Leveraging Membership Inference Attacks for Privacy Measurement in Federated Learning for Remote Sensing Images

Anh-Kiet Duong; Petra Gomez-Kr\"amer; Ho\`ang-\^An L\^e; Minh-Tan Pham

arXiv:2601.06200·cs.CR·January 13, 2026

Leveraging Membership Inference Attacks for Privacy Measurement in Federated Learning for Remote Sensing Images

Anh-Kiet Duong, Petra Gomez-Kr\"amer, Ho\`ang-\^An L\^e, Minh-Tan Pham

PDF

Open Access

TL;DR

This paper uses membership inference attacks to quantitatively measure privacy leakage in federated learning models for remote sensing image classification, revealing privacy risks and evaluating mitigation strategies.

Contribution

It introduces MIA as a practical privacy measurement tool for FL in remote sensing, evaluating various attack techniques and communication strategies.

Findings

01

MIA effectively detects privacy leakage beyond accuracy metrics.

02

Communication-efficient FL strategies reduce MIA success rates.

03

MIA is a practical metric for privacy assessment in FL systems.

Abstract

Federated Learning (FL) enables collaborative model training while keeping training data localized, allowing us to preserve privacy in various domains including remote sensing. However, recent studies show that FL models may still leak sensitive information through their outputs, motivating the need for rigorous privacy evaluation. In this paper, we leverage membership inference attacks (MIA) as a quantitative privacy measurement framework for FL applied to remote sensing image classification. We evaluate multiple black-box MIA techniques, including entropy-based attacks, modified entropy attacks, and the likelihood ratio attack, across different FL algorithms and communication strategies. Experiments conducted on two public scene classification datasets demonstrate that MIA effectively reveals privacy leakage not captured by accuracy alone. Our results show that communication-efficient…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsPrivacy-Preserving Technologies in Data · Remote-Sensing Image Classification · Adversarial Robustness in Machine Learning