This paper corrects the theoretical analysis of DP-SGD by identifying that common implementations, which use batch averaging, result in weaker privacy guarantees than previously reported.

The paper introduces Balanced Iteration Subsampling (BIS), a structured sampling scheme that is proven to achieve stronger privacy amplification than the standard Poisson subsampling used in DP-SGD by…

The paper introduces Fractional-Order Differentially Private Stochastic Gradient Descent (FO-DP-SGD), a mechanism that incorporates fractional memory into the gradient release process to improve priva…

The paper introduces SMA-DP-SGD, a Spectral Memory-Aware Differential Privacy method that enhances standard DP-SGD by incorporating a memory branch derived from past noisy updates, improving model uti…

The paper proposes IntraShuffler, a novel privacy-preserving middleware defense that enables gradient shuffling in Heterogeneous Differential Privacy Federated Learning (HDP-FL) systems, significantly…

The paper proposes IntraShuffler, a novel privacy-preserving middleware defense that enables gradient shuffling in Heterogeneous Differential Privacy Federated Learning (HDP-FL) while maintaining the…

The paper proposes DP-SelFT, a novel framework for differentially private selective fine-tuning that significantly improves the privacy-utility trade-off for LLMs by intelligently selecting robust par…

This paper proposes two post-processing techniques, random selection and linear combination, to construct a model that satisfies any desired differential privacy level without retraining, given a set…

The paper proposes DP-MacAdam, a novel differentially private optimization algorithm that simultaneously uses adaptive gradient clipping and momentum, achieving improved model accuracy over existing m…

The paper proposes FedPower, a novel differentially private cross-silo Federated Learning framework that uses PowerDP to reconstruct and project client updates into a secure low-rank space, effectivel…

The paper proposes PAC-DP, a personalized adaptive clipping framework that dynamically adjusts gradient clipping thresholds based on the desired privacy budget, significantly improving the privacy-uti…

The paper introduces a novel realization-level privacy filtering approach that improves utility in differentially private data release by accounting for actual leakage rather than worst-case per-round…

This paper empirically evaluates the effectiveness of Differential Privacy (DP) against Membership Inference Attacks (MIAs) in Federated Learning, demonstrating that a stacking attack strategy can det…

This paper introduces a novel framework for differentially private sampling by using the Wasserstein distance as the utility measure, proposing the Wasserstein Projection Mechanism (WPM) to address li…

The paper provides a tight, transparent, and closed-form analysis of the trade-off function for Differentially Private SGD using random shuffling, significantly improving upon previous methods and est…

RootGuard introduces a dependency-aware privacy mechanism that sanitizes private data roots once, ensuring consistent privacy guarantees across multiple multi-turn agent interactions, significantly ou…

The paper demonstrates that by introducing carefully designed correlations among locally added noise variables, local differential privacy mechanisms can achieve an estimation cost matching the optima…

The paper shows that using random cropping, a standard data augmentation technique, can naturally amplify differential privacy guarantees for machine learning models without requiring any changes to t…

This paper introduces an attack, PRIVX, demonstrating that even differentially private (DP) Graph Neural Network (GNN) explanations leak enough structural information to allow an adversary to accurate…

The paper proposes FLRSP, a privacy-preserving federated learning method that enhances robustness by randomly selecting model parameters for global model updates, maintaining high accuracy against sta…