40 papers with code • 0 benchmarks • 2 datasets
These leaderboards are used to track progress in Inference Attack
We quantitatively investigate how machine learning models leak information about the individual data records on which they were trained.
ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models
In addition, we propose the first effective defense mechanisms against such broader class of membership inference attacks that maintain a high level of utility of the ML model.
Finally, we discuss the privacy concerns associated with sharing synthetic data produced by GANs and test their ability to withstand a simple membership inference attack.
Specifically, given a black-box access to the target classifier, the attacker trains a binary classifier, which takes a data sample's confidence score vector predicted by the target classifier as an input and predicts the data sample to be a member or non-member of the target classifier's training dataset.
Distribution inference, sometimes called property inference, infers statistical properties about a training set from access to a model trained on that data.
Membership Inference Attack (MIA) determines the presence of a record in a machine learning model's training data by querying the model.
In this paper, we focus on such attacks against black-box models, where the adversary can only observe the output of the model, but not its parameters.
To perform the membership inference attacks, we leverage the existing inference methods that exploit model predictions.
In addition, we propose the first generic attack model that can be instantiated in a large range of settings and is applicable to various kinds of deep generative models.