Salvato in:
Dettagli Bibliografici
Autori principali: Aubinais, Eric, Gassiat, Elisabeth, Piantanida, Pablo
Natura: Preprint
Pubblicazione: 2023
Soggetti:
Accesso online:https://arxiv.org/abs/2310.13786
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866909829296029696
author Aubinais, Eric
Gassiat, Elisabeth
Piantanida, Pablo
author_facet Aubinais, Eric
Gassiat, Elisabeth
Piantanida, Pablo
contents Membership inference attacks (MIA) can reveal whether a particular data point was part of the training dataset, potentially exposing sensitive information about individuals. This article provides theoretical guarantees by exploring the fundamental statistical limitations associated with MIAs on machine learning models at large. More precisely, we first derive the statistical quantity that governs the effectiveness and success of such attacks. We then theoretically prove that in a non-linear regression setting with overfitting learning procedures, attacks may have a high probability of success. Finally, we investigate several situations for which we provide bounds on this quantity of interest. Interestingly, our findings indicate that discretizing the data might enhance the learning procedure's security. Specifically, it is demonstrated to be limited by a constant, which quantifies the diversity of the underlying data distribution. We illustrate those results through simple simulations.
format Preprint
id arxiv_https___arxiv_org_abs_2310_13786
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle Fundamental Limits of Membership Inference Attacks on Machine Learning Models
Aubinais, Eric
Gassiat, Elisabeth
Piantanida, Pablo
Machine Learning
Artificial Intelligence
Membership inference attacks (MIA) can reveal whether a particular data point was part of the training dataset, potentially exposing sensitive information about individuals. This article provides theoretical guarantees by exploring the fundamental statistical limitations associated with MIAs on machine learning models at large. More precisely, we first derive the statistical quantity that governs the effectiveness and success of such attacks. We then theoretically prove that in a non-linear regression setting with overfitting learning procedures, attacks may have a high probability of success. Finally, we investigate several situations for which we provide bounds on this quantity of interest. Interestingly, our findings indicate that discretizing the data might enhance the learning procedure's security. Specifically, it is demonstrated to be limited by a constant, which quantifies the diversity of the underlying data distribution. We illustrate those results through simple simulations.
title Fundamental Limits of Membership Inference Attacks on Machine Learning Models
topic Machine Learning
Artificial Intelligence
url https://arxiv.org/abs/2310.13786