||A research group leader at CISPA Helmholtz Center for Information Security, Saarland Informatics Campus.
||2019 年 7 月 12 日（周五）10:00-11:30
||复旦大学张江校区 2101 教室
Machine learning has witnessed tremendous progress during the past decade. While keeping on improving our life quality, machine learning models may raise severe concerns towards people’s privacy. In this talk, I will cover our recent work on assessing privacy risks stemming from machine learning models. First, I will talk about membership inference attacks against machine learning models. We show how to relax adversary’s assumptions to achieve a model and data independent membership inference attack. Then, I will discuss our work on attacking online learning systems. We propose four effective attacks in this surface ranging from predicting attributes of the dataset used to update a machine learning model to reconstructing the updating dataset itself. In the end, I will discuss our lab's ongoing works in machine learning security and privacy.
Yang Zhang (https://yangzhangalmo.github.io/) is a research group leader at CISPA Helmholtz Center for Information Security, Saarbruecken, Germany. Previously, he was a postdoc working in the group of Michael Backes at CISPA from January 2017 to December 2018. Yang obtained his Ph.D. degree from University of Luxembourg in November 2016 under the supervision of Sjouke Mauw and Jun Pang. Prior to that, he obtained his bachelor (2009) and master (2012) degrees from Shandong University. Yang’s research mainly concentrates on data privacy. Topics include machine learning privacy, biomedical privacy, and social network privacy. Besides, he also works on algorithmic fairness, authentication, urban computing, social media analysis, and data mining. Yang has published multiple papers at top venues in computer science including WWW, CCS, NDSS, and IJCAI. His work has recently received NDSS 2019 distinguished paper award.