Protecting Machine Learning Models from Training Data Set Extraction

被引：0

作者：

Kalinin, M. O. ^{[1
]}

Muryleva, A. A. ^{[1
]}

Platonov, V. V. ^{[1
]}

机构：

[1] Peter Great St Petersburg Polytech Univ, St Petersburg 195251, Russia

来源：

AUTOMATIC CONTROL AND COMPUTER SCIENCES | 2024年 / 58卷 / 08期

关键词：

noising; machine learning; training set; membership inference; Gaussian noise; PRIVACY;

D O I：

10.3103/S0146411624700871

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The problem of protecting machine learning models from the threat of data privacy violation implementing membership inference in training data sets is considered. A method of protective noising of the training set is proposed. It is experimentally shown that Gaussian noising of training data with a scale of 0.2 is the simplest and most effective way to protect machine learning models from membership inference in the training set. In comparison with alternatives, this method is easy to implement, universal in relation to types of models, and allows reducing the effectiveness of membership inference to 26 percentage points.

引用

页码：1234 / 1241

页数：8

共 16 条

[1] Deep Learning with Differential Privacy
Abadi, Martin
Chu, Andy
Goodfellow, Ian
McMahan, H. Brendan
Mironov, Ilya
Talwar, Kunal
Zhang, Li
[J]. CCS'16: PROCEEDINGS OF THE 2016 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2016, : 308 - 318
[2] De Cristofaro E, 2021, IEEE SECUR PRIV, V19, P19, DOI 10.1109/MSEC.2021.3076443
[3] Membership Inference Attacks on Sequence-to-Sequence Models: Is My Data In Your Machine Translation System?
Hisamoto, Sorami
Post, Matt
Duh, Kevin
[J]. TRANSACTIONS OF THE ASSOCIATION FOR COMPUTATIONAL LINGUISTICS, 2020, 8 (08) : 49 - 63
[4] kaggle, Fraud detection bank dataset 20K records binary
[5] .kaggle, Acquire valued shoppers challenge
[6] Kubrin G.S., 2020, Metody i Tekhnicheskie Sredstva Obespecheniya Bezopasnosti Informatsii, P23
[7] Lavrova D., 2018, SHS Web of Conferences, V44, DOI [10.1051/shsconf/20184400051, DOI 10.1051/SHSCONF/20184400051]
[8] Protection against Adversarial Attacks on Malware Detectors Using Machine Learning Algorithms
Marshev, I. I.
Zhukovskii, E., V
Aleksandrova, E. B.
[J]. AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2021, 55 (08) : 1025 - 1028
[9] Pechenkin A.I., 2017, Metody i Tekhnicheskie Sredstva Obespecheniya Bezopasnosti Informatsii, P48
[10] ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models
Salem, Ahmed
Zhang, Yang
Humbert, Mathias
Berrang, Pascal
Fritz, Mario
Backes, Michael
[J]. 26TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2019), 2019,

← 1 2 →