Inference Attack

Inference attacks exploit machine learning model outputs to infer sensitive information about the training data, posing a significant privacy risk in various applications like federated learning and AI-as-a-service. Current research focuses on developing novel attack techniques targeting different model architectures (e.g., graph neural networks, large language models) and data modalities, as well as designing robust defenses such as differential privacy and adversarial training. Understanding and mitigating these attacks is crucial for ensuring the responsible deployment of machine learning systems and protecting user privacy in collaborative and cloud-based settings.

Papers

January 9, 2025

TAPFed: Threshold Secure Aggregation for Privacy-Preserving Federated Learning
Runhua Xu, Bo Li, Chao Li, James B.D. Joshi, Shuai Ma, Jianxin Li
LeArning Abstract Federated Prompt Cooperation Secure Aggregation Inference Attack Single Tap Functional Encryption

January 6, 2025

From Models to Network Topologies: A Topology Inference Attack in Decentralized Federated Learning
Chao Feng, Yuanzhe Gao, Alberto Huertas Celdran, Gerome Bovet, Burkhard Stiller
Full Model Decentralized Learning Decentralized Federated Learning Network Topology Inference Attack Topology Attack

January 4, 2025

AdaMixup: A Dynamic Defense Framework for Membership Inference Attack Mitigation
Ying Chen, Jiajing Chen, Yijie Weng, ChiaHua Chang, Dezhi Yu, Guanbiao Lin
Membership Inference Attack Faulty Negative Mitigation Inference Attack Mixup Method Defense Framework Mixup Training

December 27, 2024

An Engorgio Prompt Makes Large Language Model Babble on
Jianshuo Dong, Ziyuan Zhang, Qingjie Zhang, Han Qiu, Tianwei Zhang, Hao Wang, Hewu Li, Qi Li, Chao Zhang, Ke Xu
Large Language Model Inference Attack Structure Guided Prompt

December 20, 2024

Prompt-based Unifying Inference Attack on Graph Neural Networks
Yuecen Wei, Xingcheng Fu, Lingyun Liu, Qingyun Sun, Hao Peng, Chunming Hu
Graph Neural Network Prompt Learning Inference Attack Attack Model Graph Inference

December 18, 2024

A Statistical and Multi-Perspective Revisiting of the Membership Inference Attack in Large Language Models
Bowen Chen, Namgi Han, Yusuke Miyao
Membership Inference Attack Inference Attack Significant Dissimilarity Additive Decoder

December 17, 2024

December 7, 2024

Upcycling Noise for Federated Unlearning
Jianan Chen, Qin Hu, Fangtian Zhong, Yan Zhuang, Minghui Xu
Inference Attack Federated Unlearning Unlearning Model

December 2, 2024

Effectiveness of L2 Regularization in Privacy-Preserving Machine Learning
Nikolaos Chandrinos (1), Iliana Loi (2), Panagiotis Zachos (2), Ioannis Symeonidis (1), Aristotelis Spiliotis (1), Maria Panou (1), Konstantinos Moustakas (2) ((1) Human Factors and Vehicle Technology, Hellenic Institute of Transport, Centre for Research and Technology Hellas, Thermi, Greece, (2) Wire Communications and Information Technology Laboratory, Dept. of Electrical and Computer Engineering, University of Patras, Patras, Greece)
LeArning Abstract Differential Privacy Membership Inference Attack Inference Attack L2 Regularization

November 19, 2024

November 8, 2024

QuanCrypt-FL: Quantized Homomorphic Encryption with Pruning for Secure Federated Learning
Md Jueal Mia, M. Hadi Amini
Edge Pruning Inference Attack Encryption Method Secure Approach

November 2, 2024

WaKA: Data Attribution using K-Nearest Neighbors and Membership Privacy Principles
Patrick Mesana, Clément Bénesse, Hadrien Lautraite, Gilles Caporossi, Sébastien Gambs
Membership Inference Attack General Principle Inference Attack K Nearest Neighbor Membership Privacy Data Attribution Likelihood Ratio Attack

October 26, 2024

Mask-based Membership Inference Attacks for Retrieval-Augmented Generation
Mingrui Liu, Sixiao Zhang, Cheng Long
Retrieval Augmented Generation Faithful Generation Membership Inference Attack Inference Attack Mask Prediction

October 25, 2024

FLiP: Privacy-Preserving Federated Learning based on the Principle of Least Privileg
ShiMao Xu, Xiaopeng Ke, Xing Su, Shucheng Li, Hao wu, Fengyuan Xu, Sheng Zhong
General Principle Privacy Protection Inference Attack Negative Flip

October 22, 2024

Dual-Model Defense: Safeguarding Diffusion Models from Membership Inference Attacks through Disjoint Data Splitting
Bao Q. Tran, Viet Nguyen, Anh Tran, Toan Tran
Diffusion Model Membership Inference Inference Attack Data Splitting

October 17, 2024

Investigating Effective Speaker Property Privacy Protection in Federated Learning for Speech Emotion Recognition
Chao Tan, Sheng Li, Yang Cao, Zhao Ren, Tanja Schultz
LeArning Abstract Speech Emotion Recognition Speech Data Speech Processing Federated Prompt Cooperation Inference Attack Property Inference Attack

October 14, 2024

Identity-Focused Inference and Extraction Attacks on Diffusion Models
Jayneel Vora, Aditya Krishnan, Nader Bouacida, Prabhu RV Shankar, Prasant Mohapatra
Diffusion Model Membership Inference Attack Inference Attack Identity Related Attribute Inference Attack Extraction Attack Identity Inference

October 7, 2024

FRIDA: Free-Rider Detection using Privacy Attacks
Pol G. Recasens, Ádám Horváth, Alberto Gutierrez-Torre, Jordi Torres, Josep Ll.Berral, Balázs Pejó
Domain Adaptation Privacy Attack Inference Attack Property Inference Attack

Inference Attack

Papers

TAPFed: Threshold Secure Aggregation for Privacy-Preserving Federated Learning

From Models to Network Topologies: A Topology Inference Attack in Decentralized Federated Learning

AdaMixup: A Dynamic Defense Framework for Membership Inference Attack Mitigation

An Engorgio Prompt Makes Large Language Model Babble on

Prompt-based Unifying Inference Attack on Graph Neural Networks

A Statistical and Multi-Perspective Revisiting of the Membership Inference Attack in Large Language Models

Truthful Text Sanitization Guided by Inference Attacks

Scrutinizing the Vulnerability of Decentralized Learning to Membership Inference Attacks

Upcycling Noise for Federated Unlearning

Effectiveness of L2 Regularization in Privacy-Preserving Machine Learning

CDI: Copyrighted Data Identification in Diffusion Models

Attribute Inference Attacks for Federated Regression Tasks

QuanCrypt-FL: Quantized Homomorphic Encryption with Pruning for Secure Federated Learning

WaKA: Data Attribution using K-Nearest Neighbors and Membership Privacy Principles

Mask-based Membership Inference Attacks for Retrieval-Augmented Generation

FLiP: Privacy-Preserving Federated Learning based on the Principle of Least Privileg

Dual-Model Defense: Safeguarding Diffusion Models from Membership Inference Attacks through Disjoint Data Splitting

Investigating Effective Speaker Property Privacy Protection in Federated Learning for Speech Emotion Recognition

Identity-Focused Inference and Extraction Attacks on Diffusion Models

FRIDA: Free-Rider Detection using Privacy Attacks