Jisuanji kexue (Mar 2023)
Survey on Membership Inference Attacks Against Machine Learning
Abstract
In recent years,machine learning has not only achieved remarkable results in conventional fields such as computer vision and natural language processing,but also been widely applied to process sensitive data such as face images,financial data and medical information.Recently,researchers find that machine learning models will remember the data in their training sets,making them vulnerable to membership inference attacks,that is,the attacker can infer whether the given data exists in the training set of a specific machine learning model.The success of membership inference attacks may lead to serious individual privacy leakage.For example,the existence of a patient's medical record in a hospital's analytical training set reveals that the patient was once a patient there.The paper first introduces the basic principle of membership inference attacks,and then systematically summarizes and classifies the representative research achievements on membership inference attacks and defenses in recent years.In particular,how to attack and defend under different conditions is described in detail.Finally,by reviewing the development of membership inference attacks,this paper explores the main challenges and potential development directions of machine learning privacy protection in the future.
Keywords
