REDEEM
Resilient, decentralized and privacy-preserving machine learning
Preview
Resilient, decentralized and privacy-friendly machine learning
Cédric Gouy-Pailler , Research Engineer CEA
Sonia Ben Mokhtar, Research director CNRS
This project aims to explore new distributed learning approaches that are resilient, robust to noise and adversarial attacks, and respectful of privacy. These distributed approaches should make it possible to go beyond current federated learning. From a theoretical point of view, REDEEM aims to provide a solid foundation for the proposed approaches, particularly in the case of malicious protagonists participating in the learning phase, and with the overriding objective of ensuring data confidentiality as far as possible. In addition to new approaches to distributing learning, REDEEM also aims for efficient implementations, by offering the community open-source code and tools.
Keywords : Decentralized Machine learning, Robustness; Privacy; Byzantine-resilience; distributed optimization; consensus algorithms in machine learning; Foundation models/extremely large models
Missions
Our researches
Specifications and guideline for decentralized system design with identification of associated threats
Formalize the foundational framework of the project with the identification of the primary functions to be fulfilled by the learnt system (detection, classification, recommendation), mathematically defining potential existing constraints (communication, computation resources), and expliciting a set of targeted properties related to the robustness, privacy, resilience and personalization abilities of the systems.
Algorithmic aspects of decentralized learning in an adversary-free environment
Investigate decentralized learning by focusing on algorithmic aspects while assuming that participants are honest. These investigations will take into account specifications like a dynamic and heterogeneous environment, extremely large models and personalization.
Decentralized learning under attack
Investigate novel privacy and Byzantine attacks as well as mitigation algorithms in a decentralized setting
Advanced trade-offs management
Consider advanced learning algorithms with new optimisation strategies over large and decentralized models in dynamic networks and in a hostile environment experiencing attacks
Consortium
CEA, INRIA, CNRS, Ecole Polytechnique, LAMSADE
- Codes associated with scientific methodological papers
- Open-sources libraries
- Shared datasets and benchmarks to ensure highest visibility
- Technical papers to disseminate specialized code and datasets
- Communication media such as website and social networks
- Prototypes showing the use of libraries in decentralized use cases
- General audience demonstrators
The project has the potential to create a major impact on society: enabling users to recover the control over their personal data (data sovereignty at the granularity of individuals) – while benefiting from the advanced services that can be derived from the collective. Decentralized learning as envisioned in REDEEM may lead to significant reorganization of the data economy, (where data is no longer shared but exploited without sharing). As a result, new applications are expected to appear.
A community of 44 researchers, teaching researchers and permanents engineers mobilizing 15 doctoral students, 8 post-doctoral students and 6 contractual researcher engineers.
Autres projets
