Data privacy preservation and uncertainty estimation in machine learning

Abstract

This thesis addresses the challenges of data privacy in the field of ma-chine learning, with a focus on privacy threats and uncertainty estimation in decentralized learning environments. As data grows exponentially and ma-chine learning models are widely adopted, the challenge of effectively using data while ensuring privacy protection has become paramount. To tackle this issue, the thesis proposes a task-adaptive privacy protection method that combines differential privacy and local differential privacy techniques, dynamically adjusting the noise level to maximize model utility while ensuring privacy protection. Additionally, this thesis explores privacy attacks in decentralized learning, including reconstruction attacks on Decentralized Gradient Descent (D-GD) and Gossip averaging protocols, and proposes cor-responding defense strategies. To improve model robustness, a normalizing flow-based uncertainty estimation method is introduced to detect anomalous predictions and apply additional privacy measures. Experiments demonstrate the effectiveness of these methods in various application scenarios, including real estate valuation and breast cancer detection. Ultimately, this thesis proposes a multi-layer defense mechanism that combines privacy protection and uncertainty estimation, offering stronger privacy protection and model robustness in complex decentralized learning scenarios.