This paper proposes two post-processing techniques, random selection and linear combination, to construct a model that satisfies any desired differential privacy level without retraining, given a set…

DP-SAPF introduces a saliency-aware parameter fine-tuning method that selectively identifies the most critical parameters for LoRA training, significantly improving the utility and fidelity of differe…

The paper introduces Balanced Iteration Subsampling (BIS), a structured sampling scheme that is proven to achieve stronger privacy amplification than the standard Poisson subsampling used in DP-SGD by…

The paper proposes DPSR-CG, a novel differentially private selective release mechanism that rigorously maintains strict privacy guarantees while significantly improving model utility compared to exist…

This paper corrects the theoretical analysis of DP-SGD by identifying that common implementations, which use batch averaging, result in weaker privacy guarantees than previously reported.

The paper proposes DP-MacAdam, a novel differentially private optimization algorithm that simultaneously uses adaptive gradient clipping and momentum, achieving improved model accuracy over existing m…

The paper proposes a Jacobian-guided anisotropic noise reshaping technique to selectively attenuate noise in task-relevant subspaces, significantly enhancing data utility while maintaining Local Diffe…

The paper introduces Fractional-Order Differentially Private Stochastic Gradient Descent (FO-DP-SGD), a mechanism that incorporates fractional memory into the gradient release process to improve priva…

This paper introduces a dual-layer side-channel attack framework that exploits the variable workload introduced by dynamic image preprocessing in local Vision-Language Models (VLMs) to infer sensitive…

The paper introduces a differentially private manifold denoising framework that allows noisy, non-private query points to be corrected using sensitive reference data while providing formal $(\varepsil…

The paper proposes IntraShuffler, a novel privacy-preserving middleware defense that enables gradient shuffling in Heterogeneous Differential Privacy Federated Learning (HDP-FL) systems, significantly…

The paper proposes IntraShuffler, a novel privacy-preserving middleware defense that enables gradient shuffling in Heterogeneous Differential Privacy Federated Learning (HDP-FL) while maintaining the…

The paper proposes PAC-DP, a personalized adaptive clipping framework that dynamically adjusts gradient clipping thresholds based on the desired privacy budget, significantly improving the privacy-uti…

The paper proposes DP-SelFT, a novel framework for differentially private selective fine-tuning that significantly improves the privacy-utility trade-off for LLMs by intelligently selecting robust par…

The paper proposes FLRSP, a privacy-preserving federated learning method that enhances robustness by randomly selecting model parameters for global model updates, maintaining high accuracy against sta…

The paper proposes DP-LAC, a novel lightweight adaptive clipping technique for differentially private federated fine-tuning, which efficiently estimates and adapts the clipping threshold without consu…

The paper introduces Sparse Backdoor, a novel supply-chain attack that embeds a provably undetectable backdoor into pre-trained image classifiers by injecting structured sparse perturbations.

This paper proposes a density-aware attack that constructs triggers by placing poisoned samples in low-density regions of the clean data distribution, achieving high attack success rates even after st…

The paper introduces SMA-DP-SGD, a Spectral Memory-Aware Differential Privacy method that enhances standard DP-SGD by incorporating a memory branch derived from past noisy updates, improving model uti…

The paper proposes a novel exponential mechanism using quadratic approximations to fine-tune machine learning models on sensitive data while providing strong differential privacy guarantees.