TL;DR
This paper systematically categorizes membership inference attacks on deep generative models, introduces a versatile generic attack model, and demonstrates its effectiveness across various data types and settings.
Contribution
It presents the first taxonomy of such attacks, a novel generic attack model, and a calibration technique to enhance attack performance.
Findings
The generic attack model is effective across different models and data types.
Calibration technique significantly improves attack success rates.
Membership inference attacks pose substantial privacy risks in generative models.
Abstract
Deep learning has achieved overwhelming success, spanning from discriminative models to generative models. In particular, deep generative models have facilitated a new level of performance in a myriad of areas, ranging from media manipulation to sanitized dataset generation. Despite the great success, the potential risks of privacy breach caused by generative models have not been analyzed systematically. In this paper, we focus on membership inference attack against deep generative models that reveals information about the training data used for victim models. Specifically, we present the first taxonomy of membership inference attacks, encompassing not only existing attacks but also our novel ones. In addition, we propose the first generic attack model that can be instantiated in a large range of settings and is applicable to various kinds of deep generative models. Moreover, we provide…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
