SpaLab Research Lab

📣 The first seminar of the Trustworthy AI Seminars will be given by @KairouzPeter on "Context Matters: A New Paradigm for Differentially Private Synthetic Text Generation." 🕰️ Friday, March 6, at 9am PT / 12pm ET / 5pm UK time 🌎 Details at trust-ai-sem.github.io

Hey everyone, @ebagdasa and Emiliano De Cristofaro are rebooting and widening the old prisec-ml seminar series. First speaker @KairouzPeter on March 6! Check out: trust-ai-sem.github.io

Congrats to @ganevgv: his paper "SMOTE and Mirrors: Exposing Privacy Leakage from Synthetic Minority Oversampling" was accepted at @iclr_conf! Pre-print arxiv.org/abs/2510.15083

Congrats to @sundarmsa -- his paper "To Shuffle or not to Shuffle: Auditing DP-SGD with Shuffling" was just accepted to @NDSSSymposium! Only 21 out of 950 straight accepts this round! Joint work with Borja Balle, Jamie Hayes, & Emiliano. Pre-print: arxiv.org/abs/2411.10614

Emiliano will be back at UCL for a talk on Monday 📍 169 Euston Road, GF Seminar Room 📅 September 22 🕑 2:00 PM Swing by if you’re in town and interested in synthetic data and privacy or just want to say hi. sec.cs.ucl.ac.uk/seminars/

We're excited to announce the Call for Papers for SaTML 2026, the premier conference on secure and trustworthy machine learning @satml_conf We seek papers on secure, private, and fair learning algorithms and systems. 👉 satml.org/call-for-paper… ⏰ Deadline: Sept 24

Huge congrats to @ganevgv for receiving the Distinguished Paper Award at #ieeesp25 @IEEESSP for his work "The Inadequacy of Similarity-based Privacy Metrics: Privacy Attacks against “Truly Anonymous” Synthetic Datasets." arxiv.org/pdf/2312.05114…

Pre-print: arxiv.org/pdf/2504.08254… Co-authored by @sundarmsa, Sofiane Mahou, and Emiliano De Cristofaro

Extracting it directly from the input data breaks DP. This well know but, alas, also common practice. Our experiments also show that membership inference attacks may perform well by detecting issues with data domain extraction rather than vulnerabilities of the generative models

.@ganevgv's paper, Understanding the Impact of Data Domain Extraction on Synthetic Data Privacy, will be presented at the ICLR SynthData workshop next week. A tiny paper studying the impact of how you extract the data domain while training generative models for synthetic data

Happy to announce that @ganevgv's paper, “The Inadequacy of Similarity-based Privacy Metrics: Privacy Attacks against “Truly Anonymous” Synthetic Datasets,” has been accepted to IEEE Security & Privacy. Pre-print: arxiv.org/pdf/2312.05114

Happy to announce that Dr. Emiliano De Cristofaro was recently recognized as a Distinguished Member of the ACM acm.org/media-center/2…

TL;DR: 1/ We analyze 6 implementations of PATE-GAN, including 3 by the original authors 2/ None reproduce the utility reported in the original paper 3/ All implementations leak more privacy than intended 4/ We uncover 19 privacy violations and 5 other bugs

The final version of @ganevgv's TMLR paper, "The Elusive Pursuit of Reproducing PATE-GAN: Benchmarking, Auditing, Debugging," is now available at: arxiv.org/abs/2406.13985

🚨 Call for Papers! 🚨 We’re excited to announce the 6th International Workshop on Cyber Social Threats #CySoc2025 that will be held at #ICWSM2025 in Denmark! 🎉 🌍 Spotlight Topic: "Political Conflicts in Online Platforms in the Era of Gen-AI." 📢 We invite submissions for: ✔ Research Papers ✔ Position Papers ✔ Short Papers ✔ Demo Papers All accepted submissions will be peer-reviewed and published in the ICWSM Companion Proceedings. 📅 Submission Deadline: March 31, 2025 🔗 More details & submission info: cy-soc.github.io/2025/ We are preparing a rich program as in the past years. Join us in shaping the conversation around cyber social threats in this exciting times! Please reach out if you have any questions. Looking forward to your submissions! 🚀 #AI #CyberSocialThreats #PoliticalConflicts #GenAI #AIandSociety @mdeverna2 @yang3kc @frapi9 @jhblackb @yelenamejova

.@sundarmsa's upcoming WWW paper on browser fingerprinting is now available on arXiv arxiv.org/abs/2502.01608

Congrats to @sundarmsa and Igor — our new paper on browser fingerprinting has been accepted to WWW’25. G’day, mate!

3. Overall, we identify 17 privacy violations and 5 other bugs, many in how PATE is implemented in PATE-GAN, e.g., feeding data to the teachers, tracking the privacy budget, etc.

Tl;dr 1. We fail to replicate the utility performance reported in the original PATE-GAN paper across all the six implementations we benchmark; 2. All implementations leak more privacy than they should (empirical privacy estimates are worse than the theoretical DP bounds)

Happy to report that the paper "The Elusive Pursuit of Reproducing PATE-GAN: Benchmarking, Auditing, Debugging" led by @ganevgv has been accepted pending minor revision to the prestigious TMLR journal. Pre-print: arxiv.org/abs/2406.13985