Investigate the Relation between Robustness and Privacy
Title: Investigate the Relation between Robustness and Privacy
DNr: Berzelius-2024-81
Project Type: LiU Berzelius
Principal Investigator: Kamran Hosseini <>
Affiliation: Linköpings universitet
Duration: 2024-02-25 – 2024-09-01
Classification: 10201


In order to investigate the relationship between privacy and robustness in machine learning models, we are planning to perform robustness tests using the Marabou framework. We are going to run this tool on a combination of CNN and FCNN trained on a variety of datasets including MNIST, MIT-BIH, CHB-MIT to measure the robustness of the network. Our goal is to find a correlation between the robustness and the privacy of the networks. We are planning to use this correlation to enhance the performance of the state-of-the-art methods of Membership Inference Attacks (MIA). MIA is considered a confidentiality violation and a potential threat to artificial intelligence and machine learning applications by the US National Institute for Standards and Technology and the UK Information Comissioner's Office. We hope that our research sheds further light on the risks and potential impact of these attacks on user data privacy.