Procedura Civile 2.0


Fonte: Spataro - Segnalato da: Spataro - 2018-12-10 - Post successivo - Stampa - pag. 94342

AI e deep learning: interferenze nell'apprendimento neuronale

Comprehensive Privacy Analysis of Deep Learning:
Stand-alone and Federated Learning under Passive and Active White-box Inference Attacks - Spataro

Download Pdf



Deep neural networks are susceptible to various inference attacks as they remember information about their training data. We perform a comprehensive analysis of white-box privacy inference attacks on deep learning models. We measure the privacy leakage by leveraging the final model parameters as well as the parameter updates during the training and fine-tuning processes. We design the attacks in the stand-alone and federated settings, with respect to passive and active inference attackers, and assuming different adversary prior knowledge. 
We design and evaluate our novel white-box membership inference attacks against deep learning algorithms to measure their training data membership leakage. We show that a straightforward extension of the known black-box attacks to the white-box setting (through analyzing the outputs of activation functions) is ineffective. We therefore design new algorithms tailored to the white-box setting by exploiting the privacy vulnerabilities of the stochastic gradient descent algorithm, widely used to train deep neural networks. We show that even well-generalized models are significantly susceptible to white-box membership inference attacks, by analyzing state-of-the-art pre-trained and publicly available models for the CIFAR dataset. We also show how adversarial participants of a federated learning setting can run active membership inference attacks against other participants, even when the global model achieves high prediction accuracies.
Subjects: Machine Learning (stat.ML); Cryptography and Security (cs.CR); Machine Learning (cs.LG)
Cite as: arXiv:1812.00910 [stat.ML]
  (or arXiv:1812.00910v1 [stat.ML] for this version)

Ricevi gli aggiornamenti su 'AI e deep learning: interferenze nell'apprendimento neuronale', Deep Learning e gli altri post del sito:

Email: (gratis Info privacy)

Link a Spataro :

Altro su Deep Learning:

Deep learning


v. anche: Segnala - Collabora - Embed - - Codici - Ebook - G.U. - IusSeek - Sentenze - Chi siamo   

On line dal 1999. Tutti i diritti riservati - Toolbar - Privacy - Cookie - @IusOnDemand - Contatti - P.IVA: 04446030969 -