Title:  Understanding and Mitigating Privacy Vulnerabilities in Deep Learning

Committee:

Dr. Moinuddin Qureshi, CoC, Chair, Advisor

Dr. , Co-Advisor

Dr. Ghassan AlRegib, ECE

Dr. Tushar Krishna, ECE

Dr. Atul Prakash, U Michigan

Dr. Edward Suh, Cornell

Abstract: This thesis demonstrates that the information exchanged during training and inference can compromise data and model privacy by discovering the vulnerabilities of frameworks used for privacy-preserving training and inference. We leverage these vulnerabilities to develop new attacks that overcome the limitations of prior works and achieve state-of-the-art attack performance, breaking the illusion of privacy and emphasizing the need for principled defenses. Furthermore, our insights have led to the development of defenses that safeguard model privacy with minimal impact on performance, enabling the practical deployment of models for remote inference while protecting privacy.