Box Membership Inference Attack

Box membership inference attacks (MIAs) aim to determine if a specific data point was used to train a machine learning model, posing a significant privacy risk. Current research focuses on improving MIA effectiveness across various model architectures, including deep neural networks, large language models, and diffusion models, exploring both black-box (limited model access) and white-box (full model access) attack scenarios. These attacks leverage techniques like analyzing loss curvature, exploiting model memorization, and employing knowledge distillation to enhance inference accuracy, highlighting the urgent need for robust privacy-preserving machine learning techniques. The impact of these attacks extends to various applications, from image classification and natural language processing to medical diagnosis, underscoring the importance of developing effective defenses.

Papers

November 11, 2024

On Active Privacy Auditing in Supervised Fine-tuning for White-Box Language Models
Qian Sun, Hanpeng Wu, Xi Sheryl Zhang
Language Model Supervised Fine Tuning White Box Empirical Privacy Private Fine Tuning Box Membership Inference Attack

July 21, 2024

A General Framework for Data-Use Auditing of ML Models
Zonghao Huang, Neil Zhenqiang Gong, Michael K. Reiter
Machine Learning Model General Framework Machine Learning Task Machine Learning Practitioner Box Membership Inference Attack Data Auditing

July 3, 2024

Curvature Clues: Decoding Deep Learning Privacy with Input Loss Curvature
Deepak Ravikumar, Efstathia Soufleri, Kaushik Roy
Membership Inference Attack Gaussian Curvature Box Membership Inference Attack Learning Privacy Loss Curvature

July 1, 2024

Unveiling the Unseen: Exploring Whitebox Membership Inference through the Lens of Explainability
Chenxi Li, Abhinav Kumar, Zhen Guo, Jie Hou, Reza Tourani
High Explainability Membership Inference Attack Camera Lens Unseen Video Privacy Threat Box Membership Inference Attack Neural Information Explanation Guided

June 27, 2024

Generating Is Believing: Membership Inference Attacks against Retrieval-Augmented Generation
Yuying Li, Gaoyang Liu, Chen Wang, Yang Yang
Machine Learning Retrieval Augmented Generation Membership Inference Attack Attack Strategy Plain Sight Box Membership Inference Attack

May 25, 2024

Towards Black-Box Membership Inference Attack for Diffusion Models
Jingwei Li, Jing Dong, Tianxing He, Jingzhao Zhang
Diffusion Model Membership Inference Attack U Net Box Membership Inference Attack

May 13, 2024

GLiRA: Black-Box Membership Inference Attack via Knowledge Distillation
Andrey V. Galichin, Mikhail Pautov, Alexey Zhavoronkin, Oleg Y. Rogov, Ivan Oseledets
Knowledge Distillation Membership Inference Attack Distillation Framework Box Membership Inference Attack Likelihood Ratio Attack

January 2, 2024

Safety and Performance, Why Not Both? Bi-Objective Optimized Model Compression against Heterogeneous Attacks Toward AI Software Deployment
Jie Zhu, Leye Wang, Xiao Han, Anmin Liu, Tao Xie
System Performance Model Compression Human SAFETY AI Deployment Box Membership Inference Attack Overall Compression Heterogeneous Zero Day Attack

October 12, 2023

Why Train More? Effective and Efficient Membership Inference via Memorization
Jihye Choi, Shruti Tople, Varun Chandrasekaran, Somesh Jha
Membership Inference Attack Limited Memorization Membership Inference Adversary Agent Private Training Box Membership Inference Attack

June 8, 2023

Investigating the Effect of Misalignment on Membership Privacy in the White-box Setting
Ana-Maria Cretu, Daniel Jones, Yves-Alexandre de Montjoye, Shruti Tople
Mixed Effect White Box Membership Privacy Segment Misalignment Shadow Model Box Membership Inference Attack Local Ultimate Gradient Inspection Model Misalignment

May 30, 2022

White-box Membership Attack Against Machine Learning Based Retinopathy Classification
Mounia Hamidouche, Reda Bellafqira, Gwenolé Quellec, Gouenou Coatrieux
Machine Learning Machine Learning Model Membership Inference Attack Diabetic Retinopathy Model Stealing Attack Box Membership Inference Attack

Box Membership Inference Attack

Papers

On Active Privacy Auditing in Supervised Fine-tuning for White-Box Language Models

A General Framework for Data-Use Auditing of ML Models

Curvature Clues: Decoding Deep Learning Privacy with Input Loss Curvature

Unveiling the Unseen: Exploring Whitebox Membership Inference through the Lens of Explainability

Generating Is Believing: Membership Inference Attacks against Retrieval-Augmented Generation

Towards Black-Box Membership Inference Attack for Diffusion Models

GLiRA: Black-Box Membership Inference Attack via Knowledge Distillation

Safety and Performance, Why Not Both? Bi-Objective Optimized Model Compression against Heterogeneous Attacks Toward AI Software Deployment

Why Train More? Effective and Efficient Membership Inference via Memorization

Investigating the Effect of Misalignment on Membership Privacy in the White-box Setting

White-box Membership Attack Against Machine Learning Based Retinopathy Classification