Differential privacy and membership inference attacks
The growing use of machine learning on various datasets results in privacy concerns about records of the data being leaked. Membership inference is a type of attack that identifies the members of the training dataset. The research studies a privacy-preserving mechanism, differential privacy, to miti...
Saved in:
Main Author: | |
---|---|
Other Authors: | |
Format: | Final Year Project |
Language: | English |
Published: |
Nanyang Technological University
2023
|
Subjects: | |
Online Access: | https://hdl.handle.net/10356/166457 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-166457 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-1664572023-05-08T15:39:17Z Differential privacy and membership inference attacks Ong, Ting Yu Wang Huaxiong School of Physical and Mathematical Sciences Institute for Infocomm Research Benjamin Tan Hong Meng HXWang@ntu.edu.sg, benjamin_tan@i2r.a-star.edu.sg Science::Mathematics::Applied mathematics The growing use of machine learning on various datasets results in privacy concerns about records of the data being leaked. Membership inference is a type of attack that identifies the members of the training dataset. The research studies a privacy-preserving mechanism, differential privacy, to mitigate membership inference attacks. Generally, there is a lack of studies that include the two mentioned concepts: membership inference and differential privacy. This research extends the concepts to the less-tested datasets to understand the interaction between the concepts. Image, Time Series and Natural Language Processing datasets were used to train the target models and the reference models. As expected, differential privacy does hinder the membership inference attack by reducing it to a random guess for Image Dataset. However, for the other types of data, there are no observable changes before and after the implementation of differential privacy. Hence, the implementation of differential privacy was able to maintain the attack at a random guess level, suggesting that implementing differential privacy can help to mitigate the membership inference attack. Bachelor of Science in Mathematical Sciences 2023-05-02T02:52:40Z 2023-05-02T02:52:40Z 2023 Final Year Project (FYP) Ong, T. Y. (2023). Differential privacy and membership inference attacks. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/166457 https://hdl.handle.net/10356/166457 en application/pdf Nanyang Technological University |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
Science::Mathematics::Applied mathematics |
spellingShingle |
Science::Mathematics::Applied mathematics Ong, Ting Yu Differential privacy and membership inference attacks |
description |
The growing use of machine learning on various datasets results in privacy concerns about records of the data being leaked. Membership inference is a type of attack that identifies the members of the training dataset. The research studies a privacy-preserving mechanism, differential privacy, to mitigate membership inference attacks. Generally, there is a lack of studies that include the two mentioned concepts: membership inference and differential privacy. This research extends the concepts to the less-tested datasets to understand the interaction between the concepts. Image, Time Series and Natural Language Processing datasets were used to train the target models and the reference models. As expected, differential privacy does hinder the membership inference attack by reducing it to a random guess for Image Dataset. However, for the other types of data, there are no observable changes before and after the implementation of differential privacy. Hence, the implementation of differential privacy was able to maintain the attack at a random guess level, suggesting that implementing differential privacy can help to mitigate the membership inference attack. |
author2 |
Wang Huaxiong |
author_facet |
Wang Huaxiong Ong, Ting Yu |
format |
Final Year Project |
author |
Ong, Ting Yu |
author_sort |
Ong, Ting Yu |
title |
Differential privacy and membership inference attacks |
title_short |
Differential privacy and membership inference attacks |
title_full |
Differential privacy and membership inference attacks |
title_fullStr |
Differential privacy and membership inference attacks |
title_full_unstemmed |
Differential privacy and membership inference attacks |
title_sort |
differential privacy and membership inference attacks |
publisher |
Nanyang Technological University |
publishDate |
2023 |
url |
https://hdl.handle.net/10356/166457 |
_version_ |
1770567281154195456 |