adversarial-2

Inference Attack

3260 papers • 126 benchmarks • 313 datasets

This task has no description! Would you like to contribute one?

(Image credit: Papersgraph)

Benchmarks

These leaderboards are used to track progress in inference-attack-2

Trend

Dataset

Best Model

Actions

No benchmarks available.

Libraries

i

Use these libraries to find inference-attack-2 models and implementations

privacytrustlab/ml_privacy_meter

2 papers 538

Datasets

MinneApple

Synthetic Keystroke

Subtasks

No subtasks available.

Most implemented papers

Membership Inference Attacks Against Machine Learning Models

R. Shokri, Vitaly Shmatikov, M. Stronati, Congzheng Song•Mon Oct 17 2016

This work quantitatively investigates how machine learning models leak information about the individual data records on which they were trained and empirically evaluates the inference techniques on classification models trained by commercial "machine learning as a service" providers such as Google and Amazon.

4866

Content

Koukyosyumei/AIJack

2 papers 311

bargavj/EvaluatingDPML

2 papers 126

0

Paper Graph

ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models

A. Salem, M. Backes, Yang Zhang, Mario Fritz, Mathias Humbert•Sun Jun 03 2018

This most comprehensive study so far on this emerging and developing threat using eight diverse datasets which show the viability of the proposed attacks across domains and proposes the first effective defense mechanisms against such broader class of membership inference attacks that maintain a high level of utility of the ML model.

1085 0

Paper Graph

Synthesis of Realistic ECG using Generative Adversarial Networks

T. Ward, Anne Marie Delaney, Eoin Brophy•Wed Sep 18 2019

For the first time, it is both quantitatively and qualitatively demonstrate that GAN architecture can successfully generate time series signals that are not only structurally similar to the training sets but also diverse in nature across generated samples.

97 0

Paper Graph

MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples

M. Backes, Yang Zhang, N. Gong, Jinyuan Jia, Ahmed Salem•Sun Sep 22 2019

This work proposes MemGuard, the first defense with formal utility-loss guarantees against black-box membership inference attacks and is the first one to show that adversarial examples can be used as defensive mechanisms to defend against membership inference attack.

445 0

Paper Graph

Disparate Vulnerability to Membership Inference Attacks

Bogdan Kulynych, Mohammad Yaghini, Giovanni Cherubin, Michael Veale, C. Troncoso•Sat Jun 01 2019

This paper establishes necessary and sufficient conditions for MIAs to be prevented, both on average and for population subgroups, and derives connections of disparate vulnerability to algorithmic fairness and to differential privacy, and establishes which attacks are suitable for estimating disparate vulnerability.

50 0

Paper Graph

Quantifying identifiability to choose and audit epsilon in differentially private deep learning

F. Kerschbaum, Daniel Bernau, Günther Eibl, Philip-William Grassal, Hannah Keller•Wed Mar 03 2021

An identifiability bound is derived, which relates the adversary assumed in differential privacy to previous work on membership inference adversaries, and it is shown that it can be tight in practice.

7 0

Paper Graph

Membership Inference Attacks on Machine Learning: A Survey

Hongsheng Hu, Z. Salcic, Lichao Sun, G. Dobbie, P. Yu, Xuyun Zhang•Sat Mar 13 2021

This article provides the taxonomies for both attacks and defenses, based on their characterizations, and discusses their pros and cons, and point out several promising future research directions to inspire the researchers who wish to follow this area.

556 0

Paper Graph

See through Gradients: Image Batch Recovery via GradInversion

Pavlo Molchanov, Jan Kautz, Hongxu Yin, J. Álvarez, Arash Vahdat, Arun Mallya•Wed Apr 14 2021

It is shown that gradients encode a surprisingly large amount of information, such that all the individual images can be recovered with high fidelity via GradInversion, even for complex datasets, deep networks, and large batch sizes.

569 0

Paper Graph

Formalizing and Estimating Distribution Inference Risks

Anshuman Suri, David Evans•Sun Sep 12 2021

This work proposes a formal definition of distribution inference attacks general enough to describe a broad class of attacks distinguishing between possible training distributions, and introduces a metric that quantifies observed leakage by relating it to the leakage that would occur if samples from the training distribution were provided directly to the adversary.

60 0

Paper Graph

Membership Inference Attacks From First Principles

Florian Tramèr, Milad Nasr, Nicholas Carlini, Shuang Song, Steve Chien, A. Terzis•Mon Dec 06 2021

A Likelihood Ratio Attack is developed that is $10\times more powerful at low false-positive rates, and also strictly dominates prior attacks on existing metrics.

950 0

Paper Graph

Adding a benchmark result helps the community track progress.