A Survey of Privacy Attacks in Machine Learning

TL;DR

This survey analyzes over 40 papers on privacy attacks in machine learning, proposing a taxonomy and threat model, and discusses defenses, open problems, and future research directions.

Contribution

It provides a comprehensive taxonomy and threat model for privacy attacks in machine learning, synthesizing recent research and identifying key open issues.

Findings

Proposed a detailed attack taxonomy and threat model.

Analyzed causes and types of privacy leaks.

Reviewed defenses and future research directions.

Abstract

As machine learning becomes more widely used, the need to study its implications in security and privacy becomes more urgent. Although the body of work in privacy has been steadily growing over the past few years, research on the privacy aspects of machine learning has received less focus than the security aspects. Our contribution in this research is an analysis of more than 40 papers related to privacy attacks against machine learning that have been published during the past seven years. We propose an attack taxonomy, together with a threat model that allows the categorization of different attacks based on the adversarial knowledge, and the assets under attack. An initial exploration of the causes of privacy leaks is presented, as well as a detailed analysis of the different attacks. Finally, we present an overview of the most commonly proposed defenses and a discussion of the open problems and future directions identified during our analysis.