UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

LOGAN: Membership Inference Attacks Against Generative Models

Hayes, J; Melis, L; Danezis, G; De Cristofaro, E; (2019) LOGAN: Membership Inference Attacks Against Generative Models. In: Proceedings on Privacy Enhancing Technologies. (pp. pp. 133-152). De Gruyter Green open access

[thumbnail of Hayes_[22990984 - Proceedings on Privacy Enhancing Technologies] LOGAN_ Membership Inference Attacks Against Generative Models.pdf]
Preview
Text
Hayes_[22990984 - Proceedings on Privacy Enhancing Technologies] LOGAN_ Membership Inference Attacks Against Generative Models.pdf - Published Version

Download (7MB) | Preview

Abstract

Generative models estimate the underlying distribution of a dataset to generate realistic samples according to that distribution. In this paper, we present the first membership inference attacks against generative models: given a data point, the adversary determines whether or not it was used to train the model. Our attacks leverage Generative Adversarial Networks (GANs), which combine a discriminative and a generative model, to detect overfitting and recognize inputs that were part of training datasets, using the discriminator’s capacity to learn statistical differences in distributions. We present attacks based on both white-box and black-box access to the target model, against several state-of-the-art generative models, over datasets of complex representations of faces (LFW), objects (CIFAR-10), and medical images (Diabetic Retinopathy). We also discuss the sensitivity of the attacks to different training parameters, and their robustness against mitigation strategies, finding that defenses are either ineffective or lead to significantly worse performances of the generative models in terms of training stability and/or sample quality.

Type: Proceedings paper
Title: LOGAN: Membership Inference Attacks Against Generative Models
Event: 18th Privacy Enhancing Technologies Symposium, 24 – 27 July 2018, Barcelona, Spain
Open access status: An open access version is available from UCL Discovery
DOI: 10.2478/popets-2019-0008
Publisher version: https://doi.org/10.2478/popets-2019-0008
Language: English
Additional information: Open Access: Published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported (CC BY-NC-ND 3.0) licence https://creativecommons.org/licenses/by-nc-nd/3.0/
Keywords: machine learning; privacy; inference attacks
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/10054668
Downloads since deposit
195Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item