Property Inference Attack

Property inference attacks aim to extract sensitive statistical properties of a machine learning model's training data, without direct access to that data. Current research focuses on developing and evaluating these attacks against various model architectures, including federated learning systems, diffusion models, and generative adversarial networks (GANs), often leveraging techniques like shadow models and gradient analysis. This area is significant because it highlights vulnerabilities in data privacy when sharing or deploying machine learning models, impacting both the security of sensitive datasets and the fairness of model outputs. The development of effective defenses against these attacks is a crucial area of ongoing research.

Papers

November 6, 2024

Can Graph Neural Networks Expose Training Data Properties? An Efficient Risk Assessment Approach
Hanyang Yuan, Jiarong Xu, Renhong Huang, Mingli Song, Chunping Wang, Yang Yang
Graph Neural Network High Efficiency Risk Assessment Property Inference Attack Private Graph

October 17, 2024

Investigating Effective Speaker Property Privacy Protection in Federated Learning for Speech Emotion Recognition
Chao Tan, Sheng Li, Yang Cao, Zhao Ren, Tanja Schultz
LeArning Abstract Speech Emotion Recognition Speech Data Speech Processing Federated Prompt Cooperation Inference Attack Property Inference Attack

October 7, 2024

FRIDA: Free-Rider Detection using Privacy Attacks
Pol G. Recasens, Ádám Horváth, Alberto Gutierrez-Torre, Jordi Torres, Josep Ll.Berral, Balázs Pejó
Domain Adaptation Privacy Attack Inference Attack Property Inference Attack

May 24, 2024

Decaf: Data Distribution Decompose Attack against Federated Learning
Zhiyang Dai, Chunyi Zhou, Anmin Fu
Membership Inference Attack Model Inversion Attack Self Service CAFE Privacy Inference Property Inference Attack

February 28, 2024

Exploring Privacy and Fairness Risks in Sharing Diffusion Models: An Adversarial Perspective
Xinjian Luo, Yangfan Jiang, Fei Wei, Yuncheng Wu, Xiaokui Xiao, Beng Chin Ooi
Diffusion Model Privacy Preserving Pre Trained Diffusion Model Adversarial Perspective Fair Credit Privacy Level Property Inference Attack Fairness Attack Collaborative Diffusion Model

June 8, 2023

PriSampler: Mitigating Property Inference of Diffusion Models
Hailong Hu, Jun Pang
Diffusion Model Synthetic Data Differential Privacy Property Inference Property Inference Attack

March 21, 2023

Manipulating Transfer Learning for Property Inference
Yulong Tian, Fnu Suya, Anshuman Suri, Fengyuan Xu, David Evans
Transfer Learning Property Inference Property Inference Attack

November 8, 2022

Inferring Class Label Distribution of Training Data from Classifiers: An Accuracy-Augmented Meta-Classifier Attack
Raksha Ramakrishna, György Dán
Machine Learning Training Data Simple Classifier Label Distribution Learning Meta Classifier Property Inference Attack

September 8, 2022

Black-Box Audits for Group Distribution Shifts
Marc Juarez, Samuel Yeom, Matt Fredrikson
Distribution Shift Black Box Property Inference Attack

September 2, 2022

Group Property Inference Attacks Against Graph Neural Networks
Xiuling Wang, Wendy Hui Wang
Graph Neural Network Privacy Attack Property Inference Attack Graph Level Adversary Knowledge

August 25, 2022

SNAP: Efficient Extraction of Private Properties with Poisoning
Harsh Chaudhari, John Abascal, Alina Oprea, Matthew Jagielski, Florian Tramèr, Jonathan Ullman
Poisoning Attack Attack Success Rate Snap Video Property Inference Attack Efficient Extraction

May 18, 2022

Lessons Learned: Defending Against Property Inference Attacks
Joshua Stock, Jens Wettlaufer, Daniel Demmler, Hannes Federrath
Critical Lesson Privacy Attack Property Inference Attack Level Unlearning

November 15, 2021

Property Inference Attacks Against GANs
Junhao Zhou, Yufei Chen, Chao Shen, Yang Zhang
Generative Adversarial Network Property Inference Attack