Interplay Robustness Privacy
Title: Interplay Robustness Privacy
DNr: NAISS 2024/22-262
Project Type: NAISS Small Compute
Principal Investigator: Kamran Hosseini <>
Affiliation: Linköpings universitet
Duration: 2024-02-28 – 2025-03-01
Classification: 10201


In order to investigate the relationship between privacy and robustness in machine learning models, we are planning to perform robustness tests using the Marabou framework. We are going to run this tool on a combination of CNN and FCNN trained on a variety of datasets including MNIST, MIT-BIH, CHB-MIT to measure the robustness of the network. Our goal is to find a correlation between the robustness and the privacy of the networks. We are planning to use this correlation to enhance the performance of the state-of-the-art methods of Membership Inference Attacks (MIA). MIA is considered a confidentiality violation and a potential threat to artificial intelligence and machine learning applications by the US National Institute for Standards and Technology and the UK Information Comissioner's Office. We hope that our research sheds further light on the risks and potential impact of these attacks on user data privacy.