AdaMixup: A Dynamic Defense Framework for Membership Inference Attack Mitigation
Ying Chen, Jiajing Chen, Yijie Weng, ChiaHua Chang, Dezhi Yu, Guanbiao, Lin
TL;DR
AdaMixup is a novel adaptive mixup-based training framework that enhances deep learning models' privacy against membership inference attacks while preserving high accuracy.
Contribution
It introduces a dynamic, adaptive mixup strategy during training to improve privacy protection against inference attacks.
Findings
Significantly reduces membership inference attack success rate.
Maintains high model accuracy with privacy enhancement.
Demonstrates effectiveness across multiple datasets.
Abstract
Membership inference attacks have emerged as a significant privacy concern in the training of deep learning models, where attackers can infer whether a data point was part of the training set based on the model's outputs. To address this challenge, we propose a novel defense mechanism, AdaMixup. AdaMixup employs adaptive mixup techniques to enhance the model's robustness against membership inference attacks by dynamically adjusting the mixup strategy during training. This method not only improves the model's privacy protection but also maintains high performance. Experimental results across multiple datasets demonstrate that AdaMixup significantly reduces the risk of membership inference attacks while achieving a favorable trade-off between defensive efficiency and model accuracy. This research provides an effective solution for data privacy protection and lays the groundwork for future…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Access Control and Trust · Security and Verification in Computing
MethodsSparse Evolutionary Training · Mixup