4 matches found
Unifying Re-Identification, Attribute Inference, and Data Reconstruction Risks in Differential Privacy
Differentially private DP mechanisms are difficult to interpret and calibrate because existing methods for mapping standard privacy parameters to concrete privacy risks -- re-identification, attribute inference, and data reconstruction -- are both overly pessimistic and inconsistent. In this work...
Amplifying Machine Learning Attacks through Strategic Compositions
Machine learning ML models are proving to be vulnerable to a variety of attacks that allow the adversary to learn sensitive information, cause mispredictions, and more. While these attacks have been extensively studied, current research predominantly focuses on analyzing each attack type...
DeSIA: Attribute Inference Attacks against Limited Fixed Aggregate Statistics
Empirical inference attacks are a popular approach for evaluating the privacy risk of data release mechanisms in practice. While an active attack literature exists to evaluate machine learning models or synthetic data release, we currently lack comparable methods for fixed aggregate statistics, i...
RAID: an In-Training Defense against Attribute Inference Attacks in Recommender Systems
In various networks and mobile applications, users are highly susceptible to attribute inference attacks, with particularly prevalent occurrences in recommender systems. Attackers exploit partially exposed user profiles in recommendation models, such as user embeddings, to infer private attribute...