Membership Inference Attack
Membership inference attacks (MIAs) aim to determine if a specific data point was used to train a machine learning model, posing a significant privacy risk. Current research focuses on evaluating MIA effectiveness across various model architectures, including large language models (LLMs), diffusion models, and vision transformers, and exploring the impact of different training methods and data characteristics on attack success. The reliability and accuracy of MIAs themselves are under scrutiny, with some studies highlighting limitations and overestimation of their capabilities, particularly in realistic settings. Understanding the vulnerabilities and limitations of MIAs is crucial for developing effective privacy-preserving techniques and for responsibly deploying machine learning models.
Papers
Improved Membership Inference Attacks Against Language Classification Models
Shlomit Shachor, Natalia Razinkov, Abigail Goldsteen
No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML
Ziqi Zhang, Chen Gong, Yifeng Cai, Yuanyuan Yuan, Bingyan Liu, Ding Li, Yao Guo, Xiangqun Chen