Membership Inference Attacks and Defenses on Machine Learning Models Literature A curated list of membership inference attacks and defenses papers on machine learning models.
Papers are sorted by their released dates in descending order.
This repository serves as a complement to the survey below.
Membership Inference Attacks on Machine Learning: A Survey (More than 100 papers reviewed).
@article {hu2022membership ,
title ={ Membership inference attacks on machine learning: A survey} author ={ Hu, Hongsheng and Salcic, Zoran and Sun, Lichao and Dobbie, Gillian and Yu, Philip S and Zhang, Xuyun} journal ={ ACM Computing Surveys (CSUR)} volume ={ 54} number ={ 11s} pages ={ 1--37} year ={ 2022} publisher ={ ACM New York, NY} If you feel this repository is helpful, please cite the survey above.
Search keywords like conference name (e.g., CCS), adversarial knowledge (e.g., Black-box), or target model (e.g., Classification Model) over the webpage to quickly locate related papers.
Attack papers sorted by year: | 2024 |2023 |2022 |2021 | 2020 | 2019 | 2018 | 2017 |
Defense papers sorted by year: | 2023 |2022 | 2021 | 2020 | 2019 | 2018 |
Membership Inference Attack
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2024
Do Parameters Reveal More than Loss for Membership Inference? White-box
Classification Models
ICML Workshop
Link Link
2024
Low-Cost High-Power Membership Inference Attacks Black-box
Classification Models
ICML
Link Link
2024
LLM Dataset Inference Did you train on my dataset? Black-box
LLM
Arxiv
Link Link
2024
Shadow-Free Membership Inference Attacks: Recommender Systems Are More Vulnerable Than You Thought Black-box
Recommender System
IJCAI
Link Link
2024
Is My Data in Your Retrieval Database? Membership Inference Attacks Against Retrieval Augmented Generation Black-box
Generative Models
Arxiv
Link
2024
A Comprehensive Analysis of Factors Impacting Membership Inference White-box; Black-box
Classification Models
CVPR workshop
Link
2024
Lost in the Averages: A New Specific Setup to Evaluate Membership Inference Attacks Against Machine Learning Models Black-box
Classification Models
Arxiv
Link
2024
Better Membership Inference Privacy Measurement through Discrepancy Black-box
Classification Models
Arxiv
Link
2024
OSLO: One-Shot Label-Only Membership Inference Attacks Black-box
Classification Models
Arxiv
Link
2024
Please Tell Me More: Privacy Impact of Explainability through the Lens of Membership Inference Attack Black-box
Classification Models
S&P
Link
2024
Is my Data in your AI Model? Membership Inference Test with Application to Face Images White-box; Black-box
Classification Models
Arxiv
Link
2024
Understanding Practical Membership Privacy of Deep Learning Black-box
Classification Models
Arxiv
Link
2024
Evaluating Membership Inference Attacks and Defenses in Federated Learning White-box
Classification Models
Arxiv
Link Link
2024
Uncertainty, Calibration, and Membership Inference Attacks: An Information-Theoretic Perspective Black-box
Classification Models
Arxiv
Link
2024
Do Membership Inference Attacks Work on Large Language Models? Black-box
LLM
Arxiv
Link Link
2024
Learning-Based Difficulty Calibration for Enhanced Membership Inference Attacks Black-box
Classification Models
Arxiv
Link Link
2024
Scalable Membership Inference Attacks via Quantile Regression Black-box
Classification Models
NeurIPS
Link Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2023
Link Membership Inference Attacks against Unsupervised Graph Representation Learning White-box/Black-box
Graph Embedding Models
ACSAC
Link Link
2023
Low-Cost High-Power Membership Inference by Boosting Relativity Black-box
Classification Models
Arxiv
Link Link
2023
Practical Membership Inference Attacks against Fine-tuned Large Language Models via Self-prompt Calibration Black-box
Language Models
Arxiv
Link
2023
A Probabilistic Fluctuation based Membership Inference Attack for Diffusion Models Black-box
Generative Models
Arxiv
Link
2023
Practical Membership Inference Attacks Against Large-Scale Multi-Modal Models: A Pilot Study Black-box
Classification Models
ICCV
Link Link
2023
Privacy Side Channels in Machine Learning Systems Black-box
Classification Models
Arxiv
Link
2023
White-box Membership Inference Attacks against Diffusion Models White-box
Generative Models
Arxiv
Link Link
2023
Scalable Membership Inference Attacks via Quantile Regression Black-box
Classification Models
Arxiv
Link
2023
Synthetic is all you need: removing the auxiliary data assumption for membership inference attacks against synthetic data Black-box
Classification Models
Arxiv
Link
2023
Towards More Realistic Membership Inference Attacks on Large Diffusion Models Black-box
Generative Models
Arxiv
Link
2023
Fortifying Federated Learning against Membership Inference Attacks via Client-level Input Perturbation White-box
Classification Models
Arxiv
Link
2023
Gaussian Membership Inference Privacy White-box
Classification Models
NeurIPS
Link Link
2023
TMI! Finetuned Models Leak Private Information from their Pretraining Data Black-box
Classification Models
Arxiv
Link
2023
SoK: Membership Inference is Harder Than Previously Thought Black-box
Classification Models
Arxiv
Link Link
2023
Re-aligning Shadow Models can Improve White-box Membership Inference Attacks White-box
Classification Models
Arxiv
Link
2023
Membership inference attack with relative decision boundary distance Black-box
Classification Models
Arxiv
Link
2023
Membership Inference Attacks against Language Models via Neighbourhood Comparison Black-box
Language Models
ACL
Link Link & Link
2023
How to Combine Membership-Inference Attacks on Multiple Updated Machine Learning Models Black-box
Classification Models
PoPETs
Link Link
2023
AgrEvader: Poisoning Membership Inference against Byzantine-robust Federated Learning White-box
Classification Models
WWW
Link Link
2023
Membership Inference Attacks Against Sequential Recommender Systems Black-box
Recommender System
WWW
Link
2023
A Blessing of Dimensionality in Membership Inference through Regularization Black-box
Classification Models
AISTATS
Link Link
2023
Active Membership Inference Attack under Local Differential Privacy in Federated Learning White-box
Classification Models
AISTATS
Link Link
2023
Membership Inference Attacks against Synthetic Data through Overfitting Detection Black-box
Generative models
AISTATS
Link Link
2023
Students Parrot Their Teachers: Membership Inference on Model Distillation Black-box
Classification Models
Arxiv
Link
2023
Membership Inference Attacks against Diffusion Models White-box; Black-box
Generative Models
Arxiv
Link
2023
Interaction-level Membership Inference Attack Against Federated Recommender Systems White-box
Recommender System
WWW
Link
2023
Are Diffusion Models Vulnerable to Membership Inference Attacks? Black-box
Generative Models
Arxiv
Link
2023
Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective Black-box
Classification Models
S&P
Link Link
2023
Membership Inference of Diffusion Models Black-box
Generative Models
Arxiv
Link
2023
MiDA: Membership inference attacks against domain adaptation Black-box
Classification Models
ISA Transactions
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2022
On the Discredibility of Membership Inference Attacks Black-box
Classification Models
Arxiv
Link
2022
Membership Inference Attacks Against Semantic Segmentation Models Black-box
Semantic Segmentation Models
Arxiv
Link Link
2022
Similarity Distribution based Membership Inference Attack on Person Re-identification Black-box
Person Re-identification
AAAI
Link
2022
Amplifying Membership Exposure via Data Poisoning Black-box
Classification Models
NeurIPS
Link Link
2022
Canary in a Coalmine: Better Membership Inference with Ensembled Adversarial Queries Black-box
Classification Models
Arxiv
Link Link
2022
Membership Inference Attacks Against Text-to-image Generation Models Black-box
Text-to-image Models
Arxiv
Link
2022
Membership Inference Attacks Against Robust Graph Neural Network Black-box
Classification Models
CSS
Link
2022
No-Label User-Level Membership Inference for ASR Model Auditing Balck-box
Automatic Speech Recognition Model
ESORICS
Link
2022
Membership Inference Attacks and Generalization: A Causal Perspective Black-box; White-box
Classification Models
CCS
Link
2022
M^4I: Multi-modal Models Membership Inference Black-box
Multi-modal Models
NeurIPS
Link Link
2022
Membership Inference Attacks by Exploiting Loss Trajectory Black-box
Classification Models
CCS
Link Link
2022
Auditing Membership Leakages of Multi-Exit Networks White-box; Black-box
Classification Models
CCS
Link Link
2022
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks Black-box
Classification Models
Arxiv
Link
2022
Membership-Doctor: Comprehensive Assessment of Membership Inference Against Machine Learning Models Black-box
Classification Models
Arxiv
Link
2022
On the Privacy Effect of Data Enhancement via the Lens of Memorization Black-box
Classification Models
Arxiv
Link
2022
Membership Inference Attacks via Adversarial Examples White-box
Classification Models
Arxiv
Link
2022
Label-Only Membership Inference Attack against Node-Level Graph Neural Networks Black-box
Classification Models
Arxiv
Link
2022
Semi-Leak: Membership Inference Attacks Against Semi-supervised Learning Black-box
Semi-supervised Learning Models
ECCV
Link Link
2022
Debiasing Learning for Membership Inference Attacks Against Recommender Systems Black-box
Recommender System
KDD
Link
2022
Membership Inference via Backdooring Black-box
Classification Models
IJCAI
Link Link
2022
Membership Inference Attacks Against Machine Learning Models via Prediction Sensitivity Black-box
Classification Models
IEEE Trans Dependable Secure Comput
Link Link
2022
Subject Membership Inference Attacks in Federated Learning White-box
Classification Models
Arxiv
Link
2022
Membership Feature Disentanglement Network White-box
Classification Models
ASIA CCS
Link
2022
Understanding Disparate Effects of Membership Inference Attacks and their Countermeasures Black-box
Classification Models
ASIA CCS
Link
2022
l-Leaks:Membership Inference Attacks with Logits Black-box
Classification Models
Arxiv
Link
2022
CS-MIA: Membership inference attack based on prediction confidence series in federated learning White-box
Classification Models
J. Inf. Secur. Appl
Link
2022
Evaluating Membership Inference Through Adversarial Robustnes White-box
Classfication Models
The Computer Journal
Link Link
2022
How to Combine Membership-Inference Attacks on Multiple Updated Models Black-box
Classification Models
Arxiv
Link Link
2022
An Efficient Subpopulation-based Membership Inference Attack Black-box
Classification Models
Arxiv
Link
2022
Assessing the Impact of Membership Inference Attacks on Classical Machine Learning Algorithms Black-box
Classification Models
DRCN
Link Link
2022
Optimal Membership Inference Bounds for Adaptive Composition of Sampled Gaussian Mechanisms White-box; Black-box
Classification Models
Arxiv
Link
2022
Perfectly Accurate Membership Inference by a Dishonest Central Server in Federated Learning White-box
Classification Models
Arxiv
Link Link
2022
Leveraging Adversarial Examples to Quantify Membership Information Leakage White-box; Black-box
Classification Models
CVPR
Link Link
2022
Quantifying Privacy Risks of Masked Language Models Using Membership Inference Attacks Black-box
Masked Language Models
Arxiv
Link
2022
User-Level Membership Inference Attack against Metric Embedding Learning Black-box
Metric Embedding Models
Arxiv
Link
2022
Label-Only Membership Inference Attacks and Defenses In Semantic Segmentation Models Black-box
Segmentation Models
IEEE Trans Dependable Secure Comput
Link
2022
Membership Inference Attacks and Defenses in Neural Network Pruning Black-box
Classification Models
USENIX Security
Link Link
2022
Parameters or Privacy: A Provable Tradeoff Between Overparameterization and Membership Inference Black-box
Regression Models
Arxiv
Link
2022
LTU Attacker for Membership Inference White-box; Black-box
Classification Models
AAAI Workshop
Link Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2021
Membership Inference Attacks From First Principles White-box; Black-box
Classification Models
S&P
Link Link
2021
SHAPr: An Efficient and Versatile Membership Privacy Risk Metric for Machine Learning Black-box
Classification Models
Arxiv
Link
2021
Enhanced Membership Inference Attacks against Machine Learning Models Black-box
Classification Models
Arxiv
Link Link
2021
Do Not Trust Prediction Scores for Membership Inference Attacks Black-box
Classification Models
IJCAI
Link Link
2021
On the Importance of Difficulty Calibration in Membership Inference Attacks White-box
Classification Models
Arxiv
Link
2021
Membership Inference Attacks against GANs by Leveraging Over-representation Regions White-box
Generative Models
CCS
Link
2021
Membership Inference Attacks Against Recommender Systems Black-box
Recommender Systems
CCS
Link Link
2021
Source Inference Attacks in Federated Learning Black-box
Classifcation Models
ICDM
Link Link
2021
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications Black-box
Classification Models
ICDM
Link Link
2021
On The Vulnerability of Recurrent Neural Networks to Membership Inference Attacks Black-box
Text Generation Models
Arxiv
Link Link
2021
On the Difficulty of Membership Inference Attacks White-box
Classification Models
CVPR
Link Link
2021
Quantifying Privacy Leakage in Graph Embedding White-box; Black-box
Graph Embedding Models
NeurIPS Workshop
Link Link
2021
Label-only membership inference attacks Black-box
Classification Models
ICML
Link Link
2021
On the Privacy Risks of Model Explanations Black-box
Classification Models
AIES
Link
2021
Systematic evaluation of privacy risks of machine learning models White-box; Black-box
Classification Models
USENIX Security
Link Link
2021
Practical blind membership inference attack via differential comparisons Black-box
Classification Models
NDSS
Link Link
2021
On the (In) Feasibility of Attribute Inference Attacks on Machine Learning Models White-box; Black-box
Classification Models
EuroS&P
Link
2021
Bounding Information Leakage in Machine Learning White-box
Classification Models
Arxiv
Link
2021
How Does Data Augmentation Affect Privacy in Machine Learning? Black-box
Classification Models
AAAI
Link Link
2021
Node-Level Membership Inference Attacks Against Graph Neural Networks Black-box
Classification Models
Arxiv
Link
2021
The Audio Auditor: User-Level Membership Inference in Internet of Things Voice Services Black-box
Automatic Speech Recognition Model
PoPETs
Link
2021
Reconstruction-Based Membership Inference Attacks are Easier on Difficult Problems Black-box
Image Translation Models; Image Segmentation Models
ICCV
Link Link
2021
This Person (Probably) Exists. Identity Membership Attacks Against GAN Generated Faces Black-box
Generative Models
Arxiv
link
2021
Membership Inference Attack Susceptibility of Clinical Language Models White-box; Black-box
Clinical Language Models
Arxiv
Link
2021
Killing four birds with one Gaussian process: the relation between different test-time attacks Black-box
Classification Models
ICPR
Link
2021
Evaluating the Vulnerability of End-to-End Automatic Speech Recognition Models To Membership Inference Attacks Black-box
Speech Recognition Models
Interspeech
Link
2021
Membership Inference Attacks on Knowledge Graphs Black-box
Knowledge Graph Embedding Models
Arxiv
Link
2021
Membership Leakage in Label-Only Exposures Black-box
Classification Models
CCS
Link
2021
Membership inference attack on graph neural networks Black-box
Classification Models
Arxiv
Link
2021
Membership Inference Attacks on Deep Regression Models for Neuroimaging Black-box
Regression Models
MIDL
Link
2021
Membership Inference Attacks on Lottery Ticket Networks Black-box
Classification Models
ICML Workshop
Link
2021
Membership Inference on Word Embedding and Beyond Black-box
Word Embedding Models
Arxiv
Link
2021
EncoderMI: Membership Inference against Pre-trained Encoders in Contrastive Learning Black-box
Image Encoder Models
CCS
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2020
GECKO: Reconciling Privacy, Accuracy and Efficiency in Embedded Deep Learning Black-box
Classification Models
NeurIPS Workshop
Link
2020
Gan-leaks: A taxonomy of membership inference attacks against generative models White-box; Black-box
Generative Models
CCS
Link Link
2020
Stolen Memories: Leveraging Model Memorization for Calibrated White-Box Membership Inference White-box
Classification Models
USENIX Security
Link
2020
Information leakage in embedding models Black-box
Text Embedding Models
CCS
Link
2020
When machine unlearning jeopardizes privacy Black-box
Classification Models
Arxiv
Link
2020
Revisiting membership inference under realistic assumptions Black-box
Classification Models
PoPETs
Link Link
2020
Membership inference attacks on sequence-to-sequence models: Is my data in your machine translation system? Black-box
Text Generation Models
TACL
Link Link
2020
Segmentations-leak: Membership inference attacks and defenses in semantic image segmentation Black-box
Image Segmentation Models
ECCV
Link Link
2020
Performing co-membership attacks against deep generative models White-box
Generative Models
ICDM
Link
2020
On the privacy risks of algorithmic fairness Black-box
Classification Models
EuroS&P
Link
2020
A Comprehensive Analysis of Information Leakage in Deep Transfer Learning Black-box
Classification Models
Arxiv
Link
2020
Gan enhanced membership inference: A passive local attack in federated learning White-box
Classification Models
ICC
Link
2020
Privacy analysis of deep learning in the wild: Membership inference attacks against transfer learning Black-box
Classification Models
Arxiv
Link
2020
Data and model dependencies of membership inference attack Black-box
Classification Models
Arxiv
Link
2020
A Pragmatic Approach to Membership Inferences on Machine Learning Models Black-box
Classification Models
EuroS&P
Link
2020
Quantifying Membership Inference Vulnerability via Generalization Gap and Other Model Metrics Black-box
Classification Models
Arxiv
Link
2020
Investigating the Impact of Pre-trained Word Embeddings on Memorization in Neural Networks Black-box
Word Embedding Models
TSD
Link
2020
Beyond Model-Level Membership Privacy Leakage: an Adversarial Approach in Federated Learning White-box
Classification Models
ICCCN
Link
2020
Practical Membership Inference Attack Against Collaborative Inference in Industrial IoT White-box
Classification Models
IEEE Trans. Industr. Inform.
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2019
Exploiting unintended feature leakage in collaborative learning White-box
Classification Models
S&P
Link Link
2019
Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning Black-box; White-box
Classification Models
S&P
link Link
2019
ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models Black-box
Classification Models
NDSS
Link Link
2019
LOGAN: Membership Inference Attacks Against Generative Models Black-box; White-box
Generative Models
PoPETs
Link Link
2019
White-box vs Black-box: Bayes Optimal Strategies for Membership Inference Black-box
Classification Models
ICML
Link
2019
Auditing data provenance in text-generation models Black-box
Text Generation Models
KDD
Link Link
2019
Socinf: Membership inference attacks on social media health data with machine learning Black-box
Classification Models
IEEE Trans. Comput. Soc. Syst.
Link
2019
Monte Carlo and Reconstruction Membership Inference Attacks against Generative Models. White-box; Black-box
Generative Models
PoPETs
Link Link
2019
Disparate Vulnerability: on the Unfairness of Privacy Attacks Against Machine Learning Black-box
Classification Models
Arxiv
Link
2019
Demystifying the membership inference attack Black-box
Classification Models
CMI
Link
2019
Differential Privacy Defenses and Sampling Attacks for Membership Inference Black-box
Classification Models
NeurIPS Workshop
Link
2019
Privacy Risks of Securing Machine Learning Models against Adversarial Examples Black-box
Classification Models
CCS
Link Link
2019
Membership Inference Attacks against Adversarially Robust Deep Learning Models Black-box
Classification Models
S&P Workshop
Link
2019
Demystifying Membership Inference Attacks in Machine Learning as a Service Black-box
Classification Models
IEEE Trans. Serv. Comput.
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2018
Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting Black-box
Classification Models
CSF
Link Link
2018
Understanding membership inferences on well-generalized learning models Black-box
Classification Models
Arxiv
link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2017
Membership inference attacks against machine learning models Black-box
Classification Models
S&P
link Link
Membership Inference Defense
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2023
Mitigating Membership Inference Attacks via Weighted Smoothing Black-box
Classification Models
ACSAC
Link Link
2023
MIST: Defending Against Membership Inference Attacks Through Membership-Invariant Subspace Training Black-box
Classification Models
Arxiv
Link
2023
Overconfidence is a Dangerous Thing: Mitigating Membership Inference Attacks by Enforcing Less Confident Prediction Black-box
Classification Models
NDSS
Link Link
2023
LoDen: Making Every Client in Federated Learning a Defender Against the Poisoning Membership Inference Attacks White-box; Black-box
Classification Models
Asia CCS
Link Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2022
Defense against membership inference attack in graph neural networks through graph perturbation White-box
Graph Embedding Models
Int. J. Inf. Secur.
Link
2022
Provable Membership Inference Privacy White-box; Black-box
Classification Models
Arxiv
Link
2022
Repeated Knowledge Distillation with Confidence Masking to Mitigate Membership Inference Attacks White-box; Black-box
Classification Models
AISec
Link
2022
NeuGuard: Lightweight Neuron-Guided Defense against Membership Inference Attacks Black-box
Classification Models
Arxiv
Link
2022
Defending against Membership Inference Attacks with High Utility by GAN White-box; Black-box
Classification Models
TDSC
Link
2022
RelaxLoss: Defending Membership Inference Attacks without Losing Utility White-box; Black-box
Classification Models
ICLR
Link Link
2022
Assessing Differentially Private Variational Autoencoders under Membership Inference Black-box
Generative Models
Arxiv
Link Link
2022
Membership Privacy Protection for Image Translation Models via Adversarial Knowledge Distillation Black-box
Image Translation Models
Arxiv
Link
2022
MIAShield: Defending Membership Inference Attacks via Preemptive Exclusion of Members Black-box
Classification Models
Arxiv
Link
2022
Privacy-preserving Generative Framework Against Membership Inference Attacks White-box; Black-box
Classification Models
Arxiv
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2021
Enhanced Mixup Training: a Defense Method Against Membership Inference Attack Black-box
Classification Models
ISPEC
Link
2021
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture White-box; Black-box
Classification Models
Arxiv
Link
2021
On the privacy-utility trade-off in differentially private hierarchical text classification White-box
Classification Models
Arxiv
Link
2021
MLCapsule: Guarded Offline Deployment of Machine Learning as a Service Black-box
Classification Models
CVPR
Link
2021
Comparing Local and Central Differential Privacy Using Membership Inference Attacks White-box
Classification Models
DBSec
Link Link
2021
Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning White-box
Classification Models
S&P
Link
2021
When Does Data Augmentation Help With Membership Inference Attacks? Black-box
Classification Models
ICML
Link Link
2021
Against Membership Inference Attack: Pruning is All You Need Black-box
Classification Models
IJCAI
Link
2021
Membership Privacy for Machine Learning Models Through Knowledge Transfer White-box; Black-box
Classification Models
AAAI
Link
2021
Quantifying Membership Privacy via Information Leakage Black-box
Classification Models
IEEE Trans. Inf. Forensics Secur.
Link
2021
Membership Inference Attacks and Defenses in Classification Models Black-box
Classification Models
CODASPY
Link
2021
Digestive Neural Networks: A Novel Defense Strategy Against Inference Attacks in Federated Learning White-box
Classification Models
Computers & Security
Link
2021
Resisting Membership Inference Attacks through Knowledge Distillation Black-box
Classification Models
Neurocomputing
Link
2021
privGAN: Protecting GANs from membership inference attacks at low cost to utility White-box
Generative Models
PoPETs
Link
2021
Generating Private Data Surrogates for Vision Related Tasks White-box
Generative Models
ICPR
Link
2021
Membership Inference Attack with Multi-Grade Service Models in Edge Intelligence Black-box
Classification Models
IEEE Network
Link
2021
PAR-GAN: Improving the Generalization of Generative Adversarial Networks Against Membership Inference Attacks White-box
Generative Models
KDD
Link Link
2021
Defending Medical Image Diagnostics against Privacy Attacks using Generative Methods: Application to Retinal Diagnostics Black-box
Classification Models
MICCAI Workshop
Link
2021
Defending Privacy Against More Knowledgeable Membership Inference Attackers White-box; Black-box
Classification Models
KDD
Link Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2020
Privacy for All: Demystify Vulnerability Disparity of Differential Privacy against Membership Inference Attack Black-box
Classification Models
Arxiv
Link
2020
Privacy for All: Demystify Vulnerability Disparity of Differential Privacy against Membership Inference Attack Black-box
Classification Models
Arxiv
Link
2020
Differential Privacy Protection Against Membership Inference Attack on Machine Learning for Genomic Data Black-box
Classification Models
Biocomputing
Link
2020
A Secure Federated Learning Framework for 5G Networks White-box
Classification Models
IEEE Wireless Communications
Link
2020
Auditing Differentially Private Machine Learning: How Private is Private SGD? Black-box
Classification Models
NeurIPS
Link Link
2020
Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy White-box
Classification Models
Arxiv
Link
2020
Defending Model Inversion and Membership Inference Attacks via Prediction Purification Black-box
Classification
Arxiv
Link
2020
Alleviating Privacy Attacks via Causal Learning Black-box
Classification Models
ICML
Link Link
2020
On the Effectiveness of Regularization Against Membership Inference Attacks Black-box
Classification Models
Arxiv
Link
2020
Characterizing Membership Privacy in Stochastic Gradient Langevin Dynamics Black-box
Classification Models
AAAI
Link
2020
Differentially Private Learning Does Not Bound Membership Inference Black-box
Classification Models
Arxiv
Link
2020
Privacy-Preserving in Defending against Membership Inference Attacks Black-box
Classification Models
PPMLP
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2019
Evaluating Differentially Private Machine Learning in Practice Black-box
Classification Models
USENIX Security
Link Link
2019
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples Black-box
Classification Models
CCS
Link Link
2019
Generalization in Generative Adversarial Networks: A Novel Perspective from Privacy Protection White-box; Black-box
Generative Models
NeurIPS
Link
2019
Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer Black-box
Classification Models
Arxiv
Link
2019
ML Defense: Against Prediction API Threats in Cloud-Based Machine Learning Service Black-box
Classification Models
IWQoS
Link
2019
Effects of Differential Privacy and Data Skewness on Membership Inference Vulnerability Black-box
Classification Models
TPS-ISA
Link
2019
Generating Artificial Data for Private Deep Learning Black-box
Generative Models
PAL
Link
Year
Title
Adversarial Knowledge
Target Model
Venue
Paper Link
Code Link
2018
Machine Learning with Membership Privacy using Adversarial Regularization Black-box
Classification Models
CCS
Link Link
2018
Privacy-preserving Machine Learning through Data Obfuscation Black-box
Classification Models
Arxiv
Link
2018
Differentially Private Data Generative Models Black-box
Classification Models
Arxiv
Link
2018
Membership Inference Attack against Differentially Private Deep Learning Model Black-box
Classification Models
Transactions on Data Privacy
Link