Skip to main content

Privacy-Preserving Machine Learning

Primary supervisor

Rafael Baiao Dowsley

Research area


With success stories ranging from speech recognition to self-driving cars, machine learning (ML) has been one of the most impactful areas of computer science. ML’s versatility stems from the wealth of techniques it offers, making ML seem an excellent tool for any task that involves building a model from data. Nevertheless, ML makes an implicit overarching assumption that severely limits its applicability to a broad class of critical domains: the data owner is willing to disclose the data to the model builder/holder. This assumption is particularly problematic in industries with sensitive data, such as the financial sector or healthcare. This dilemma between enjoying the benefits from ML techniques and keeping data private might become a severe restriction to the social and economic gains that ML can provide. This necessitates privacy-preserving ML techniques that can solve the privacy versus utility dilemma by using cryptographic techniques to protect the privacy of the data.

This project has the goal of developing scalable solutions for privacy-preserving machine learning. This is done by both making the ML techniques more crypto-friendly as well as making the crypto building blocks more ML-friendly, so that the overall solution can achieve better performance. To get a taste of the sort of techniques that are employed, you can take a look at some of my recent publications:

- "Privacy-Preserving Training of Tree Ensembles over Continuous Data", PETS 2022

- "Privacy-Preserving Video Classification with Convolutional Neural Networks", ICML 2021

- "Privacy-Preserving Feature Selection with Secure Multiparty Computation", ICML 2021

- "High Performance Logistic Regression for Privacy-Preserving Genome Analysis", BMC Medical Genomics 2021

- "Privacy-Preserving Classification of Personal Text Messages with Secure Multi-Party Computation", NeurIPS 2019

- "Protecting Privacy of Users in Brain-Computer Interface Applications", IEEE Transactions on Neural Systems and Rehabilitation Engineering 2019

- "Efficient and Private Scoring of Decision Trees, Support Vector Machines and Logistic Regression Models based on Pre-Computation", IEEE Transactions on Dependable and Secure Computing 2019


Required knowledge

Preferable: Knowledge of either cryptography or ML (having knowledge of both cryptography and ML would of course be a plus, but it is not expected).

Project funding


Learn more about minimum entry requirements.