Membership inference attacks against transfer learning for generalized model
For the problem of poor performance of exciting membership inference attack (MIA) when facing the transfer learning model that is generalized, the MIA for the transfer learning model that is generalized was first systematically studied, the anomaly detection was designed to obtain vulnerable data sa...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2021-10-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021209/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539237091999744 |
|---|---|
| author | Jinyin CHEN Wenchang SHANGGUAN Jingjing ZHANG Haibin ZHENG Yayu ZHENG Xuhong ZHANG |
| author_facet | Jinyin CHEN Wenchang SHANGGUAN Jingjing ZHANG Haibin ZHENG Yayu ZHENG Xuhong ZHANG |
| author_sort | Jinyin CHEN |
| collection | DOAJ |
| description | For the problem of poor performance of exciting membership inference attack (MIA) when facing the transfer learning model that is generalized, the MIA for the transfer learning model that is generalized was first systematically studied, the anomaly detection was designed to obtain vulnerable data samples, and MIA was carried out against individual samples.Finally, the proposed method was tested on four image data sets, which shows that the proposed MIA has great attack performance.For example, on the Flowers102 classifier migrated from VGG16 (pretraining with Caltech101), the proposed MIA achieves 83.15% precision, which reveals that in the environment of transfer learning, even without access to the teacher model, the MIA for the teacher model can be achieved by visiting the student model. |
| format | Article |
| id | doaj-art-da4d0ad548eb42f39b802f701a373514 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2021-10-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-da4d0ad548eb42f39b802f701a3735142025-01-14T07:23:01ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2021-10-014219721059745632Membership inference attacks against transfer learning for generalized modelJinyin CHENWenchang SHANGGUANJingjing ZHANGHaibin ZHENGYayu ZHENGXuhong ZHANGFor the problem of poor performance of exciting membership inference attack (MIA) when facing the transfer learning model that is generalized, the MIA for the transfer learning model that is generalized was first systematically studied, the anomaly detection was designed to obtain vulnerable data samples, and MIA was carried out against individual samples.Finally, the proposed method was tested on four image data sets, which shows that the proposed MIA has great attack performance.For example, on the Flowers102 classifier migrated from VGG16 (pretraining with Caltech101), the proposed MIA achieves 83.15% precision, which reveals that in the environment of transfer learning, even without access to the teacher model, the MIA for the teacher model can be achieved by visiting the student model.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021209/membership inference attackdeep learningtransfer learningprivacy riskgeneralized model |
| spellingShingle | Jinyin CHEN Wenchang SHANGGUAN Jingjing ZHANG Haibin ZHENG Yayu ZHENG Xuhong ZHANG Membership inference attacks against transfer learning for generalized model Tongxin xuebao membership inference attack deep learning transfer learning privacy risk generalized model |
| title | Membership inference attacks against transfer learning for generalized model |
| title_full | Membership inference attacks against transfer learning for generalized model |
| title_fullStr | Membership inference attacks against transfer learning for generalized model |
| title_full_unstemmed | Membership inference attacks against transfer learning for generalized model |
| title_short | Membership inference attacks against transfer learning for generalized model |
| title_sort | membership inference attacks against transfer learning for generalized model |
| topic | membership inference attack deep learning transfer learning privacy risk generalized model |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021209/ |
| work_keys_str_mv | AT jinyinchen membershipinferenceattacksagainsttransferlearningforgeneralizedmodel AT wenchangshangguan membershipinferenceattacksagainsttransferlearningforgeneralizedmodel AT jingjingzhang membershipinferenceattacksagainsttransferlearningforgeneralizedmodel AT haibinzheng membershipinferenceattacksagainsttransferlearningforgeneralizedmodel AT yayuzheng membershipinferenceattacksagainsttransferlearningforgeneralizedmodel AT xuhongzhang membershipinferenceattacksagainsttransferlearningforgeneralizedmodel |