Membership Inference Attacks on Sequence-to-Sequence Models: Is My Data In Your Machine Translation System?

Data privacy is an important issue for "machine learning as a service'' providers. We focus on the problem of membership inference attacks: Given a data sample and black-box access to a model's API, determine whether the sample existed in the model's training data. Our contribution is an investigation of this problem in the context of sequence-tosequence models, which are important in applications such as machine translation and video captioning. We define the membership inference problem for sequence generation, provide an open dataset based on state-of-the-artmachine translationmodels, and report initial results on whether thesemodels leakprivate informationagainst several kinds of membership inference attacks.