Impact of Dataset Properties on Membership Inference Vulnerability of Deep Transfer Learning

TOP Literature Database Impact of Dataset Properties on Membership Inference Vulnerability of Deep Transfer Learning

AI Security Portal bot

Information in the literature database is collected automatically.

Source

https://arxiv.org/abs/2402.06674

PDF

https://arxiv.org/pdf/2402.06674

Paper Information

Author: Marlon Tobaben,Hibiki Ito,Joonas Jälkö,Yuan He,Antti Honkela
Published: 2-7-2024
Updated: 10-6-2025
Affiliation: Department of Computer Science, University of Helsinki
Country: Finland
Conference

Labels Estimated by AI

Membership Inference Privacy-Preserving Machine Learning Statistical Testing

These labels were automatically added by AI and may be inaccurate.
For details, see About Literature Database.

Abstract

Membership inference attacks (MIAs) are used to test practical privacy of machine learning models. MIAs complement formal guarantees from differential privacy (DP) under a more realistic adversary model. We analyse MIA vulnerability of fine-tuned neural networks both empirically and theoretically, the latter using a simplified model of fine-tuning. We show that the vulnerability of non-DP models when measured as the attacker advantage at a fixed false positive rate reduces according to a simple power law as the number of examples per class increases. A similar power-law applies even for the most vulnerable points, but the dataset size needed for adequate protection of the most vulnerable points is very large.