DeepAI AI Chat
Log In Sign Up

Canary in a Coalmine: Better Membership Inference with Ensembled Adversarial Queries

by   Yuxin Wen, et al.
University of Maryland

As industrial applications are increasingly automated by machine learning models, enforcing personal data ownership and intellectual property rights requires tracing training data back to their rightful owners. Membership inference algorithms approach this problem by using statistical techniques to discern whether a target sample was included in a model's training set. However, existing methods only utilize the unaltered target sample or simple augmentations of the target to compute statistics. Such a sparse sampling of the model's behavior carries little information, leading to poor inference capabilities. In this work, we use adversarial tools to directly optimize for queries that are discriminative and diverse. Our improvements achieve significantly more accurate membership inference than existing methods, especially in offline scenarios and in the low false-positive regime which is critical in legal settings. Code is available at


page 1

page 2

page 3

page 4


Membership Inference with Privately Augmented Data Endorses the Benign while Suppresses the Adversary

Membership inference (MI) in machine learning decides whether a given ex...

On the Importance of Difficulty Calibration in Membership Inference Attacks

The vulnerability of machine learning models to membership inference att...

Label-Leaks: Membership Inference Attack with Label

Machine learning (ML) has made tremendous progress during the past decad...

On the Discredibility of Membership Inference Attacks

With the wide-spread application of machine learning models, it has beco...

Evaluating Membership Inference Through Adversarial Robustness

The usage of deep learning is being escalated in many applications. Due ...

How to Combine Membership-Inference Attacks on Multiple Updated Models

A large body of research has shown that machine learning models are vuln...

Secure Data Sharing With Flow Model

In the classical multi-party computation setting, multiple parties joint...