Expert Talk - Tanja Šarčević, SBA Research

***** Talk
Ownership protection in Machine Learning: How to protect your neural network?
Outsourcing the complex Machine Learning (ML) models to cloud services witnessed a great growth over the past years as the costs of producing and maintaining ML systems can be decreased this way. However, the owners/creators of these models, by sharing them online, face the threat of model stealing and other types of unauthorised usages.
In this talk I would like to motivate the model watermarking as one of the ownership protection methods that allows the owners of ML models, in most of the cases deep neural networks (DNNs), to embed their signature into the models and this way trace the unauthorised usage. Two main requirements for watermarking techniques are (i) robustness, i.e., the mark should not be easily removable by third parties, and (ii) utility preservation, i.e., the mark should not introduce significant degradations to model performance. We will discuss the challenges related to these main requirements and applicability of the state-of-the-art techniques in the real-life scenarios.

***** About the speaker
Tanja Šarčević is a researcher in Machine Learning and Data Management team in SBA Research and currently working towards her PhD in computer science at TU Wien under supervision of Andreas Rauber. Her main research interests are privacy and security issues in data sharing and machine learning processes, in particular, data anonymization, privacy-preserving computation and ownership protection. Tanja received her bachelor’s degree in Computer Science from the Faculty of Electrical Engineering and Computing in Zagreb in 2016, and a master’s degree in Logic and Computation at TU Wien in 2019.

***** Agenda
17:30 Welcome
17:40 Expert Talk
Q&A
19:30 Community Topics

Looking forward to seeing you there!