Membership Privacy for Machine Learning Models Through Knowledge Transfer
نویسندگان
چکیده
Large capacity machine learning (ML) models are prone to membership inference attacks (MIAs), which aim infer whether the target sample is a member of model's training dataset. The serious privacy concerns due have motivated multiple defenses against MIAs, e.g., differential and adversarial regularization. Unfortunately, these produce ML with unacceptably low classification performances. Our work proposes new defense, called distillation for (DMP), MIAs that preserves utility resulting significantly better than prior defenses. DMP leverages knowledge train privacy. We provide novel criterion tune data used transfer in order amplify DMP. extensive evaluation shows provides tradeoffs between accuracies compared state-of-the-art MIA For instance, achieves ~100% accuracy improvement over regularization DenseNet trained on CIFAR100, similar (measured using risk): when risk 53.7%, adversarially regularized 33.6% accurate, while DMP-trained 65.3% accurate. released our code at github.com/vrt1shjwlkr/AAAI21-MIA-Defense.
منابع مشابه
Machine Learning with Privacy by Knowledge Aggregation and Transfer
Machine learning relies on the availability of high-quality training data and— whether by its inherent nature, or by accident—this data will sometimes contain private information. When the model is to be published or made publicly accessible and the training data is not, it is important that the details of the sensitive training data cannot be inadvertently revealed by the model. This abstract ...
متن کاملMachine Learning Models for Housing Prices Forecasting using Registration Data
This article has been compiled to identify the best model of housing price forecasting using machine learning methods with maximum accuracy and minimum error. Five important machine learning algorithms are used to predict housing prices, including Nearest Neighbor Regression Algorithm (KNNR), Support Vector Regression Algorithm (SVR), Random Forest Regression Algorithm (RFR), Extreme Gradient B...
متن کاملHierarchical Functional Concepts for Knowledge Transfer among Reinforcement Learning Agents
This article introduces the notions of functional space and concept as a way of knowledge representation and abstraction for Reinforcement Learning agents. These definitions are used as a tool of knowledge transfer among agents. The agents are assumed to be heterogeneous; they have different state spaces but share a same dynamic, reward and action space. In other words, the agents are assumed t...
متن کاملLearning and Knowledge Transfer with Memory Networks for Machine Comprehension
Enabling machines to read and comprehend unstructured text remains an unfulfilled goal for NLP research. Recent research efforts on the “machine comprehension” task have managed to achieve close to ideal performance on simulated data. However, achieving similar levels of performance on small real world datasets has proved difficult; major challenges stem from the large vocabulary size, complex ...
متن کاملIntegrating Models of Knowledge and Machine Learning
We propose a theoretical framework allowing a real integration of Machine Learning and Knowledge acquisition. This article shows that the input of a Machine Learning system can be mapped to the model of expertise as it is used in KADS methodology. The notion of learning bias will play a central role. We shall see that parts of it can be identified to what people are used to call the inference a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the ... AAAI Conference on Artificial Intelligence
سال: 2021
ISSN: ['2159-5399', '2374-3468']
DOI: https://doi.org/10.1609/aaai.v35i11.17150