Generative Model: Membership Attack,Generalization and Diversity
share
This paper considers membership attacks to deep generative models, which is to check whether a given instance x was used in the training data or not. Membership attack is an important topic closely related to the privacy issue of training data and most prior work were on supervised learning. In this paper we propose new methods to launch membership attacks against Variational Autoencoders (VAEs) and Generative Adversarial Networks (GANs). The main idea is to train another neural network (called the attacker network) to search for the seed to reproduce the target data x. The difference of the generated data and x is used to conclude whether x is in the training data or not. We examine extensively the similarity/correlation and differences of membership attack with model generalization, overfitting, and diversity of the model. On different data sets we show our membership attacks are more effective than alternative methods.
READ FULL TEXT
