差分プライバシーを超えたデータ保護 [AIセキュリティ&プライバシーチーム]

Abstract

Running machine learning and AI algorithms on personal and sensitive data raises privacy concerns and creates the potential for inadvertent information leakage. For example, text messages or images can be extracted from generative models. However, analyzing such data can significantly benefit individuals and society, particularly in areas like healthcare and transportation. To balance these conflicting objectives, it's essential to deploy and securely implement data analysis methods with strong confidentiality guarantees.

In this talk, I will explore the challenges and opportunities in achieving this goal. I'll start by detailing attacks that target not only machine learning algorithms but also naive implementations of algorithms that offer rigorous theoretical guarantees, such as differential privacy. Following this, I will discuss approaches to mitigate these attack vectors, including property-preserving data analysis. Specifically, I will present our work on protecting dataset properties that extend beyond traditional record-level privacy—for instance, safeguarding subpopulation information instead of focusing solely on individual records. Finally, I will introduce ElephantDP, a system designed to provide strong security guarantees even when differential privacy algorithms are executed in insecure environments.

Bio

Olya Ohrimenko is a Professor at The University of Melbourne, where she joined in 2020 after six years at Microsoft Research in Cambridge, UK. Her research focuses on the privacy and integrity of machine learning and AI algorithms, data analysis tools, and cloud computing. She works on various topics including:

• Differential privacy
• Dataset confidentiality
• Verifiable and data-oblivious computation
• Trusted execution environments
• Side-channel attacks and their mitigations

Olya has collaborated with organizations such as the Australian Bureau of Statistics, National Australia Bank, and Microsoft. She has also secured solo and joint research grants from Meta, Oracle, and the Australian Department of Defence. Her contributions have been recognized with a Commendation for Outstanding Research Contribution in the 2025 CORE Awards. She was also a finalist in the AI in Cyber Security category of the Women in AI Asia-Pacific Awards in both 2023 and 2024.

For more information, please visit https://oohrimenko.github.io.