How to DP-fy ML: A Practical Guide to Machine Learning with Differential Privacy

Machine learning (ML) has become a core technology for many real-world applications. Modern ML models are applied to unprecedentedly complex and difficult challenges, including very large and subjective problems. For instance, applications towards multimedia understanding have been advanced substantially. Here, it is already prevalent that cultural/artistic objects such as music and videos are analyzed and served to users according to their preference, enabled through ML techniques. One of the most recent breakthroughs in ML is Deep Learning (DL), which has been immensely adopted to tackle such complex problems. DL allows for higher learning capacity, making end-to-end learning possible, which reduces the need for substantial engineering effort, while achieving high effectiveness. At the same time, this also makes DL models more complex than conventional ML models. Reports in several domains indicate that such more complex ML models may have potentially critical hidden problems: various biases embedded in the training data can emerge in the prediction, extremely sensitive models can make unaccountable mistakes. Furthermore, the black-box nature of the DL models hinders the interpretation of the mechanisms behind them. Such unexpected drawbacks result in a significant impact on the trustworthiness of the systems in which the ML models are equipped as the core apparatus. In this thesis, a series of studies investigates aspects of trustworthiness for complex ML applications, namely the reliability and explainability. Specifically, we focus on music as the primary domain of interest, considering its complexity and subjectivity. Due to this nature of music, ML models for music are necessarily complex for achieving meaningful effectiveness. As such, the reliability and explainability of music ML models are crucial in the field. The first main chapter of the thesis investigates the transferability of the neural network in the Music Information Retrieval (MIR) context. Transfer learning, where the pre-trained ML models are used as off-the-shelf modules for the task at hand, has become one of the major ML practices. It is helpful since a substantial amount of the information is already encoded in the pre-trained models, which allows the model to achieve high effectiveness even when the amount of the dataset for the current task is scarce. However, this may not always be true if the "source" task which pre-trained the model shares little commonality with the "target" task at hand. An experiment including multiple "source" tasks and "target" tasks was conducted to examine the conditions which have a positive effect on the transferability. The result of the experiment suggests that the number of source tasks is a major factor of transferability. Simultaneously, it is less evident that there is a single source task that is universally effective on multiple target tasks. Overall, we conclude that considering multiple pre-trained models or pre-training a model employing heterogeneous source tasks can increase the chance for successful transfer learning. The second major work investigates the robustness of the DL models in the transfer learning context. The hypothesis is that the DL models can be susceptible to imperceptible noise on the input. This may drastically shift the analysis of similarity among inputs, which is undesirable for tasks such as information retrieval. Several DL models pre-trained in MIR tasks are examined for a set of plausible perturbations in a real-world setup. Based on a proposed sensitivity measure, the experimental results indicate that all the DL models were substantially vulnerable to perturbations, compared to a traditional feature encoder. They also suggest that the experimental framework can be used to test the pre-trained DL models for measuring robustness. In the final main chapter, the explainability of black-box ML models is discussed. In particular, the chapter focuses on the evaluation of the explanation derived from model-agnostic explanation methods. With black-box ML models having become common practice, model-agnostic explanation methods have been developed to explain a prediction. However, the evaluation of such explanations is still an open problem. The work introduces an evaluation framework that measures the quality of the explanations employing fidelity and complexity. Fidelity refers to the explained mechanism's coherence to the black-box model, while complexity is the length of the explanation. Throughout the thesis, we gave special attention to the experimental design, such that robust conclusions can be reached. Furthermore, we focused on delivering machine learning framework and evaluation frameworks. This is crucial, as we intend that the experimental design and results will be reusable in general ML practice. As it implies, we also aim our findings to be applicable beyond the music applications such as computer vision or natural language processing. Trustworthiness in ML is not a domain-specific problem. Thus, it is vital for both researchers and practitioners from diverse problem spaces to increase awareness of complex ML systems' trustworthiness. We believe the research reported in this thesis provides meaningful stepping stones towards the trustworthiness of ML.

The integration of machine learning (ML) models with cloud computing has transformed the landscape of predictive analytics, offering scalable, efficient, and flexible solutions for organizations. Cloud platforms such as AWS, Google Cloud, and Microsoft Azure enable businesses to deploy and manage complex ML models without the need for extensive on-premise infrastructure. However, optimizing these ML models for performance and cost-efficiency in cloud environments presents unique challenges, including resource management, latency, scalability, and data security. This paper focuses on strategies to optimize machine learning models specifically for predictive analytics in cloud environments. It explores key techniques such as auto-scaling, model compression, and hyperparameter tuning, which are critical for improving the accuracy and speed of predictions while minimizing computational costs. The research also examines advanced tools such as containerization, serverless computing, and cloud-native services that further streamline the deployment and management of ML models. In the Indian context, where cloud adoption is growing rapidly, optimizing ML models is crucial for businesses across various sectors, including finance, healthcare, and e-commerce. By leveraging cloud-based ML solutions, Indian companies can enhance their predictive analytics capabilities, driving smarter decision-making and operational efficiency. This abstract presents an overview of how optimized machine learning models can unlock the full potential of predictive analytics in cloud environments, leading to better business outcomes. Through case studies and practical applications, this paper provides actionable insights into the best practices for optimizing ML models in a cloud-based setting.

Evaluating external generalizability of machine learning models for recycled aggregate concrete property prediction

Anti-discrimination law in many jurisdictions effectively bans the use of race and gender in automated decision-making. For example, this law means that insurance companies should not explicitly ask about legally protected attributes, e.g., race, in order to tailor their premiums to particular customers. In legal terms, indirect discrimination occurs when a generally neutral rule or variable is used, but significantly negatively affects one demographic group. An emerging example of this concern is inclusion of proxy variables in Machine Learning (ML) models, where neutral variables are predictive of protected attributes. For example, postcodes or zip codes are representative of communities, and therefore racial demographics and social-economic class; i.e., a traditional example of ‘redlining’ pre-dating modern automated techniques [1]. The law struggles with proxy variables in machine learning: indirect discrimination cases are difficult to bring to court, particularly because finding substantial evidence that shows the indirect discrimination to be unlawful is difficult [2]. With more complex machine-learning models being developed for automated decision making, e.g., random forests or state-of-the-art deep neural networks, more data points on customers are accumulated [1], from a wide variety of sources. With such rich data, ML models can produce multiple interconnected correlations - such as that found in single neurons in a neural network, or single decision trees in a random forest - which are predictive of protected attributes, akin to traditional uses of discrete proxy variables. In this poster, we introduce the concept of "emerging proxies", that are a combination of several variables, from which the ML model could infer the protected attribute(s) of the individuals in the dataset. This concept differs from the traditional concept of proxies because rather than addressing a single proxy variable, a distribution of interconnected proxies would have to be addressed. Our contribution is to provide evidence for the capacity of complex ML models to identify protected attributes through the correlation of other variables. This correlation is not made explicitly through a discrete one to one relationship between variables, but through a many-to-one relationship. This contribution complements concerns raised in legal analyses of automated decision-making about proxies in ML models leading to indirect discrimination [3]. Our contribution shows that if an ML model contains “emerging proxies” for a protected attribute, the distribution of proxies will be a roadblock when attempting to de-bias the model, limiting the pathways available for addressing potential discrimination caused by the ML model.

The uses of machine learning (ML) have snowballed in recent years. In many cases, ML models are highly complex, and their operation is beyond the understanding of human decision-makers. Nevertheless, some uses of ML models involve high-stakes and safety-critical applications. Explainable artificial intelligence (XAI) aims to help human decision-makers in understanding the operation of such complex ML models, thus eliciting trust in their operation. Unfortunately, the majority of past XAI work is based on informal approaches, that offer no guarantees of rigor. Unsurprisingly, there exists comprehensive experimental and theoretical evidence confirming that informal methods of XAI can provide human-decision makers with erroneous information. Logic-based XAI represents a rigorous approach to explainability; it is model-based and offers the strongest guarantees of rigor of computed explanations. However, a well-known drawback of logic-based XAI is the complexity of logic reasoning, especially for highly complex ML models. Recent work proposed distance-restricted explanations, i.e. explanations that are rigorous provided the distance to a given input is small enough. Distance-restricted explainability is tightly related with adversarial robustness, and it has been shown to scale for moderately complex ML models, but the number of inputs still represents a key limiting factor. This paper investigates novel algorithms for scaling up the performance of logic-based explainers when computing and enumerating ML model explanations with a large number of inputs.

As the complexity of machine learning (ML) models increases and their application in different (and critical) domains grows, there is a strong demand for more interpretable and trustworthy ML. A direct, model‐agnostic, way to interpret such models is to train surrogate models—such as rule sets and decision trees—that sufficiently approximate the original ones while being simpler and easier‐to‐explain. Yet, rule sets can become very lengthy, with many if–else statements, and decision tree depth grows rapidly when accurately emulating complex ML models. In such cases, both approaches can fail to meet their core goal—providing users with model interpretability. To tackle this, we propose DeforestVis, a visual analytics tool that offers summarization of the behaviour of complex ML models by providing surrogate decision stumps (one‐level decision trees) generated with the Adaptive Boosting (AdaBoost) technique. DeforestVis helps users to explore the complexity versus fidelity trade‐off by incrementally generating more stumps, creating attribute‐based explanations with weighted stumps to justify decision making, and analysing the impact of rule overriding on training instance allocation between one or more stumps. An independent test set allows users to monitor the effectiveness of manual rule changes and form hypotheses based on case‐by‐case analyses. We show the applicability and usefulness of DeforestVis with two use cases and expert interviews with data analysts and model developers.

To evaluate the performance of machine learning (ML) models and to compare it with logistic regression (LR) technique in predicting cognitive impairment related to post intensive care syndrome (PICS-CI). We conducted a prospective observational study of ICU patients at two tertiary hospitals. A cohort of 2079 patients was screened, and finally 481 patients were included. Seven different ML models were considered, decision tree (DT), random forest (RF), XGBoost, neural network (NN), naïve bayes (NB), and support vector machine (SVM), and compared with logistic regression (LR). Discriminative ability was evaluated by area under the receiver operating characteristic curve (AUC), calibration belt plots, and Hosmer–Lemeshow test was used to assess calibration. Decision curve analysis was performed to quantify clinical utility. Duration of delirium, poor Richards–Campbell sleep questionnaire (RCSQ) score, advanced age, and sepsis were the most frequent and important candidates risk factors for PICS-CI. All ML models showed good performance (AUC range: 0.822–0.906). NN model had the highest AUC (0.906 [95% CI 0.857–0.955]), which was slightly higher than, but not significantly different from that of LR (0.898 [95% CI 0.847–0.949]) (P > 0.05, Delong test). Given the overfitting and complexity of some ML models, the LR model was then used to develop a web-based risk calculator to aid decision-making (https://model871010.shinyapps.io/dynnomapp/). In a low dimensional data, LR may yield as good performance as other complex ML models to predict cognitive impairment after ICU hospitalization.

FCC vs. BCC phase selection in high-entropy alloys via simplified and interpretable reduction of machine learning models

Sub-seasonal forecasting (SSF) is the prediction of key climate variables such as temperature and precipitation on the 2-week to 2-month time horizon. Skillful SSF would have substantial societal value in areas such as agricultural productivity, hydrology and water resource management, and emergency planning for extreme events such as droughts and wildfires. Despite its societal importance, SSF has stayed a challenging problem compared to both short-term weather forecasting and long-term seasonal forecasting. Recent studies have shown the potential of machine learning (ML) models to advance SSF. In this paper, for the first time, we perform a fine-grained comparison of a suite of modern ML models with start-of-the-art physics-based dynamical models from the Subseasonal Experiment (SubX) project for SSF in the western contiguous United States. Additionally, we explore mechanisms to enhance the ML models by using forecasts from dynamical models. Empirical results illustrate that, on average, ML models outperform dynamical models while the ML models tend to generate forecasts with conservative magnitude compared to the SubX models. Further, we illustrate that ML models make forecasting errors under extreme weather conditions, e.g., cold waves due to the polar vortex, highlighting the need for separate models for extreme events. Finally, we show that suitably incorporating dynamical model forecasts as inputs to ML models can substantially improve the forecasting performance of the ML models. The SSF dataset constructed for the work and code for the ML models are released along with the paper for the benefit of the artificial intelligence community.

Determining the orbital paths of space objects is a critical task in astronomy. In particular, knowledge of satellite trajectories is essential to avoid costly and hazardous collisions between satellites in space. However, due to the amount and complexity of variables affecting a satellite’s orbit, it is no small feat to accurately predict its position. Moreover, it was only recently that novel alternatives to physics-based models have been proposed, namely machine learning (ML) models that can learn from historical data and make improvements to orbit prediction accuracy. Motivated by the hope that ML models can capture the underlying pattern of satellite orbital trajectories, the goal of this paper is to apply a supervised ML model called non-linear regression, to predict the position and velocity of a single satellite in orbit around the Earth. The study establishes a simple non-linear regression baseline for predicting satellite motion three days in advance, from which more complex ML models can be applied. Obtained forecasts were within acceptable error margins and the overall result shows promise in applying ML to predict satellite motion.

We explore the potential of machine learning (ML) models applied in two financial risk management areas, i.e., credit risk management and financial risk hedging, through two practical use cases. This comparative study starts with the issue of explainability in complex ML models used in peer-to-peer lending for credit risk management. The first use case examines the limitations of using Kernel-SHAP with dependent features and evaluates different methods for estimating these dependencies using the Lending Club dataset. Our results suggest that accounting for feature dependence improves the understanding and robustness of prediction explanations. The second use case investigates a dynamic method for hedging foreign exchange risk in international equity portfolios, emphasizing the importance of accurate forecasts of currency returns. The analysis demonstrates that predictions yielded by ML models can significantly enhance the hedging of portfolios against currency risk. These findings highlight the transformative potential of advanced ML models in financial risk management, showcasing their capability to improve financial risk measurement and management. Further, our study outlines future research directions to advance this field.

Recently, the Internet of Things (IoT) has gained a lot of attention, since IoT devices are placed in various fields. Many of these devices are based on machine learning (ML) models, which render them intelligent and able to make decisions. IoT devices typically have limited resources, which restricts the execution of complex ML models such as deep learning (DL) on them. In addition, connecting IoT devices to the cloud to transfer raw data and perform processing causes delayed system responses, exposes private data and increases communication costs. Therefore, to tackle these issues, there is a new technology called Tiny Machine Learning (TinyML), that has paved the way to meet the challenges of IoT devices. This technology allows processing of the data locally on the device without the need to send it to the cloud. In addition, TinyML permits the inference of ML models, concerning DL models on the device as a Microcontroller that has limited resources. The aim of this paper is to provide an overview of the revolution of TinyML and a review of tinyML studies, wherein the main contribution is to provide an analysis of the type of ML models used in tinyML studies; it also presents the details of datasets and the types and characteristics of the devices with an aim to clarify the state of the art and envision development requirements.

Modern data-driven Artificial Intelligence (AI), powered by advanced Machine Learning (ML) models, is transforming financial technologies by enhancing financial inclusion, transparency and reducing transaction costs. However, the opaque nature of some complex ML models requires new statistical approaches to manage risks and ensure trustworthiness. In this paper, we present a novel method to evaluate the key principles of trustworthy AI - Sustainability (Robustness), Accuracy, Fairness, and Explainability (SAFE). While Babaei et al. [A Rank Graduation Box for SAFE AI. Expert Syst Appl. 259;2025:125239, 2025] introduced the Rank Graduation Box as a streamlined approach for assessing the principles of trustworthy AI, we extend this work by employing the Wasserstein distance. Our method offers a more nuanced and geometrically oriented comparison of ML models, particularly in contexts where shifts in economic or environmental conditions alter the prediction distributions. We apply this method to compare popular ML models, including Support Vector Machines, Ensemble Trees, K-Nearest Neighbours Linear and Logistic Regression. The proposal is validated using both simulated data and real-world data in the context of financial risk assessment. Our findings demonstrate that the Wasserstein distance offers nuanced and interpretable insights into model behaviour across the SAFE dimensions, making it a valuable tool for model selection and regulatory compliance in AI applications.

Cyber-Physical Systems (CPSs) play a critical role in our modern infrastructure due to their capability to connect computing resources with physical systems. As such, topics such as reliability, performance, and security of CPSs continue to receive increased attention from the research community. CPSs produce massive amounts of data, creating opportunities to use predictive Machine Learning (ML) models for performance monitoring and optimization, preventive maintenance, and threat detection. However, the “black-box” nature of complex ML models is a drawback when used in safety-critical systems such as CPSs. While explainable ML has been an active research area in recent years, much of the work has been focused on supervised learning. As CPSs rapidly produce massive amounts of unlabeled data, relying on supervised learning alone is not sufficient for data-driven decision making in CPSs. Therefore, if we are to maximize the use of ML in CPSs, it is necessary to have explainable unsupervised ML models. In this paper, we outline how unsupervised explainable ML could be used within CPSs. We review the existing work in unsupervised ML, present initial desiderata of explainable unsupervised ML for CPS, and present a Self-Organizing Maps based explainable clustering methodology which generates global and local explanations. We evaluate the fidelity of the generated explanations using feature perturbation techniques. The results show that the proposed method identifies the most important features responsible for the decision-making process of Self-organizing Maps. Further, we demonstrated that explainable Self-Organizing Maps are a strong candidate for explainable unsupervised machine learning by comparing its model capabilities and limitations with current explainable unsupervised methods.

Model-agnostic feature attribution techniques are used to explain the decisions of complex machine learning (ML) models including ensemble models, and deep neural networks (DNNs). However, since complex ML models perform best when trained on low-level features, the explanations generated by these algorithms are often not interpretable or usable by humans. Recently proposed model-agnostic methods that support the generation of human-interpretable explanations are impractical because they require a fully invertible transformation function that maps the model’s input features to human-interpretable features. While some practical human-interpretable explainability methods exist (e.g., concept-based methods), they typically require direct access to the model and are not fully model-agnostic. In this paper, we introduce Latent SHAP, a model-agnostic black-box feature attribution framework that provides human-interpretable explanations without necessitating a fully invertible transformation function. We validate the fidelity of Latent SHAP ’s explanations through quantitative faithfulness assessments on two controlled datasets—a self-generated artificial dataset and the dSprites dataset. Furthermore, we showcase the practical utility of Latent SHAP in various real-world scenarios across domains such as computer vision, natural language processing, and cybersecurity. Each domain involves complex models (ensembles, DNNs, and LLMs), where invertible transformation functions are not available.