Supervised Machine Learning with Plausible Deniability

Abstract: We study the question of how well machine learning (ML) models trained on a certain data set provide privacy for the training data, or equivalently, whether it is possible to reverse-engineer the training data from a given ML model. While this is easy to answer negatively in the most general case, it is interesting to note that the protection extends over non-recoverability towards plausible deniability: Given an ML model f , we show that one can take a set of purely random training data, and from this define … Show more