membership-inference-machine-learning-literature
membership-inference-machine-learning-literature copied to clipboard

Published 20 hours ago •

→

Metadata

Readme
Issues

Membership Inference Attacks and Defenses on Machine Learning Models Literature

A curated list of membership inference attacks and defenses papers on machine learning models.

Papers are sorted by their released dates in descending order.

This repository serves as a complement to the survey below.

Membership Inference Attacks on Machine Learning: A Survey (More than 100 papers reviewed).

@article{hu2022membership,
  title={Membership inference attacks on machine learning: A survey},
  author={Hu, Hongsheng and Salcic, Zoran and Sun, Lichao and Dobbie, Gillian and Yu, Philip S and Zhang, Xuyun},
  journal={ACM Computing Surveys (CSUR)},
  volume={54},
  number={11s},
  pages={1--37},
  year={2022},
  publisher={ACM New York, NY}
}

If you feel this repository is helpful, please cite the survey above.

How to Search?

Search keywords like conference name (e.g., CCS), adversarial knowledge (e.g., Black-box), or target model (e.g., Classification Model) over the webpage to quickly locate related papers.

Quick Links

Attack papers sorted by year: | 2024 |2023 |2022 |2021 | 2020 | 2019 | 2018 | 2017 |

Defense papers sorted by year: | 2023 |2022 | 2021 | 2020 | 2019 | 2018 |

Membership Inference Attack

Attack Papers 2024

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2024	Uncertainty, Calibration, and Membership Inference Attacks: An Information-Theoretic Perspective	Black-box	Classification Models	Arxiv	Link
2024	Do Membership Inference Attacks Work on Large Language Models?	Black-box	LLM	Arxiv	Link	Link
2024	Learning-Based Difficulty Calibration for Enhanced Membership Inference Attacks	Black-box	Classification Models	Arxiv	Link	Link
2024	Scalable Membership Inference Attacks via Quantile Regression	Black-box	Classification Models	NeurIPS	Link	Link

Attack Papers 2023

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2023	Link Membership Inference Attacks against Unsupervised Graph Representation Learning	White-box/Black-box	Graph Embedding Models	ACSAC	Link	Link
2023	Low-Cost High-Power Membership Inference by Boosting Relativity	Black-box	Classification Models	Arxiv	Link	Link
2023	Practical Membership Inference Attacks against Fine-tuned Large Language Models via Self-prompt Calibration	Black-box	Language Models	Arxiv	Link
2023	A Probabilistic Fluctuation based Membership Inference Attack for Diffusion Models	Black-box	Generative Models	Arxiv	Link
2023	Practical Membership Inference Attacks Against Large-Scale Multi-Modal Models: A Pilot Study	Black-box	Classification Models	ICCV	Link	Link
2023	Privacy Side Channels in Machine Learning Systems	Black-box	Classification Models	Arxiv	Link
2023	White-box Membership Inference Attacks against Diffusion Models	White-box	Generative Models	Arxiv	Link	Link
2023	Scalable Membership Inference Attacks via Quantile Regression	Black-box	Classification Models	Arxiv	Link
2023	Synthetic is all you need: removing the auxiliary data assumption for membership inference attacks against synthetic data	Black-box	Classification Models	Arxiv	Link
2023	Towards More Realistic Membership Inference Attacks on Large Diffusion Models	Black-box	Generative Models	Arxiv	Link
2023	Fortifying Federated Learning against Membership Inference Attacks via Client-level Input Perturbation	White-box	Classification Models	Arxiv	Link
2023	Gaussian Membership Inference Privacy	White-box	Classification Models	NeurIPS	Link	Link
2023	TMI! Finetuned Models Leak Private Information from their Pretraining Data	Black-box	Classification Models	Arxiv	Link
2023	SoK: Membership Inference is Harder Than Previously Thought	Black-box	Classification Models	Arxiv	Link	Link
2023	Re-aligning Shadow Models can Improve White-box Membership Inference Attacks	White-box	Classification Models	Arxiv	Link
2023	Membership inference attack with relative decision boundary distance	Black-box	Classification Models	Arxiv	Link
2023	Membership Inference Attacks against Language Models via Neighbourhood Comparison	Black-box	Classification Models	Arxiv	Link
2023	How to Combine Membership-Inference Attacks on Multiple Updated Machine Learning Models	Black-box	Classification Models	PoPETs	Link	Link
2023	AgrEvader: Poisoning Membership Inference against Byzantine-robust Federated Learning	White-box	Classification Models	WWW	Link	Link
2023	Membership Inference Attacks Against Sequential Recommender Systems	Black-box	Recommender System	WWW	Link
2023	A Blessing of Dimensionality in Membership Inference through Regularization	Black-box	Classification Models	AISTATS	Link	Link
2023	Active Membership Inference Attack under Local Differential Privacy in Federated Learning	White-box	Classification Models	AISTATS	Link	Link
2023	Membership Inference Attacks against Synthetic Data through Overfitting Detection	Black-box	Generative models	AISTATS	Link	Link
2023	Students Parrot Their Teachers: Membership Inference on Model Distillation	Black-box	Classification Models	Arxiv	Link
2023	Membership Inference Attacks against Diffusion Models	White-box; Black-box	Generative Models	Arxiv	Link
2023	Interaction-level Membership Inference Attack Against Federated Recommender Systems	White-box	Recommender System	WWW	Link
2023	Are Diffusion Models Vulnerable to Membership Inference Attacks?	Black-box	Generative Models	Arxiv	Link
2023	Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective	Black-box	Classification Models	S&P	Link	Link
2023	Membership Inference of Diffusion Models	Black-box	Generative Models	Arxiv	Link
2023	MiDA: Membership inference attacks against domain adaptation	Black-box	Classification Models	ISA Transactions	Link

Attack Papers 2022

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2022	On the Discredibility of Membership Inference Attacks	Black-box	Classification Models	Arxiv	Link
2022	Membership Inference Attacks Against Semantic Segmentation Models	Black-box	Semantic Segmentation Models	Arxiv	Link	Link
2022	Similarity Distribution based Membership Inference Attack on Person Re-identification	Black-box	Person Re-identification	AAAI	Link
2022	Amplifying Membership Exposure via Data Poisoning	Black-box	Classification Models	NeurIPS	Link	Link
2022	Canary in a Coalmine: Better Membership Inference with Ensembled Adversarial Queries	Black-box	Classification Models	Arxiv	Link	Link
2022	Membership Inference Attacks Against Text-to-image Generation Models	Black-box	Text-to-image Models	Arxiv	Link
2022	Membership Inference Attacks Against Robust Graph Neural Network	Black-box	Classification Models	CSS	Link
2022	No-Label User-Level Membership Inference for ASR Model Auditing	Balck-box	Automatic Speech Recognition Model	ESORICS	Link
2022	Membership Inference Attacks and Generalization: A Causal Perspective	Black-box; White-box	Classification Models	CCS	Link
2022	M^4I: Multi-modal Models Membership Inference	Black-box	Multi-modal Models	NeurIPS	Link	Link
2022	Membership Inference Attacks by Exploiting Loss Trajectory	Black-box	Classification Models	CCS	Link	Link
2022	Auditing Membership Leakages of Multi-Exit Networks	White-box; Black-box	Classification Models	CCS	Link	Link
2022	Label-Only Membership Inference Attack against Node-Level Graph Neural Networks	Black-box	Classification Models	Arxiv	Link
2022	Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models	Black-box	Classification Models	Arxiv	Link
2022	On the Privacy Effect of Data Enhancement via the Lens of Memorization	Black-box	Classification Models	Arxiv	Link
2022	Membership Inference Attacks via Adversarial Examples	White-box	Classification Models	Arxiv	Link
2022	Label-Only Membership Inference Attack against Node-Level Graph Neural Networks	Black-box	Classification Models	Arxiv	Link
2022	Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning	Black-box	Semi-supervised Learning Models	ECCV	Link	Link
2022	Debiasing Learning for Membership Inference Attacks Against Recommender Systems	Black-box	Recommender System	KDD	Link
2022	Membership Inference via Backdooring	Black-box	Classification Models	IJCAI	Link	Link
2022	Membership Inference Attacks Against Machine Learning Models via Prediction Sensitivity	Black-box	Classification Models	IEEE Trans Dependable Secure Comput	Link	Link
2022	Subject Membership Inference Attacks in Federated Learning	White-box	Classification Models	Arxiv	Link
2022	Membership Feature Disentanglement Network	White-box	Classification Models	ASIA CCS	Link
2022	Understanding Disparate Effects of Membership Inference Attacks and their Countermeasures	Black-box	Classification Models	ASIA CCS	Link
2022	l-Leaks:Membership Inference Attacks with Logits	Black-box	Classification Models	Arxiv	Link
2022	CS-MIA: Membership inference attack based on prediction confidence series in federated learning	White-box	Classification Models	J. Inf. Secur. Appl	Link
2022	Evaluating Membership Inference Through Adversarial Robustnes	White-box	Classfication Models	The Computer Journal	Link	Link
2022	How to Combine Membership-Inference Attacks on Multiple Updated Models	Black-box	Classification Models	Arxiv	Link	Link
2022	An Efficient Subpopulation-based Membership Inference Attack	Black-box	Classification Models	Arxiv	Link
2022	Assessing the Impact of Membership Inference Attacks on Classical Machine Learning Algorithms	Black-box	Classification Models	DRCN	Link	Link
2022	Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms	White-box; Black-box	Classification Models	Arxiv	Link
2022	Perfectly Accurate Membership Inference by a Dishonest Central Server in Federated Learning	White-box	Classification Models	Arxiv	Link	Link
2022	Leveraging Adversarial Examples to Quantify Membership Information Leakage	White-box; Black-box	Classification Models	CVPR	Link	Link
2022	Quantifying Privacy Risks of Masked Language Models Using Membership Inference Attacks	Black-box	Masked Language Models	Arxiv	Link
2022	User-Level Membership Inference Attack against Metric Embedding Learning	Black-box	Metric Embedding Models	Arxiv	Link
2022	Label-Only Membership Inference Attacks and Defenses In Semantic Segmentation Models	Black-box	Segmentation Models	IEEE Trans Dependable Secure Comput	Link
2022	Membership Inference Attacks and Defenses in Neural Network Pruning	Black-box	Classification Models	USENIX Security	Link	Link
2022	Parameters or Privacy: A Provable Tradeoff Between Overparameterization and Membership Inference	Black-box	Regression Models	Arxiv	Link
2022	LTU Attacker for Membership Inference	White-box; Black-box	Classification Models	AAAI Workshop	Link	Link

Attack Papers 2021

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2021	Membership Inference Attacks From First Principles	White-box; Black-box	Classification Models	Arxiv	Link
2021	SHAPr: An Efficient and Versatile Membership Privacy Risk Metric for Machine Learning	Black-box	Classification Models	Arxiv	Link
2021	Enhanced Membership Inference Attacks against Machine Learning Models	Black-box	Classification Models	Arxiv	Link	Link
2021	Do Not Trust Prediction Scores for Membership Inference Attacks	Black-box	Classification Models	IJCAI	Link	Link
2021	On the Importance of Difficulty Calibration in Membership Inference Attacks	White-box	Classification Models	Arxiv	Link
2021	Membership Inference Attacks against GANs by Leveraging Over-representation Regions	White-box	Generative Models	CCS	Link
2021	Membership Inference Attacks Against Recommender Systems	Black-box	Recommender Systems	CCS	Link	Link
2021	Source Inference Attacks in Federated Learning	Black-box	Classifcation Models	ICDM	Link	Link
2021	Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications	Black-box	Classification Models	ICDM	Link	Link
2021	On The Vulnerability of Recurrent Neural Networks to Membership Inference Attacks	Black-box	Text Generation Models	Arxiv	Link	Link
2021	On the Difficulty of Membership Inference Attacks	White-box	Classification Models	CVPR	Link	Link
2021	Quantifying Privacy Leakage in Graph Embedding	White-box; Black-box	Graph Embedding Models	NeurIPS Workshop	Link	Link
2021	Label-only membership inference attacks	Black-box	Classification Models	ICML	Link	Link
2021	On the Privacy Risks of Model Explanations	Black-box	Classification Models	AIES	Link
2021	Systematic evaluation of privacy risks of machine learning models	White-box; Black-box	Classification Models	USENIX Security	Link	Link
2021	Practical blind membership inference attack via differential comparisons	Black-box	Classification Models	NDSS	Link	Link
2021	On the (In) Feasibility of Attribute Inference Attacks on Machine Learning Models	White-box; Black-box	Classification Models	EuroS&P	Link
2021	Bounding Information Leakage in Machine Learning	White-box	Classification Models	Arxiv	Link
2021	How Does Data Augmentation Affect Privacy in Machine Learning?	Black-box	Classification Models	AAAI	Link	Link
2021	Node-Level Membership Inference Attacks Against Graph Neural Networks	Black-box	Classification Models	Arxiv	Link
2021	The Audio Auditor: User-Level Membership Inference in Internet of Things Voice Services	Black-box	Automatic Speech Recognition Model	PoPETs	Link
2021	Reconstruction-Based Membership Inference Attacks are Easier on Difficult Problems	Black-box	Image Translation Models; Image Segmentation Models	ICCV	Link	Link
2021	This Person (Probably) Exists. Identity Membership Attacks Against GAN Generated Faces	Black-box	Generative Models	Arxiv	link
2021	Membership Inference Attack Susceptibility of Clinical Language Models	White-box; Black-box	Clinical Language Models	Arxiv	Link
2021	Killing four birds with one Gaussian process: the relation between different test-time attacks	Black-box	Classification Models	ICPR	Link
2021	Evaluating the Vulnerability of End-to-End Automatic Speech Recognition Models To Membership Inference Attacks	Black-box	Speech Recognition Models	Interspeech	Link
2021	Membership Inference Attacks on Knowledge Graphs	Black-box	Knowledge Graph Embedding Models	Arxiv	Link
2021	Membership Leakage in Label-Only Exposures	Black-box	Classification Models	CCS	Link
2021	Membership inference attack on graph neural networks	Black-box	Classification Models	Arxiv	Link
2021	Membership Inference Attacks on Deep Regression Models for Neuroimaging	Black-box	Regression Models	MIDL	Link
2021	Membership Inference Attacks on Lottery Ticket Networks	Black-box	Classification Models	ICML Workshop	Link
2021	Membership Inference on Word Embedding and Beyond	Black-box	Word Embedding Models	Arxiv	Link
2021	EncoderMI: Membership Inference against Pre-trained Encoders in Contrastive Learning	Black-box	Image Encoder Models	CCS	Link

Attack Papers 2020 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2020	GECKO: Reconciling Privacy, Accuracy and Efficiency in Embedded Deep Learning	Black-box	Classification Models	NeurIPS Workshop	Link
2020	Gan-leaks: A taxonomy of membership inference attacks against generative models	White-box; Black-box	Generative Models	CCS	Link	Link
2020	Stolen Memories: Leveraging Model Memorization for Calibrated White-Box Membership Inference	White-box	Classification Models	USENIX Security	Link
2020	Information leakage in embedding models	Black-box	Text Embedding Models	CCS	Link
2020	When machine unlearning jeopardizes privacy	Black-box	Classification Models	Arxiv	Link
2020	Revisiting membership inference under realistic assumptions	Black-box	Classification Models	PoPETs	Link	Link
2020	Membership inference attacks on sequence-to-sequence models: Is my data in your machine translation system?	Black-box	Text Generation Models	TACL	Link	Link
2020	Segmentations-leak: Membership inference attacks and defenses in semantic image segmentation	Black-box	Image Segmentation Models	ECCV	Link	Link
2020	Performing co-membership attacks against deep generative models	White-box	Generative Models	ICDM	Link
2020	On the privacy risks of algorithmic fairness	Black-box	Classification Models	EuroS&P	Link
2020	A Comprehensive Analysis of Information Leakage in Deep Transfer Learning	Black-box	Classification Models	Arxiv	Link
2020	Gan enhanced membership inference: A passive local attack in federated learning	White-box	Classification Models	ICC	Link
2020	Privacy analysis of deep learning in the wild: Membership inference attacks against transfer learning	Black-box	Classification Models	Arxiv	Link
2020	Data and model dependencies of membership inference attack	Black-box	Classification Models	Arxiv	Link
2020	A Pragmatic Approach to Membership Inferences on Machine Learning Models	Black-box	Classification Models	EuroS&P	Link
2020	Quantifying Membership Inference Vulnerability via Generalization Gap and Other Model Metrics	Black-box	Classification Models	Arxiv	Link
2020	Investigating the Impact of Pre-trained Word Embeddings on Memorization in Neural Networks	Black-box	Word Embedding Models	TSD	Link
2020	Beyond Model-Level Membership Privacy Leakage: an Adversarial Approach in Federated Learning	White-box	Classification Models	ICCCN	Link
2020	Practical Membership Inference Attack Against Collaborative Inference in Industrial IoT	White-box	Classification Models	IEEE Trans. Industr. Inform.	Link

Attack Papers 2019 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2019	Exploiting unintended feature leakage in collaborative learning	White-box	Classification Models	S&P	Link	Link
2019	Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning	Black-box; White-box	Classification Models	S&P	link	Link
2019	ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models	Black-box	Classification Models	NDSS	Link	Link
2019	LOGAN: Membership Inference Attacks Against Generative Models	Black-box; White-box	Generative Models	PoPETs	Link	Link
2019	White-box vs Black-box: Bayes Optimal Strategies for Membership Inference	Black-box	Classification Models	ICML	Link
2019	Auditing data provenance in text-generation models	Black-box	Text Generation Models	KDD	Link	Link
2019	Socinf: Membership inference attacks on social media health data with machine learning	Black-box	Classification Models	IEEE Trans. Comput. Soc. Syst.	Link
2019	Monte Carlo and Reconstruction Membership Inference Attacks against Generative Models.	White-box; Black-box	Generative Models	PoPETs	Link	Link
2019	Disparate Vulnerability: on the Unfairness of Privacy Attacks Against Machine Learning	Black-box	Classification Models	Arxiv	Link
2019	Demystifying the membership inference attack	Black-box	Classification Models	CMI	Link
2019	Differential Privacy Defenses and Sampling Attacks for Membership Inference	Black-box	Classification Models	NeurIPS Workshop	Link
2019	Privacy Risks of Securing Machine Learning Models against Adversarial Examples	Black-box	Classification Models	CCS	Link	Link
2019	Membership Inference Attacks against Adversarially Robust Deep Learning Models	Black-box	Classification Models	S&P Workshop	Link
2019	Demystifying Membership Inference Attacks in Machine Learning as a Service	Black-box	Classification Models	IEEE Trans. Serv. Comput.	Link

Attack Papers 2018 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2018	Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting	Black-box	Classification Models	CSF	Link	Link
2018	Understanding membership inferences on well-generalized learning models	Black-box	Classification Models	Arxiv	link

Attack Papers 2017 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2017	Membership inference attacks against machine learning models	Black-box	Classification Models	S&P	link	Link

Membership Inference Defense

Defense Papers 2023 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2023	Mitigating Membership Inference Attacks via Weighted Smoothing	Black-box	Classification Models	ACSAC	Link	Link
2023	MIST: Defending Against Membership Inference Attacks Through Membership-Invariant Subspace Training	Black-box	Classification Models	Arxiv	Link
2023	Overconfidence is a Dangerous Thing: Mitigating Membership Inference Attacks by Enforcing Less Confident Prediction	Black-box	Classification Models	NDSS	Link	Link
2023	LoDen: Making Every Client in Federated Learning a Defender Against the Poisoning Membership Inference Attacks	White-box; Black-box	Classification Models	Asia CCS	Link	Link

Defense Papers 2022 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2022	Defense against membership inference attack in graph neural networks through graph perturbation	White-box	Graph Embedding Models	Int. J. Inf. Secur.	Link
2022	Provable Membership Inference Privacy	White-box; Black-box	Classification Models	Arxiv	Link
2022	Repeated Knowledge Distillation with Confidence Masking to Mitigate Membership Inference Attacks	White-box; Black-box	Classification Models	AISec	Link
2022	NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks	Black-box	Classification Models	Arxiv	Link
2022	Defending against Membership Inference Attacks with High Utility by GAN	White-box; Black-box	Classification Models	TDSC	Link
2022	RelaxLoss: Defending Membership Inference Attacks without Losing Utility	White-box; Black-box	Classification Models	ICLR	Link	Link
2022	Assessing Differentially Private Variational Autoencoders under Membership Inference	Black-box	Generative Models	Arxiv	Link	Link
2022	Membership Privacy Protection for Image Translation Models via Adversarial Knowledge Distillation	Black-box	Image Translation Models	Arxiv	Link
2022	MIAShield: Defending Membership Inference Attacks via Preemptive Exclusion of Members	Black-box	Classification Models	Arxiv	Link
2022	Privacy-preserving Generative Framework Against Membership Inference Attacks	White-box; Black-box	Classification Models	Arxiv	Link

Defense Papers 2021 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2021	Enhanced Mixup Training: a Defense Method Against Membership Inference Attack	Black-box	Classification Models	ISPEC	Link
2021	Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture	White-box; Black-box	Classification Models	Arxiv	Link
2021	On the privacy-utility trade-off in differentially private hierarchical text classification	White-box	Classification Models	Arxiv	Link
2021	MLCapsule: Guarded Offline Deployment of Machine Learning as a Service	Black-box	Classification Models	CVPR	Link
2021	Comparing Local and Central Differential Privacy Using Membership Inference Attacks	White-box	Classification Models	DBSec	Link	Link
2021	Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning	White-box	Classification Models	S&P	Link
2021	When Does Data Augmentation Help With Membership Inference Attacks?	Black-box	Classification Models	ICML	Link	Link
2021	Against Membership Inference Attack: Pruning is All You Need	Black-box	Classification Models	IJCAI	Link
2021	Membership Privacy for Machine Learning Models Through Knowledge Transfer	White-box; Black-box	Classification Models	AAAI	Link
2021	Quantifying Membership Privacy via Information Leakage	Black-box	Classification Models	IEEE Trans. Inf. Forensics Secur.	Link
2021	Membership Inference Attacks and Defenses in Classification Models	Black-box	Classification Models	CODASPY	Link
2021	Digestive Neural Networks: A Novel Defense Strategy Against Inference Attacks in Federated Learning	White-box	Classification Models	Computers & Security	Link
2021	Resisting Membership Inference Attacks through Knowledge Distillation	Black-box	Classification Models	Neurocomputing	Link
2021	privGAN: Protecting GANs from membership inference attacks at low cost to utility	White-box	Generative Models	PoPETs	Link
2021	Generating Private Data Surrogates for Vision Related Tasks	White-box	Generative Models	ICPR	Link
2021	Membership Inference Attack with Multi-Grade Service Models in Edge Intelligence	Black-box	Classification Models	IEEE Network	Link
2021	PAR-GAN: Improving the Generalization of Generative Adversarial Networks Against Membership Inference Attacks	White-box	Generative Models	KDD	Link	Link
2021	Defending Medical Image Diagnostics against Privacy Attacks using Generative Methods: Application to Retinal Diagnostics	Black-box	Classification Models	MICCAI Workshop	Link
2021	Defending Privacy Against More Knowledgeable Membership Inference Attackers	White-box; Black-box	Classification Models	KDD	Link	Link

Defense Papers 2020 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2020	Privacy for All: Demystify Vulnerability Disparity of Differential Privacy against Membership Inference Attack	Black-box	Classification Models	Arxiv	Link
2020	Privacy for All: Demystify Vulnerability Disparity of Differential Privacy against Membership Inference Attack	Black-box	Classification Models	Arxiv	Link
2020	Differential Privacy Protection Against Membership Inference Attack on Machine Learning for Genomic Data	Black-box	Classification Models	Biocomputing	Link
2020	A Secure Federated Learning Framework for 5G Networks	White-box	Classification Models	IEEE Wireless Communications	Link
2020	Auditing Differentially Private Machine Learning: How Private is Private SGD?	Black-box	Classification Models	NeurIPS	Link	Link
2020	Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy	White-box	Classification Models	Arxiv	Link
2020	Defending Model Inversion and Membership Inference Attacks via Prediction Purification	Black-box	Classification	Arxiv	Link
2020	Alleviating Privacy Attacks via Causal Learning	Black-box	Classification Models	ICML	Link	Link
2020	On the Effectiveness of Regularization Against Membership Inference Attacks	Black-box	Classification Models	Arxiv	Link
2020	Characterizing Membership Privacy in Stochastic Gradient Langevin Dynamics	Black-box	Classification Models	AAAI	Link
2020	Differentially Private Learning Does Not Bound Membership Inference	Black-box	Classification Models	Arxiv	Link
2020	Privacy-Preserving in Defending against Membership Inference Attacks	Black-box	Classification Models	PPMLP	Link

Defense Papers 2019 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2019	Evaluating Differentially Private Machine Learning in Practice	Black-box	Classification Models	USENIX Security	Link	Link
2019	MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples	Black-box	Classification Models	CCS	Link	Link
2019	Generalization in Generative Adversarial Networks: A Novel Perspective from Privacy Protection	White-box; Black-box	Generative Models	NeurIPS	Link
2019	Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer	Black-box	Classification Models	Arxiv	Link
2019	ML Defense: Against Prediction API Threats in Cloud-Based Machine Learning Service	Black-box	Classification Models	IWQoS	Link
2019	Effects of Differential Privacy and Data Skewness on Membership Inference Vulnerability	Black-box	Classification Models	TPS-ISA	Link
2019	Generating Artificial Data for Private Deep Learning	Black-box	Generative Models	PAL	Link

Defense Papers 2018 [Back to Top]

Year	Title	Adversarial Knowledge	Target Model	Venue	Paper Link	Code Link
2018	Machine Learning with Membership Privacy using Adversarial Regularization	Black-box	Classification Models	CCS	Link	Link
2018	Privacy-preserving Machine Learning through Data Obfuscation	Black-box	Classification Models	Arxiv	Link
2018	Differentially Private Data Generative Models	Black-box	Classification Models	Arxiv	Link
2018	Membership Inference Attack against Differentially Private Deep Learning Model	Black-box	Classification Models	Transactions on Data Privacy	Link

About

88

Stars

17

Forks

Watchers

Owner

← Metadata

88

Stars

17

Forks

Watchers

Owner

Metadata