Abstract: One embodiment provides a method comprising receiving a training set comprising a plurality of data points, where a neural network is trained as a classifier based on the training set. The method further comprises, for each data point of the training set, classifying the data point with one of a plurality of classification labels using the trained neural network, and recording neuronal activations of a portion of the trained neural network in response to the data point. The method further comprises, for each classification label that a portion of the training set has been classified with, clustering a portion of all recorded neuronal activations that are in response to the portion of the training set, and detecting one or more poisonous data points in the portion of the training set based on the clustering.

Abstract: One embodiment provides a method comprising intercepting an incoming communication for a user, and determining whether to classify the incoming communication as a suspicious incoming communication based on content of the incoming communication and a learned classification model or learned signatures. The method further comprises monitoring one or more outgoing communications from the user, and invoking an action relating to scam prevention in response to determining an outgoing communication from the user is linked to a suspicious incoming communication.

Abstract: A method, computer system, and computer program product are provided. A set of classifiers are applied to metric definitions of an electronic contract between computing devices of a service provider and a service consumer. Each classifier includes a selector pattern and a set of variable declarations. Performance data of the service provider computing device are filtered according to the selector pattern of the each classifier. One or more algebraic expressions of the metric definitions are evaluated in accordance with the each classifier and the filtered performance data to determine compliance of the service provider computing device with the electronic contract. Evaluation results indicating whether the service provider computing device is in compliance with the electronic contract are captured and reported.

Abstract: Techniques regarding privacy preservation in a federated learning environment are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can comprise a plurality of machine learning components that can execute a machine learning algorithm to generate a plurality of model parameters. The computer executable components can also comprise an aggregator component that can synthesize a machine learning model based on an aggregate of the plurality of model parameters. The aggregator component can communicate with the plurality of machine learning components via a data privacy scheme that comprises a privacy process and a homomorphic encryption process in a federated learning environment.

Abstract: One embodiment provides a method for federated learning across a plurality of data parties, comprising assigning each data party with a corresponding namespace in an object store, assigning a shared namespace in the object store, and triggering a round of federated learning by issuing a customized learning request to at least one data party. Each customized learning request issued to a data party triggers the data party to locally train a model based on training data owned by the data party and model parameters stored in the shared namespace, and upload a local model resulting from the local training to a corresponding namespace in the object store the data party is assigned with. The method further comprises retrieving, from the object store, local models uploaded to the object store during the round of federated learning, and aggregating the local models to obtain a shared model.

Abstract: A computer-implemented method includes receiving characteristics of available resources usable for downloading layers of a container image and fetching a manifest of the container image from a container registry. The method includes determining layers of the container image to be downloaded based on the manifest and, based on the characteristics of the available resources and sizes of the layers to be downloaded, adjusting an optimal parallelism to download the layers. The method includes downloading the layers.

Abstract: A computer-implemented method includes identifying a plurality of protected pieces from a conversation. The computer-implemented method further includes generating one or more confidence scores for each protected piece, wherein a confidence score is a degree of associativity between a protected piece and a type of sensitive information. The computer-implemented method further includes determining that the protected piece is associated with the type of sensitive information. The computer-implemented method further includes determining a type of protection action for each protected piece in the plurality of protected pieces. The computer-implemented method further includes performing the type of protection action for each protected piece in the plurality of protected pieces to form a modified conversation that is devoid of the sensitive information. A corresponding computer system and computer program product are also disclosed.

Abstract: One embodiment provides a quality of service (QoS) monitoring framework for dynamically binding one or more customer applications to one or more microservices in a dynamic service environment, collecting compliance data and contextual data from the dynamic service environment and one or more hosting environments, and modifying a monitoring infrastructure for the one or more customer applications based on the compliance data and the contextual data.

Abstract: Systems and techniques that facilitate universal and efficient privacy-preserving vertical federated learning are provided. In various embodiments, a key distribution component can distribute respective feature-dimension public keys and respective sample-dimension public keys to respective participants in a vertical federated learning framework governed by a coordinator, wherein the respective participants can send to the coordinator respective local model updates encrypted by the respective feature-dimension public keys and respective local datasets encrypted by the respective sample-dimension public keys. In various embodiments, an inference prevention component can verify a participant-related weight vector generated by the coordinator, based on which the key distribution component can distribute to the coordinator a functional feature-dimension secret key that can aggregate the encrypted respective local model updates into a sample-related weight vector.

Abstract: Techniques for federated learning are provided. A plurality of public encryption keys are distributed to a plurality of participants in a federated learning system, and a first plurality of responses is received from the plurality of participants, where each respective response of the first plurality of responses was generated based on training data local to a respective participant of the plurality of participants and is encrypted using a respective public encryption key of the plurality of public encryption keys. A first aggregation vector is generated based on the first plurality of responses, and a first private encryption key is retrieved using the first aggregation vector. An aggregated model is then generated based on the first private encryption key and the first plurality of responses.

Abstract: One embodiment provides a method for monitoring context-dependent quality of service in a shared computing environment that includes detecting, by a processor, a change in context. Context includes user context and external context, and user context comprises physical activity, mood, engagement levels and type of events. Prior assigned service classes are updated to updated service classes based on the change in context. Service level agreement (SLA) statistics for each assigned service class are aggregated and collected. Each assigned service class includes at least one SLA based on aggregate services received by individual users in that assigned service class, and aggregating SLA statistics is based on a statistical function.

Abstract: Provided are a computer program product, system, and method for generation of tasks and retraining machine learning modules to generate tasks based on feedback for the generated tasks. A machine learning module processes an input text message sent in the communication channel to output task information including an intended action and a set of associated users. A task message is generated including the output task information of a task to perform. The task message is sent to a user interface panel in a user computer. Feedback is received from the user computer on the output task information in the task message. The machine learning module is retrained to output task information from the input text message based on the feedback to reinforce likelihood correct task information is outputted and reinforce lower likelihood incorrect task information is outputted.

Abstract: Embodiments relate to a system, program product, and method for processing an untrusted data set to automatically determine which data points there are poisonous. A neural network is trained network using potentially poisoned training data. Each of the training data points is classified using the network to retain the activations of at least one hidden layer, and segment those activations by the label of corresponding training data. Clustering is applied to the retained activations of each segment, and a clustering assessment is conducted to remove an identified cluster from the data set, form a new training set, and train a second neural model with the new training set. The removed cluster and corresponding data are applied to the trained second neural model to analyze and classify data in the removed cluster as either legitimate or poisonous.

Abstract: Embodiments relate to a system, program product, and method for automatically determining which activation data points in a neural model have been poisoned to erroneously indicate association with a particular label or labels. A neural network is trained using potentially poisoned training data. Each of the training data points is classified using the network to retain the activations of the last hidden layer, and segment those activations by the label of corresponding training data. Clustering is applied to the retained activations of each segment, and a cluster assessment is conducted for each cluster associated with each label to distinguish clusters with potentially poisoned activations from clusters populated with legitimate activations. The assessment includes executing a set of analyses and integrating the results of the analyses into a determination as to whether a training data set is poisonous based on determining if resultant activation clusters are poisoned.

Abstract: Embodiments relate to a system, program product, and method for automatically determining which activation data points in a neural model have been poisoned to erroneously indicate association with a particular label or labels. A neural network is trained network using potentially poisoned training data. Each of the training data points is classified using the network to retain the activations of the last hidden layer, and segment those activations by the label of corresponding training data. Clustering is applied to the retained activations of each segment, and a cluster assessment is conducted for each cluster associated with each label to distinguish clusters with potentially poisoned activations from clusters populated with legitimate activations. The assessment includes analyzing, for each cluster, a distance of a median of the activations therein to medians of the activations in the labels.

Abstract: A method, computer system, and computer program product are provided. A set of classifiers are applied to metric definitions of an electronic contract between computing devices of a service provider and a service consumer. Each classifier includes a selector pattern and a set of variable declarations. Performance data of the service provider computing device are filtered according to the selector pattern of the each classifier. One or more algebraic expressions of the metric definitions are evaluated in accordance with the each classifier and the filtered performance data to determine compliance of the service provider computing device with the electronic contract. Evaluation results indicating whether the service provider computing device is in compliance with the electronic contract are captured and reported.

Abstract: Embodiments relate to an intelligent computer platform to build a federated learning framework including creating a hierarchy of machine learning models (MLMs). The hierarchy of MLMs has a primary MLM in a primary layer. Training the primary MLM includes capturing contributing model updates across at least one communication channel. A secondary MLM is created and logically positioned in a secondary layer of the hierarchy. The secondary MLM is operatively coupled to the primary MLM across the at least one communication channel. The created secondary MLM is initialized, including cloning weights and framework of the primary MLM into the secondary MLM, and populated with secondary data. The populated data has model updates local to the created secondary MLM. The secondary MLM is logically stored local to the secondary layer, and limits access to the secondary MLM to the secondary layer.

Abstract: Embodiments relate to systematic explanation of neural model behavior and effective deduction of its vulnerabilities. Input data is received for the neural model and applied to the model to generate output data. Accuracy of the output data is evaluated with respect to the neural model, and one or more neural model vulnerabilities are identified that correspond to the output data accuracy. An explanation of the output data and the identified one or more vulnerabilities is generated, wherein the explanation serves as an indicator of alignment of the input data with the output data.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate detection of an adversarial backdoor attack on a trained model at inference time are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a log component that records predictions and corresponding activation values generated by a trained model based on inference requests. The computer executable components can further comprise an analysis component that employs a model at an inference time to detect a backdoor trigger request based on the predictions and the corresponding activation values. In some embodiments, the log component records the predictions and the corresponding activation values from one or more layers of the trained model.

Abstract: A computer-implemented method of communicating in a federated learning environment includes an aggregator and a plurality of federated learning participants that respectively maintain their own data and communicate with the aggregator. The aggregator monitors the plurality of federated learning participants for factors associated with stragglers. The federated learning participants are assigned into tiers based on the monitoring of the factors. The aggregator queries the federated learning participants in a selected tier and designates late responders as stragglers. Maximum waiting time may be defined for each tier. The aggregator applies a predicted response for drop outs including collected participants' replies and computed predictions associated with the stragglers to update a training of a federated learning model. The federated learning participants that do not respond within the designated wait time are designated as drop outs.