Date
2019
Dewey
Programmation, logiciels, organisation des données
Sujet
Differential Privacy; Adversarial Examples; Renyi divergence
Conference name
Workshop on Machine Learning for CyberSecurity at ECMLPKDD 2019
Conference date
09-2019
Conference city
Wurzburg
Conference country
GERMANY
Author
Pinot, Rafaël
Yger, Florian
Gouy-Pailler, Cedric
Atif, Jamal
Type
Communication / Conférence
Abstract (EN)
This short note highlights some links between two lines of research within the emerging topic of trustworthy machine learning: differential privacy and robustness to adversarial examples. By abstracting the definitions of both notions, we show that they build upon the same theoretical ground and hence results obtained so far in one domain can be transferred to the other. More precisely, our analysis is based on two key elements: probabilistic mappings (also called randomized algorithms in the differential privacy community), and the Renyi divergence which subsumes a large family of divergences. We first generalize the definition of robustness against adversarial examples to encompass probabilistic mappings. Then we observe that Renyi-differential privacy (a generalization of differential privacy recently proposed in [10]) and our definition of robustness share several similarities. We finally discuss how can both communities benefit from this connection to transfer technical tools from one research field to the other.