Elvin Y. Tseng

Elvin Y. Tseng

1st year PhD at UMich STATS

Research Projects

Security in Machine Learning

Data/Information security and privacy are increasingly important as ML methods become more powerful. Federated Learning (FL) serves as a method for

  1. protecting data security and privacy by keeping data localized
  2. parallelizing large-scale models through a divide-and-conquer approach

For FL algorithm efficiency, the Alternating Direction Method of Multipliers (ADMM) is a commonly used distributed/consensus optimization method for collaborative model training. Despite the data availability, FL also faces the following issues:

  • Data distribution across clients: if data is distributed non-identically across nodes, it could negatively impact model convergence
  • Privacy in model transmission: membership inference attacks, model inversion attacks
  • Robustness in training: data poisoning attacks, Byzantine attacks, backdoor attacks

We work on FL schemes specifically to address these malicious attacks and to enhance efficiency and robustness of the training process.

Control Charts for Limited Phase I Data

In Statistical Process Control (SPC), the process is typically divided into two phases: Phase I and Phase II.

  • During Phase I, data are collected to study the in-control (IC) distribution.
  • In Phase II monitoring, the quality characteristics are sampled sequentially with the goal of detecting any deviation relative to the (estimated) IC process.

However, since the IC process is estimated from Phase I data, a sufficiently large amount of Phase I data is required for the monitoring scheme to attain its nominal power, which can be impractical in certain scenarios. Conventional approach with limited Phase I data includes the self-starting control chart. My research proposed two change-point detection EWMA control charts on Weibull data. The proposed methods can:

  • monitor the process without knowing the in-control scale parameter with only a few Phase I in-control data
  • estimate the unknown change-point and the in-control and out-of-control parameters at the same time when the proposed charts trigger a signal
  • extend to Type II censored data to accommodate the censoring mechanism in lifetime experiments