Focus on... Raouf Kerkouche and Privacy-Preserving Processing of Medical Data

on the January 9, 2020

Raouf Kerkouche is a PhD student at Inria Grenoble center in the Privatics team. He works on “Privacy-Preserving Processing of Medical Data”. His thesis is funded by the Grenoble Alpes Data Institute in the framework of the WP5 “Data Governance, Data Protection and Privacy”.
Recent research results have shown that the emergence of Artificial Intelligence combined with the availability of ever-growing medical or health datasets can be used to improve medical diagnosis and knowledge. These systems can be used, for example, to detect diseases or to predict how patients will react to some treatments. The models are build using statistical machine learning algorithms: huge datasets are used to train an algorithm that generates a prediction model. In the standard approaches, training data are typically aggregated and centralized on one server. For example, several hospitals can decide to share the medical datasets of their patients to build a specific prediction model. However, these centralized systems pose considerable privacy threats, for example if the medical dataset leaks or is shared with a third party, such as an insurance company. Medical data are personal and sensitive data that need to be processed with a lot of attention.

Unlike the standard machine learning approaches, federated machine learning is not centralized and does not require to share datasets. Instead of sharing datasets, federated machine learning shares the local models. More specifically, each entity trains the model locally with its own datasets over several rounds. The different local models are then aggregated by a server and send back to participating entities, until the final model converges. However, although federated machine learning limits the risk of data leakage it is still vulnerable to various security and privacy attacks. For example, a participant can disrupt or introduce backdoors into the final model. It can also, sometimes, infer some of the training data of other participated.

Raouf Kerkouche’s thesis is supervised by Claude Castelluccia (Inria) and Pierre Genevès (LIG and Inria). His phd work consists of studying these security and privacy issues in the context of medical datasets, and of developing robust solutions.

Published on January 9, 2020