Description
The wider adoption of machine learning (ML) and artificial intelligence (AI) make several applications successful across societies such as healthcare, finance, robotics, transportation and industry operations by inducing intelligence in real-time [1-2]. Designing, developing and deploying reliable, robust, and secure ML algorithms are desirable for building trustworthy systems that offer trusted services to users with high-stakes decision making [2-4]. For instance, AI-assisted robotic surgery, automated financial trading, autonomous driving and many more modern applications are vulnerable to concept drifts, dataset shifts, misspecifications, misconfiguration of model parameters, perturbations, and adversarial attacks beyond human or even machine comprehension level, thereby posing dangerous threats to various stakeholders at different levels. Moreover, building trustworthy AI systems requires lots of research efforts in addressing different mechanisms and approaches that could enhance user and public trust. To name a few, the following topics are known to be topics of interest in trustworthy and secure AI, but are not limited to: (i) bias and fairness, (ii) explainability, (iii) robust mitigation of adversarial attacks, (iv) improved privacy and security in model building, (v) being decent, (vi) model attribution and (vii) scalability of the model under adversarial settings [1-5]. All of these topics are important and need to be addressed.
This special session aims to draw together state-of-the-art advances in machine learning (ML) to address challenges for ensuring reliability, security and privacy in trustworthy systems. The challenges in different learning paradigms are including, but are not limited to (i) robust learning, (ii) adversarial learning, (iii) stochastic, deterministic and non-deterministic learning, and (iv) secure and private learning. Nonetheless, all aspects of learning algorithms that can deal with reliable, robust and secure issues are the focus of the special session. It will focus on robustness and performance guarantee, as well as, consistency, transparency and safety of AI which is vital to ensure reliability. The special session will attract analytics experts from academics and industries to build trustworthy AI systems by developing and assessing theoretical and empirical methods, practical applications, and new ideas and identifying directions for future studies. Original contributions, as well as comparative studies among different methods, are welcome with an unbiased literature review.
Robustness of machine learning/deep learning/reinforcement learning algorithms and trustworthy systems in general.
Confidence, consistency, and uncertainty in model predictions for reliability beyond robustness.
Transparent AI concepts in data collection, model development, deployment and explainability.
Adversarial attacks - evasion, poisoning, extraction, inference, and hybrid.
New solutions to make a system robust and secure to novel or potentially adversarial inputs; to handle model misspecification, corrupted training data, addressing concept drifts, dataset shifts, and missing/manipulated data instances.
Theoretical and empirical analysis of reliable/robust/secure ML methods.
Comparative studies with competing methods without reliable/robust certified properties.
Applications of reliable/robust machine learning algorithms in domains such as healthcare, biomedical, finance, computer vision, natural language processing, big data, and all other relevant areas.
Unique societal and legal challenges facing reliability for trustworthy AI systems.
Secure learning from data having high missing values, incompleteness, noisy
Private learning from sensitive and protected data
Paper Submission Deadline: 15 May 2025
Notification of Acceptance: 15 July 2025
Camera Ready Submission: 15 August 2025
Registration Deadline: 15 August 2025
Conference Dates: 20-25 Nov 2025
Submission guideline: please follow the guideline here.
Title: Privacy in Fine-tuning and Prompting for Large Language Models: Attacks, Defenses, and Future Directions
Biography: Yang Cao is an Associate Professor at the Department of Computer Science, Institute of Science Tokyo (Science Tokyo, formerly Tokyo Tech), and directing the Trustworthy Data Science and AI (TDSAI) Lab. He is passionate about studying and teaching on algorithmic trustworthiness in data science and AI. Two of his papers on data privacy were selected as best paper finalists in top-tier conferences IEEE ICDE 2017 and ICME 2020. He was a recipient of the IEEE Computer Society Japan Chapter Young Author Award 2019, Database Society of Japan Kambayashi Young Researcher Award 2021. His research projects were/are supported by JSPS, JST, MSRA, KDDI, LINE, WeBank, etc.
Abstract: Fine-tuning and Prompting have emerged as a critical process in leveraging Large Language Models (LLMs) for specific downstream tasks, enabling these models to achieve state-of-the-art performance across various domains. However, the fine-tuning and prompting process often involves sensitive datasets, introducing privacy risks that exploit the unique characteristics of this stage. In this tutorial, I will provide a comprehensive view of privacy challenges associated with fine-tuning and prompting LLMs, highlighting vulnerabilities to various privacy attacks, including membership inference, data extraction, and backdoor attacks. We further review defense mechanisms designed to mitigate privacy risks, such as differential privacy, federated learning, and knowledge unlearning, discussing their effectiveness and limitations in addressing privacy risks and maintaining model utility. By identifying key gaps in existing research, we highlight challenges and propose directions to advance the development of privacy-preserving methods for leveraging LLMs, promoting their responsible use in diverse applications.
ICONIP 2025 will be held physically, during Nov 20-24, 2025.