the workplace No recent data specifically on third party violence across

81 views • 7 slides

More recommend