Safe machine learning model release from Trusted Research Environments: The SACRO-ML package
Jim Smith, Richard J. Preen, Andrew McCarthy, Maha Albashir, Alba Crespi-Boixader, Shahzad Mumtaz, Christian Cole, James Liley, Jost Migenda, Simon Rogers, and Yola Jones
TL;DR
SACRO-ML is an open-source Python toolkit that enhances the security of machine learning models trained on sensitive data by providing both ante-hoc and post-hoc disclosure control measures before public release.
Contribution
It introduces SACRO-ML, a comprehensive suite combining pre- and post-training disclosure risk assessments for ML models, addressing a critical gap in confidential data handling.
Findings
Provides ante-hoc SDC assessment for ML models.
Offers post-hoc empirical disclosure risk evaluation.
Open source with accessible tools and documentation.
Abstract
We present SACRO-ML, an integrated suite of open source Python tools to facilitate the statistical disclosure control (SDC) of machine learning (ML) models trained on confidential data prior to public release. SACRO-ML combines (i) a SafeModel package that extends commonly used ML models to provide ante-hoc SDC by assessing the vulnerability of disclosure posed by the training regime; and (ii) an Attacks package that provides post-hoc SDC by rigorously assessing the empirical disclosure risk of a model through a variety of simulated attacks after training. The SACRO-ML code and documentation are available under an MIT license at https://github.com/AI-SDC/SACRO-ML
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsExplainable Artificial Intelligence (XAI) · Adversarial Robustness in Machine Learning · Artificial Intelligence in Healthcare and Education