UK-US Summit for Democracy announces ETH team as a winner in a worldwide AI privacy competition
ETH Professor Martin Vechev and his team won first place in phase 3: red teaming in global AI Privacy Prize Challenge. The competition inspired innovators on both sides of the Atlantic to build solutions that enable collaborative development of artificial intelligence (AI) models, while keeping sensitive information private.
Driven by a shared priority to employ data to help solve critical global challenges in a manner that supports US and UK commitments to democratic values and the fundamental right to privacy, the challenges focused on developing PETs solutions for two scenarios: forecasting pandemic infection and detecting financial crime. The challenge utilised a red team/blue team approach with two types of participants: blue teams developed privacy-preserving solutions, while red teams acted as adversaries to test those solutions.
The Secure, Reliable, and Intelligent Systems Lab (SRI), led by Professor Martin Vechev, scored first place in the U.S. challenge in phase 3. In this phase, independent red teams of privacy researchers scrutinized and tested the blue team prototypes for privacy vulnerabilities. Phase 3 of the challenge began in November 2022: The teams were given access to the blue team concept papers from phase 1 to plan and prepare for conducting privacy attacks. During the two-and-a-half-week attack period in February 2023, red teams were given full access to blue teams' code to evaluate their privacy claims under both white box and black box privacy attacks.
The PETs Prize Challenge was a unique competition that successfully brought together a large number of researchers and spurred interesting and innovative work in advancing privacy technology. The winners were announced at the second Summit for Democracy end of March.
About the team
The Secure, Reliable, and Intelligent Systems Lab (SRI) is a research group in the Department of Computer Science at ETH Zurich. Their current research focus is on the areas of reliable, secure, robust and fair machine learning, probabilistic and quantum programming, and machine learning for code. The team has published several research papers about privacy attacks on federated learning (FL), such as gradient leakage attacks and its extensions to natural language processing and tabular data. The following members from SRI were part of the competition: Mislav Balunović, Jasper Dekoninck, Dimitar Iliev Dimitrov, Nikola Jovanović, Petar Tsankov, Martin Vechev and Mark Vero.
More information
- Prof. Martin Vechev
- Secure, Reliable, and Intelligent Systems Lab (SRI)
- external page White House Press Release: At Summit for Democracy, the United States and the United Kingdom Announce Winners of Challenge to Drive Innovation in Privacy-enhancing Technologies That Reinforce Democratic Values (31.03.2023)
- external page Meet the Final Winners of the U.S. PETs Prize Challenge