Composition is a key feature of differential privacy. Well-known advanced composition
theorems allow one to query a private database quadratically more times than basic privacy …

Differentially private stochastic gradient descent (DP-SGD) is the workhorse algorithm for
recent advances in private deep learning. It provides a single privacy guarantee to all …

In this paper, we establish anti-concentration inequalities for additive noise mechanisms
which achieve $ f $-differential privacy ($ f $-DP), a notion of privacy phrased in terms of a …

Differentially private stochastic gradient descent (DP-SGD) is the canonical approach to
private deep learning. While the current privacy analysis of DP-SGD is known to be tight in …

Data-dependent privacy accounting frameworks such as per-instance differential privacy
(pDP) and Fisher information loss (FIL) confer fine-grained privacy guarantees for …

We introduce S-BDT: a novel (ε, δ)-differentially private distributed gradient boosted decision
tree (GBDT) learner that improves the protection of single training data points (privacy) while …

Quantifying the impact of individual data samples on machine learning models is an open
research problem. This is particularly relevant when complex and high-dimensional …

We apply a state-of-the-art membership inference attack (MIA) to systematically test the
practical privacy vulnerability of fine-tuning large image classification models. We focus on …

Personalized privacy becomes critical in deep learning for Trustworthy AI. While
Differentially Private Stochastic Gradient Descent (DP-SGD) is widely used in deep learning …

Membership inference attacks (MIAs) are widely used to empirically assess the privacy risks
of samples used to train a target machine learning model. State-of-the-art methods however …