Ali Anwar Leads 3-Year $1.1M NSF Grant for Privacy Preservation Systems
Department of Computer Science & Engineering Assistant Professor Ali Anwar is the principal investigator for a three-year $1.1 million grant from the National Science Foundation (NSF) focusing on privacy preservation systems. The University of Minnesota is the lead institution on the grant and is partnering with the University of Massachusetts Amherst, and Virginia Polytechnic Institute and State University to build a testbed for privacy techniques in federated learning.
“Federated learning is a form of machine learning where data remains at its source rather than being centralized,” Anwar said. “Models are trained locally and then combined to produce a global model, allowing insights across diverse data sources without directly sharing the underlying data.”
While this decentralized approach improves data privacy, it also introduces new security risks. Adversaries can exploit the training process to infer sensitive information, for example, through membership inference attacks that reveal whether a specific individual’s data was used in training.
“Despite its promise, federated learning is vulnerable to sophisticated attacks,” Anwar said. “Our goal is to systematically evaluate and strengthen these systems before they are deployed in real-world applications.
“We are creating a testbed, so anyone who is interested in developing a federated learning application can come and test their application before they release it or create a product to make sure that their application is privacy preserved and robust. This testbed will incorporate a range of privacy-preserving techniques along with defenses against diverse attack models, enabling users to rigorously evaluate their deployments before going live.”
Anwar’s team will work to design and develop the framework for the testbest and add privacy preserving techniques. That framework will be enhanced over the next three years, and will eventually evolve into a community ecosystem that is open for others to use for their own federated learning. The testbed will be deployed at the University of Southern California with the Security and Privacy Heterogeneous Environment for Reproducible Experimentation (SPHERE) research group.
“Over the next three years, people will add new privacy-preserving techniques, new types of attacks into this framework, and this will evolve. This will be community driven where individuals can start contributing to this framework so others can benefit from it. We are creating an ecosystem where both the federated learning researchers, developers, and the users can come together at one place to take advantage of this testbed.”