Privacy is one of the central challenges in modern machine learning, especially when these systems are deployed in sensitive domains such as healthcare, finance, or national security. With the increasing complexity of models and training pipelines, new and unexpected ways of leaking information about individuals continue to emerge. These privacy risks are not only a theoretical concern: they can directly undermine trust in deployed systems and raise serious compliance issues under strict regulations such as GDPR.

The research questions in this area range from testing whether a model exposes traces of the data it was trained or evaluated on, to developing entirely new auditing techniques that simulate real-world privacy attacks. Students will gain a deeper understanding of both existing attack methodologies and defence mechanisms, and they will learn to design and evaluate new techniques in this rapidly evolving field.

For more detailed topics, please visit https://www.crysys.hu/~pejo and https://crysys.hu/member/pejo#projects.