brokered agreements in multi party machine learning
play

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS - PowerPoint PPT Presentation

Feb 08, 2024 •162 likes •596 views

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1 The emerging ML economy With the explosion of machine

  1. Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1

  2. The emerging ML economy ● With the explosion of machine learning (ML), data is the new currency! Good quality data is vital to the health of ML ecosystems ○ ● Improve models with more data from more sources! 2

  3. Actors in the ML economy ● Data providers: Owners of potentially private datasets ○ Contribute data to the ML process ○ ● Model owners: Define model task and goals ○ Deploy and profit from trained model ○ ● Infrastructure providers: Host training process and model ○ Expose APIs for training and prediction ○ 3

  4. Actors in today’s ML economy ● Data providers supply data for model owners ● Model owners: Manage infrastructure to host computation ○ Provide privacy and security for data providers ○ Use the model for profit once training is complete ○ Information Transfer 4

  5. In-House privacy solutions [1] Wired 2016. [2] Apple. “ Learning with Privacy at Scale” Apple Machine Learning Journal V1.8 2017. 5 [3] Wired 2017.

  6. In-House privacy solutions [1] Wired 2016. [2] Apple. “ Learning with Privacy at Scale” Apple Machine Learning Journal V1.8 2017. 6 [3] Wired 2017.

  7. Incentive trade-off in the ML economy ● Not only correctness, but there is an issue with incentives: Data providers want to keep their data as private as possible ○ Model owners want to extract as much value from the data as possible ○ ● Service providers lack incentives to provide fairness [1] Need solutions that can work without cooperation from the system ○ provider and are deployed from outside the system itself [1] Overdorf et al. “ Questioning the assumptions behind fairness solutions. ” NeurIPS 2018. 7

  8. Incentive trade-off in the ML economy ● Not only correctness, but there is an issue with incentives: Data providers want to keep their data as private as possible ○ Model owners want to extract as much value from the data as possible ○ We cannot trust model owners to control the ML ● Service providers lack incentives to provide fairness [1] Need solutions that can work without cooperation from the system ○ incentive tradeoff! provider and are deployed from outside the system itself [1] Overdorf et al. “ Questioning the assumptions behind fairness solutions. ” NeurIPS 2018. 8

  9. Incentives in today’s ML economy ● Data providers supply data for model owners ● Model owners: Manage infrastructure to host computation ○ Provide privacy and security for data providers ○ Use the model for profit once training is complete ○ Information Transfer 9

  10. Incentives in today’s ML economy ● Data providers supply data for model owners ● Model owners have incentive to: Manage infrastructure to host computation ○ Provide privacy and security for data providers ○ Use the model for profit once training is complete ○ Information Transfer 10

  11. Our contribution: Brokered learning ● Introduce a broker as a neutral infrastructure provider: Manage infrastructure to host ML computation ○ Provide privacy and security for data providers and model owners ○ Information Transfer Brokered Information Transfer Agreement Broker 11

  12. Federated learning ● A recent push for privacy-preserving multi-party ML [1]: Send model updates over network ○ Aggregate updates across multiple clients ○ Client-side differential privacy [2] ○ Better speed, no data transfer ○ Model M State of the art in multi-party ML ○ Brokered learning builds on ○ ! M ! M ! M federated learning [1] McMahan et al. “ Communication-Efficient Learning of Deep Networks from Decentralized Data ” AISTATS 2017. 12 [2] Geyer et al. “ Differentially Private Federated Learning: A Client Level Perspective ” NIPS 2017.

  13. Data providers are not to be trusted ● Giving data providers unmonitored control over compute: Providers can maximize privacy, give zero utility or attack system ○ Providers can attack ML model, compromising integrity [1] ○ Providers can attack other providers, compromising privacy [2] ○ [1] Bagdasaryan et al. “ How To Backdoor Federated Learning ” arXiv 2018. 13 [2] Hitaj et al. “ Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning ” CCS 2017.

  14. Data providers are not to be trusted ● Giving data providers unmonitored control over compute: Providers can maximize privacy, give zero utility or attack system ○ Providers can attack ML model, compromising integrity [1] ○ We also cannot trust data providers to control the Providers can attack other providers, compromising privacy [2] ○ ML incentive tradeoff! [1] Bagdasaryan et al. “ How To Backdoor Federated Learning ” arXiv 2018. 14 [2] Hitaj et al. “ Deep Models Under the GAN: Information Leakage from Collaborative Deep Learning ” CCS 2017.

  15. Putting it all together ● The state of the art in multi-party ML Gives too much control to model owners ○ Not privacy focused and vulnerable ○ ● State of the art in private multi-party ML (federated learning) Require trust in model owners or data providers ○ But there is no incentive for either to do so ○ ● Data marketplaces (blockchains) [1] Security and system overkill ○ Much too slow for modern use cases ○ [1] Hynes et al. “ A Demonstration of Sterling: A Privacy-Preserving Data Marketplace ” VLDB 2018. 15

  16. Putting it all together More Centralized Less Centralized Less Private/Secure More Private/Secure 16

  17. Putting it all together Centralized Parameter Server More Centralized Less Centralized Less Private/Secure More Private/Secure 17

  18. Putting it all together Centralized Federated Parameter Server Learning More Centralized Less Centralized Less Private/Secure More Private/Secure 18

  19. Putting it all together Centralized Federated Blockchain-based Parameter Server Learning Multi-party ML More Centralized Less Centralized Less Private/Secure More Private/Secure 19

  20. Putting it all together Centralized Federated Brokered Blockchain-based Parameter Server Learning Learning Multi-party ML More Centralized Less Centralized Less Private/Secure More Private/Secure 20

  21. Our contributions Current multi-party ML systems use unsophisticated threat/incentive model: ● Trust the model owner ○ New brokered learning setting for privacy-preserving ML ● New defences against known ML attacks for this setting ● ● TorMentor: A brokered learning example of an anonymous ML system Brokered Learning : A new standard for incentives in secure ML 21

  22. Brokered Learning 22

  23. Brokered agreements in the ML economy ● Federated learning: ● Brokered learning Communicate with model owner Communicate with neutral broker ○ ○ Trust that model owner is not malicious Broker executes model owner’s ○ ○ Model owners have full control over validation services ○ model and process Decouple model owners and ○ infrastructure 23

  24. Brokered learning components ● Deployment verifier Interface for model owners (“curators”) ○ ● Provider verifier Interface for data providers ○ ● Aggregator Host ML deployments ○ Collect and aggregate model updates ○ Same as federated learning ○ 24

  25. Deployment verifier API ● Serves as model owner interface curate() : Launch curator deployment ○ Set provider verifier parameters ■ fetch() : Access to model once trained ○ ● Protects the ML model from abuse from curator during training ● E.g. Blockchain smart contracts [1] [1] Szabo, Nick. “ Formalizing and Securing Relationships on Public Networks ” 1997. 25

  26. Provider verifier API ● Serves as data provider interface Defined by curator ○ join() : Verify identity and allow provider join ○ update() : Verify and allow model update ○ ● Protect model from malicious data providers ● E.g. Access tokens and statistical tests 26

  27. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ 27

  28. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ ● Data providers: Join model Define personal privacy preferences ( ε ) ○ Pass verification on join ○ Admission Parameters 28

  29. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ ● Data providers: Join model and train Define personal privacy preferences ( ε ) ○ Pass verification on join ○ Iterative model updates ○ Pass verification on model update ○ 29

  30. Brokered learning workflow ● Curator: Create deployment Define model and provide deployment ○ parameters Define verification services ○ ● Data providers: Join model and train Define personal privacy preferences ( ε ) ○ Pass verification on join ○ Iterative model updates ○ Pass verification on model update ○ ● Complete training Return model to curator ○ 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Brokered Agreements in in Mult lti-Party Machine Learnin ing 10th ACM SIGOPS Asia-Pacific

Brokered Agreements in in Mult lti-Party Machine Learnin ing 10th ACM SIGOPS Asia-Pacific

Brokered Agreements in in Mult lti-Party Machine Learnin ing 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1 The emerging ML economy With the explosion of

663 views • 42 slides
Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed Multi-Party Learning Distributions Data Providers 1 1 Model Multi-Party Learning (Round j) Distributions

540 views • 20 slides
Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed

Poisoning Attack Analysis Jeffrey Zhang Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed, ICML 2019 Multi-party Learning Application: Federated Learning Federated Learning : Train a centralized

589 views • 34 slides
REINFORCEMENT LEARNING IN MULTI-AGENT SYSTEMS MACHINE LEARNING MEETUP DR. ANA PELETEIRO

REINFORCEMENT LEARNING IN MULTI-AGENT SYSTEMS MACHINE LEARNING MEETUP DR. ANA PELETEIRO

REINFORCEMENT LEARNING IN MULTI-AGENT SYSTEMS MACHINE LEARNING MEETUP DR. ANA PELETEIRO RAMALLO 29-08-2016 TABLE OF CONTENTS MULTI-AGENT SYSTEMS GAME THEORY REINFORCEMENT LEARNING MULTI-AGENT LEARNING 2 ZALANDO Our purpose: to Zalando

1.45k views • 20 slides
Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
Introduction to Multi-Armed Bandits and Reinforcement Learning Training School on Machine

Introduction to Multi-Armed Bandits and Reinforcement Learning Training School on Machine

Introduction to Multi-Armed Bandits and Reinforcement Learning Training School on Machine Learning for Communications Paris, 23-25 September 2019 Who am I ? . Hi, Im Lilian Besson finishing my PhD in telecommunication and machine

1.73k views • 127 slides
Multi-Building WiFi Fingerprinting using Bayesian and Hierarchical Supervised Machine Learning

Multi-Building WiFi Fingerprinting using Bayesian and Hierarchical Supervised Machine Learning

Multi-Building WiFi Fingerprinting using Bayesian and Hierarchical Supervised Machine Learning assisted by GPS IPIN 2016, Track 3 Author: Yair Beer, Blockdox Outline Overview Bayesian Mac Address Machine Learning Hierarchical

487 views • 13 slides
Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party

German Research Center for Artificial Intelligence GmbH Automatic Disfluency Automatic Disfluency Detection in Multi-party Detection in Multi-party www.amiproject.org Conversations Conversations Feast, 30th September 2009 , 30th September

322 views • 28 slides
Deep multi-task learning with evolving weights Machine learning - computer vision published in

Deep multi-task learning with evolving weights Machine learning - computer vision published in

Deep multi-task learning with evolving weights Machine learning - computer vision published in European Symposium on Artificial Neural Networks (ESANN 2016) Soufiane Belharbi Romain Hrault Clment Chatelain Sbastien Adam

631 views • 44 slides
Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of Theoretical Computer Science ETH Zrich on joint work with R. Knzler, J. Mller-Quade, C. Lucas, U. Maurer, M. Fitzi Metaguse, 2009/10/04 Multi-Party

1.04k views • 83 slides
An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning http://www.cs.iastate.edu/~cs573x/bbsilab.html Machine Learning Software Preparing Data Building Classifiers Interpreting Results Machine Learning Software

496 views • 26 slides
MOCHA: Federated Multi-Task Learning NIPS 17 Virginia Smith Stanford / CMU Chao-Kai

MOCHA: Federated Multi-Task Learning NIPS 17 Virginia Smith Stanford / CMU Chao-Kai

MOCHA: Federated Multi-Task Learning NIPS 17 Virginia Smith Stanford / CMU Chao-Kai Chiang USC Maziar Sanjabi USC Ameet Talwalkar CMU MACHINE LEARNING WORKFLOW data & problem machine learning model n optimization

1.71k views • 35 slides
resolution over SLA issues between these parties be identified as unresolvable by either party

resolution over SLA issues between these parties be identified as unresolvable by either party

4. Performance Specifications 4.1 Goals and intentions of Service Level Agreements and Public Service Monitoring Goals of Service Level Agreements: Service Level Agreements are set between ICANN and Registry Operators to ensure predictable

247 views • 12 slides
Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by which computers can be trained through observation, rather than being explicitly programmed. Basically, a program is given input and adjusts its

556 views • 17 slides
Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done

Supreme Leader Pulkit Party!!!!!! Party!!!!!! Just us Party!!!!!! What we have done Party!!!!!! Party!!!!!! Curling Orientation Party!!!!!! Party!!!!!! Party!!!!!! National day parade Airport picking-uping Party!!!!!!

1.18k views • 69 slides
Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University January 12, 2015 Today: Readings: What is machine learning? The Discipline of ML Decision tree learning Mitchell, Chapter 3

872 views • 29 slides
Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee)

Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee)

Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee) (Mortgagor) Security Interest (SI) in real property Parties to Note and Deed of Trust Loan of Funds Owner-Debtor Creditor-Lender

189 views • 4 slides
Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer

Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer

Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer Science, University Of Bristol, Merchant Venturers Building, Woodland Road, Bristol, BS8 1UB. January 8, 2013 Nigel P . Smart Multi Party

604 views • 28 slides
Political Science 17 . 20 Introduction to American Politics Professor Devin Caughey MIT

Political Science 17 . 20 Introduction to American Politics Professor Devin Caughey MIT

Political Science 17 . 20 Introduction to American Politics Professor Devin Caughey MIT Department of Political Science and Partisanship Parties Lecture 14 (March 2, 2013) 1 / 13 Outline What Are Parties? 1 Why Do Parties Exist? 2 How Do

186 views • 14 slides
Distributed Systems with ZeroMQ and gevent Jeff Lindsay @progrium Why distributed systems?

Distributed Systems with ZeroMQ and gevent Jeff Lindsay @progrium Why distributed systems?

Distributed Systems with ZeroMQ and gevent Jeff Lindsay @progrium Why distributed systems? Harness more CPUs and resources Run faster in parallel Tolerance of individual failures Better separation of concerns Most web apps evolve into

2.04k views • 154 slides
Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for

Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for

Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for TRU Regulation Facility Registration, Fees, and Compliance Plan Reporting Expanded TRU Registration Requirements TRU Emission Standards

403 views • 15 slides
Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im

Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im

Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im Wood 1,3 1 University of Bristol 2 Data61 3 KU Leuven/COSIC ESAT 1/35 Outline Goal Generalising MPC Tools Performing MPC 2/35 Outline Goal

753 views • 72 slides
Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections

Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections

Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections Yiqing Hua Thomas Ristenpart Mor Naaman Cornell Tech, Cornell University Presentation for ICWSM 2020 Find the slides and paper on

357 views • 21 slides
Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant

Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant

Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant Anantharaman, Sean Smith Dartmouth College, NH, USA sameed.ali.gr@dartmouth.edu 1 Outline Motivation Our Evaluation Conclusions Approaches 2

381 views • 27 slides

More recommend