Enhanced Membership Inference Attacks against Machine Learning Models

11/18/2021
by   Jiayuan Ye, et al.
9

How much does a given trained model leak about each individual data record in its training set? Membership inference attacks are used as an auditing tool to quantify the private information that a model leaks about the individual data points in its training set. Membership inference attacks are influenced by different uncertainties that an attacker has to resolve about training data, the training algorithm, and the underlying data distribution. Thus attack success rates, of many attacks in the literature, do not precisely capture the information leakage of models about their data, as they also reflect other uncertainties that the attack algorithm has. In this paper, we explain the implicit assumptions and also the simplifications made in prior work using the framework of hypothesis testing. We also derive new attack algorithms from the framework that can achieve a high AUC score while also highlighting the different factors that affect their performance. Our algorithms capture a very precise approximation of privacy loss in models, and can be used as a tool to perform an accurate and informed estimation of privacy risk in machine learning models. We provide a thorough empirical evaluation of our attack strategies on various machine learning tasks and benchmark datasets.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/16/2018

Machine Learning with Membership Privacy using Adversarial Regularization

Machine learning models leak information about the datasets on which the...
research
09/05/2017

The Unintended Consequences of Overfitting: Training Data Inference Attacks

Machine learning algorithms that are applied to sensitive data pose a di...
research
08/07/2021

Membership Inference Attacks on Lottery Ticket Networks

The vulnerability of the Lottery Ticket Hypothesis has not been studied ...
research
12/04/2021

SHAPr: An Efficient and Versatile Membership Privacy Risk Metric for Machine Learning

Data used to train machine learning (ML) models can be sensitive. Member...
research
09/18/2022

Membership Inference Attacks and Generalization: A Causal Perspective

Membership inference (MI) attacks highlight a privacy weakness in presen...
research
09/27/2019

Membership Encoding for Deep Learning

Machine learning as a service (MLaaS), and algorithm marketplaces are on...
research
01/28/2021

An Analysis Of Protected Health Information Leakage In Deep-Learning Based De-Identification Algorithms

The increasing complexity of algorithms for analyzing medical data, incl...

Please sign up or login with your details

Forgot password? Click here to reset