{"id":"https://openalex.org/W4310921967","doi":"https://doi.org/10.48550/arxiv.2212.03334","title":"Pre-trained Encoders in Self-Supervised Learning Improve Secure and Privacy-preserving Supervised Learning","display_name":"Pre-trained Encoders in Self-Supervised Learning Improve Secure and Privacy-preserving Supervised Learning","publication_year":2022,"publication_date":"2022-12-06","ids":{"openalex":"https://openalex.org/W4310921967","doi":"https://doi.org/10.48550/arxiv.2212.03334"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2212.03334","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2212.03334","pdf_url":"https://arxiv.org/pdf/2212.03334","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2212.03334","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100408245","display_name":"Hongbin Liu","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Liu, Hongbin","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109420698","display_name":"Wenjie Qu","orcid":"https://orcid.org/0009-0006-2907-008X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Qu, Wenjie","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101997385","display_name":"Jinyuan Jia","orcid":"https://orcid.org/0000-0003-4452-1396"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jia, Jinyuan","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5009102659","display_name":"Neil Zhenqiang Gong","orcid":"https://orcid.org/0000-0002-9900-9309"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Gong, Neil Zhenqiang","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100408245"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9715999960899353,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8144270181655884},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.763738751411438},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.7107245922088623},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6684012413024902},{"id":"https://openalex.org/keywords/supervised-learning","display_name":"Supervised learning","score":0.5224353671073914},{"id":"https://openalex.org/keywords/semi-supervised-learning","display_name":"Semi-supervised learning","score":0.45359912514686584},{"id":"https://openalex.org/keywords/encoder","display_name":"Encoder","score":0.4398535490036011},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.43627747893333435},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.4124874174594879},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.34210261702537537},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3323233127593994},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.12914958596229553}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8144270181655884},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.763738751411438},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.7107245922088623},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6684012413024902},{"id":"https://openalex.org/C136389625","wikidata":"https://www.wikidata.org/wiki/Q334384","display_name":"Supervised learning","level":3,"score":0.5224353671073914},{"id":"https://openalex.org/C58973888","wikidata":"https://www.wikidata.org/wiki/Q1041418","display_name":"Semi-supervised learning","level":2,"score":0.45359912514686584},{"id":"https://openalex.org/C118505674","wikidata":"https://www.wikidata.org/wiki/Q42586063","display_name":"Encoder","level":2,"score":0.4398535490036011},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.43627747893333435},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.4124874174594879},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.34210261702537537},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3323233127593994},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.12914958596229553},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2212.03334","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2212.03334","pdf_url":"https://arxiv.org/pdf/2212.03334","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},{"id":"doi:10.48550/arxiv.2212.03334","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2212.03334","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2212.03334","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2212.03334","pdf_url":"https://arxiv.org/pdf/2212.03334","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7400000095367432}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4310921967.pdf","grobid_xml":"https://content.openalex.org/works/W4310921967.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W4385573555","https://openalex.org/W4281570223","https://openalex.org/W1586607209","https://openalex.org/W122912556","https://openalex.org/W4312414840","https://openalex.org/W2621411691","https://openalex.org/W2271357838","https://openalex.org/W2556866732","https://openalex.org/W2328989934","https://openalex.org/W2348322200"],"abstract_inverted_index":{"Classifiers":[0],"in":[1],"supervised":[2,48,97,141],"learning":[3,49,78,98,142,173],"have":[4,54],"various":[5,65],"security":[6,22,73,162,181],"and":[7,17,30,46,128,160,167,177,202],"privacy":[8,42],"issues,":[9],"e.g.,":[10],"1)":[11,154],"data":[12,39,165],"poisoning":[13,166],"attacks,":[14,16,195],"backdoor":[15,168],"adversarial":[18,187],"examples":[19,188],"on":[20,40],"the":[21,31,37,41,119,135],"side":[23],"as":[24,26,68,93],"well":[25],"2)":[27,179],"inference":[28],"attacks":[29,159,169],"right":[32],"to":[33,57,83,125],"be":[34],"forgotten":[35],"for":[36],"training":[38,112],"side.":[43],"Various":[44],"secure":[45,138,172],"privacy-preserving":[47,140],"algorithms":[50,174],"with":[51],"formal":[52],"guarantees":[53,163,182],"been":[55],"proposed":[56],"address":[58,134],"these":[59],"issues.":[60],"However,":[61],"they":[62],"suffer":[63],"from":[64],"limitations":[66,136],"such":[67],"accuracy":[69,156,192,197,204],"loss,":[70],"small":[71,108],"certified":[72,161,180],"guarantees,":[74],"and/or":[75,205],"inefficiency.":[76],"Self-supervised":[77],"is":[79],"an":[80],"emerging":[81],"technique":[82],"pre-train":[84],"encoders":[85],"using":[86,106],"unlabeled":[87],"data.":[88,113],"Given":[89],"a":[90,94,101,107,130,149],"pre-trained":[91,131,150],"encoder":[92,132,151],"feature":[95],"extractor,":[96],"can":[99,133],"train":[100],"simple":[102],"yet":[103],"accurate":[104],"classifier":[105],"amount":[109],"of":[110,137,170,183,198,207],"labeled":[111],"In":[114],"this":[115],"work,":[116],"we":[117],"perform":[118],"first":[120],"systematic,":[121],"principled":[122],"measurement":[123],"study":[124],"understand":[126],"whether":[127],"when":[129],"or":[139],"algorithms.":[143],"Our":[144],"key":[145],"findings":[146],"are":[147],"that":[148],"substantially":[152],"improves":[153],"both":[155],"under":[157,193],"no":[158,194],"against":[164,186],"state-of-the-art":[171],"(i.e.,":[175],"bagging":[176],"KNN),":[178],"randomized":[184],"smoothing":[185],"without":[189],"sacrificing":[190],"its":[191],"3)":[196],"differentially":[199],"private":[200],"classifiers,":[201],"4)":[203],"efficiency":[206],"exact":[208],"machine":[209],"unlearning.":[210]},"counts_by_year":[],"updated_date":"2026-03-10T16:38:18.471706","created_date":"2025-10-10T00:00:00"}