Safe machine learning model release from Trusted Research Environments: The SACRO-ML package

Jim C Smith; Richard J. Preen; Andrew McCarthy; Maha Albashir; Alba Crespi-Boixader; Shahzad Mumtaz; James Liley; Simon Rogers; Yola Jones

doi:10.48550/arXiv.2212.01233

Safe machine learning model release from Trusted Research Environments: The SACRO-ML package

Jim C Smith, Richard J. Preen, Andrew McCarthy, Maha Albashir, Alba Crespi-Boixader, Shahzad Mumtaz, James Liley, Simon Rogers, Yola Jones

Computing Science

Research output: Working paper › Preprint

Abstract

We present SACRO-ML, an integrated suite of open source Python tools to facilitate the statistical disclosure control (SDC) of machine learning (ML) models trained on confidential data prior to public release. SACRO-ML combines (i) a SafeModel package that extends commonly used ML models to provide ante-hoc SDC by assessing the vulnerability of disclosure posed by the training regime; and (ii) an Attacks package that provides post-hoc SDC by rigorously assessing the empirical disclosure risk of a model through a variety of simulated attacks after training. The SACRO-ML code and documentation are available under an MIT license at https://github.com/AI-SDC/SACRO-ML

Original language	English
Publisher	ArXiv
DOIs	https://doi.org/10.48550/arXiv.2212.01233
Publication status	Published - 2 Dec 2022

Funding

This work was funded by UK Research and Innovation under Grant Numbers MC_PC_21033 and MC_PC_23006 as part of Phase 1 of the Data and Analytics Research Environments UK (DARE UK) programme, delivered in partnership with Health Data Research UK (HDR UK) and Administrative Data Research UK (ADR UK). The specific projects were Semi-Automatic checking of Research Outputs (SACRO; MC_PC_23006) and Guidelines and Resources for AI Model Access from TrusTEd Research environments (GRAIMATTER; MC_PC_21033). It has also been supported by MRC and EPSRC (PICTURES; MR/S010351/1).

Funders	Funder number
UK Research and Innovation	MC_PC_21033, MC_PC_23006, MR/S010351/1

Keywords

cs.LG
cs.CR
cs.IR

Access to Document

10.48550/arXiv.2212.01233Licence: Other

2212.01233v3

Cite this

@techreport{ce04e610f0f94fbeb78977620fb4a68b,

title = "Safe machine learning model release from Trusted Research Environments: The SACRO-ML package",

abstract = " We present SACRO-ML, an integrated suite of open source Python tools to facilitate the statistical disclosure control (SDC) of machine learning (ML) models trained on confidential data prior to public release. SACRO-ML combines (i) a SafeModel package that extends commonly used ML models to provide ante-hoc SDC by assessing the vulnerability of disclosure posed by the training regime; and (ii) an Attacks package that provides post-hoc SDC by rigorously assessing the empirical disclosure risk of a model through a variety of simulated attacks after training. The SACRO-ML code and documentation are available under an MIT license at https://github.com/AI-SDC/SACRO-ML ",

keywords = "cs.LG, cs.CR, cs.IR",

author = "Smith, {Jim C} and Preen, {Richard J.} and Andrew McCarthy and Maha Albashir and Alba Crespi-Boixader and Shahzad Mumtaz and James Liley and Simon Rogers and Yola Jones",

year = "2022",

month = dec,

day = "2",

doi = "10.48550/arXiv.2212.01233",

language = "English",

publisher = "ArXiv",

type = "WorkingPaper",

institution = "ArXiv",

}

TY - UNPB

T1 - Safe machine learning model release from Trusted Research Environments

T2 - The SACRO-ML package

AU - Smith, Jim C

AU - Preen, Richard J.

AU - McCarthy, Andrew

AU - Albashir, Maha

AU - Crespi-Boixader, Alba

AU - Mumtaz, Shahzad

AU - Liley, James

AU - Rogers, Simon

AU - Jones, Yola

PY - 2022/12/2

Y1 - 2022/12/2

N2 - We present SACRO-ML, an integrated suite of open source Python tools to facilitate the statistical disclosure control (SDC) of machine learning (ML) models trained on confidential data prior to public release. SACRO-ML combines (i) a SafeModel package that extends commonly used ML models to provide ante-hoc SDC by assessing the vulnerability of disclosure posed by the training regime; and (ii) an Attacks package that provides post-hoc SDC by rigorously assessing the empirical disclosure risk of a model through a variety of simulated attacks after training. The SACRO-ML code and documentation are available under an MIT license at https://github.com/AI-SDC/SACRO-ML

AB - We present SACRO-ML, an integrated suite of open source Python tools to facilitate the statistical disclosure control (SDC) of machine learning (ML) models trained on confidential data prior to public release. SACRO-ML combines (i) a SafeModel package that extends commonly used ML models to provide ante-hoc SDC by assessing the vulnerability of disclosure posed by the training regime; and (ii) an Attacks package that provides post-hoc SDC by rigorously assessing the empirical disclosure risk of a model through a variety of simulated attacks after training. The SACRO-ML code and documentation are available under an MIT license at https://github.com/AI-SDC/SACRO-ML

KW - cs.LG

KW - cs.CR

KW - cs.IR

U2 - 10.48550/arXiv.2212.01233

DO - 10.48550/arXiv.2212.01233

M3 - Preprint

BT - Safe machine learning model release from Trusted Research Environments

PB - ArXiv

ER -

Safe machine learning model release from Trusted Research Environments: The SACRO-ML package

Abstract

Funding

Keywords

Access to Document

Fingerprint

Cite this