Lucene search
K

42 matches found

Packet Storm News
Packet Storm News
added 2026/05/25 12:0 a.m.12 views

On Reliability of Efficient Membership Inference Vulnerability Evaluation

Membership inference attacks MIAs are popular methods for empirically assessing the leakage of sensitive information in the training data through models or statistics learned from the data. The MIA vulnerability is often evaluated through false positive rate FPR and true positive rate TPR of a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/22 12:0 a.m.11 views

AI Security Research Should Better Incentivize Defense Research

This work examines an imbalance in artificial intelligence AI security research: the field tends to produce more work on attacking AI systems than on defending them. Drawing on related academic papers, we find biased attack-to-defense ratios across subfields, including federated learning, speech...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.9 views

Pretraining Data Exposure in Large Language Models: A Survey of Membership Inference, Data Contamination, and Security Implications

Large Language Models LLMs have become the predominant paradigm in NLP, advancing both research and industry. As model sizes and pretraining data grow, concerns about Pretraining Data Exposure PDE increase due to the scale and opacity of training datasets. PDE refers to determining whether specif...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/14 12:0 a.m.4 views

Evaluating Differential Privacy against Membership Inference in Federated Learning: Insights from the NIST Genomics Red Team Challenge

While Federated Learning FL mitigates direct data exposure, the resulting trained models remain susceptible to membership inference attacks MIAs. This paper presents an empirical evaluation of Differential Privacy DP as a defense mechanism against MIAs in FL, leveraging the environment of the 202...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/03/31 5:40 p.m.6 views

EUVD-2026-17555

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, there is possible channel membership inference from chat user search without authorization. This issue has been patched in...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References2
CVE
CVE
added 2026/03/31 5:40 p.m.11 views

CVE-2026-32618

Discourse (open-source discussion platform) has a channel membership inference vulnerability affecting versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, where chat user search could reveal channel membership without authorizat...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/03/23 12:0 a.m.1 views

Towards Secure Retrieval-Augmented Generation: A Comprehensive Review of Threats, Defenses and Benchmarks

Retrieval-Augmented Generation RAG significantly mitigates the hallucinations and domain knowledge deficiency in large language models by incorporating external knowledge bases. However, the multi-module architecture of RAG introduces complex system-level security vulnerabilities. Guided by the R...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/16 12:0 a.m.5 views

LoRA As Oracle

Backdoored and privacy-leaking deep neural networks pose a serious threat to the deployment of machine learning systems in security-critical settings. Existing defenses for backdoor detection and membership inference typically require access to clean reference models, extensive retraining, or...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/13 12:0 a.m.4 views

How Worrying Are Privacy Attacks against Machine Learning?

In several jurisdictions, the regulatory framework on the release and sharing of personal data is being extended to machine learning ML. The implicit assumption is that disclosing a trained ML model entails a privacy risk for any personal data used in training comparable to directly releasing tho...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/24 12:0 a.m.4 views

RAG Security and Privacy: Formalizing the Threat Model and Attack Surface

Retrieval-Augmented Generation RAG is an emerging approach in natural language processing that combines large language models LLMs with external document retrieval to produce more accurate and grounded responses. While RAG has shown strong potential in reducing hallucinations and improving factua...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/08 12:0 a.m.4 views

Membership Inference Attack with Partial Features

Machine learning models have been shown to be susceptible to membership inference attack, which can be used to determine whether a given sample appears in the training data. Existing membership inference methods commonly assume that the adversary has full access to the features of the target...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.2 views

Cascading and Proxy Membership Inference Attacks

A Membership Inference Attack MIA assesses how much a trained machine learning model reveals about its training data by determining whether specific query instances were included in the dataset. We classify existing MIAs into adaptive or non-adaptive, depending on whether the adversary is allowed...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/24 12:0 a.m.12 views

LoRA-Leak: Membership Inference Attacks against LoRA Fine-Tuned Language Models

Language Models LMs typically adhere to a "pre-training and fine-tuning" paradigm, where a universal pre-trained model can be fine-tuned to cater to various specialized domains. Low-Rank Adaptation LoRA has gained the most widespread use in LM fine-tuning due to its lightweight computational cost...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/23 12:0 a.m.4 views

Tab-MIA: a Benchmark Dataset for Membership Inference Attacks on Tabular Data in LLMs

Large language models LLMs are increasingly trained on tabular data, which, unlike unstructured text, often contains personally identifiable information PII in a highly structured and explicit format. As a result, privacy risks arise, since sensitive records can be inadvertently retained by the...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/22 12:0 a.m.5 views

GATEBLEED: Exploiting On-Core Accelerator Power Gating for High Performance and Stealthy Attacks on AI

As power consumption from AI training and inference continues to increase, AI accelerators are being integrated directly into the CPU. Intel's Advanced Matrix Extensions AMX is one such example, debuting on the 4th generation Intel Xeon Scalable CPU. We discover a timing side and covert channel,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/22 12:0 a.m.5 views

CompLeak: Deep Learning Model Compression Exacerbates Privacy Leakage

Model compression is crucial for minimizing memory storage and accelerating inference in deep learning DL models, including recent foundation models like large language models LLMs. Users can access different compressed model versions according to their resources and budget. However, while existi...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/21 12:0 a.m.3 views

Optimizing Canaries for Privacy Auditing with Metagradient Descent

In this work we study black-box privacy auditing, where the goal is to lower bound the privacy parameter of a differentially private learning algorithm using only the algorithm's outputs i.e., final trained model. For DP-SGD the most successful method for training differentially private deep...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/23 12:0 a.m.3 views

Amplifying Machine Learning Attacks through Strategic Compositions

Machine learning ML models are proving to be vulnerable to a variety of attacks that allow the adversary to learn sensitive information, cause mispredictions, and more. While these attacks have been extensively studied, current research predominantly focuses on analyzing each attack type...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

Image Corruption-Inspired Membership Inference Attacks against Large Vision-Language Models

Large vision-language models LVLMs have demonstrated outstanding performance in many downstream tasks. However, LVLMs are trained on large-scale datasets, which can pose privacy risks if training images contain sensitive information. Therefore, it is important to detect whether an image is used t...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.4 views

Enhancing One-run Privacy Auditing with Quantile Regression-Based Membership Inference

Differential privacy DP auditing aims to provide empirical lower bounds on the privacy guarantees of DP mechanisms like DP-SGD. While some existing techniques require many training runs that are prohibitively costly, recent work introduces one-run auditing approaches that effectively audit DP-SGD...

6.8AI score
Exploits0
Rows per page
Query Builder