Closed Benjamin-Lee closed 5 years ago
Absolutely worth talking about, particularly in this domain. We can also discuss some techniques, like adding differential privacy during training, that might help mitigate some risks.
@zhampel, @MaAleBarr, @ninalopatina, @ltindall, @mlomnitz, @paulgowdy and the rest of the Cyphercat crew, I'd love to hear your feedback on this rule.
@brettbj may have some good feedback here as well
This rule is clearly important (hence its inclusion via #61 ). I think it may ease adoption if we also add some actionable advice (e.g. commonly used software libraries, industry standards) in addition to a general precaution.
I think model security should highlight at a minimum:
These are both big areas in security and are both gaining traction in the deep learning space. The challenge with obscuring information, however, is a trade-off between training time and privacy/security. We will continue to see these models get better and faster, and this is definitely an important section.
Another relevant one (although not bio-specific):
Seems covered in tip 10 now https://github.com/Benjamin-Lee/deep-rules/blob/master/content/12.privacy.md
Adversarial learning (not to be confused with generative adversarial networks) is a growing threat. One particular issue is model inversion, which allows the extraction of sensitive data, either with or without access to the weights.
To be safe, unless you know what you are doing, it's probably best not to share weights that have been trained on sensitive data.