Optimal privacy guarantees for a relaxed threat model: Addressing sub-optimal adversaries in differentially private machine learning.
In: (37th Conference on Neural Information Processing Systems (NeurIPS), 10-16 December 2023, New Orleans, LA). 10010 North Torrey Pines Rd, La Jolla, California 92037 Usa: Neural Information Processing Systems (nips), 2023. 24
möglich sobald bei der ZB eingereicht worden ist.
Differentially private mechanisms restrict the membership inference capabilities of powerful (optimal) adversaries against machine learning models. Such adversaries are rarely encountered in practice. In this work, we examine a more realistic threat model relaxation, where (sub-optimal) adversaries lack access to the exact model training database, but may possess related or partial data. We then formally characterise and experimentally validate adversarial membership inference capabilities in this setting in terms of hypothesis testing errors. Our work helps users to interpret the privacy properties of sensitive data processing systems under realistic threat model relaxations and choose appropriate noise levels for their use-case.
Altmetric
Weitere Metriken?
Publikationstyp
Artikel: Konferenzbeitrag
Dokumenttyp
Typ der Hochschulschrift
Herausgeber
Korrespondenzautor
Schlagwörter
Keywords plus
ISSN (print) / ISBN
1049-5258
e-ISSN
ISBN
Bandtitel
Konferenztitel
37th Conference on Neural Information Processing Systems (NeurIPS)
Konferzenzdatum
10-16 December 2023
Konferenzort
New Orleans, LA
Konferenzband
Quellenangaben
Band: ,
Heft: ,
Seiten: 24
Artikelnummer: ,
Supplement: ,
Reihe
Verlag
Neural Information Processing Systems (nips)
Verlagsort
10010 North Torrey Pines Rd, La Jolla, California 92037 Usa
Hochschule
Hochschulort
Fakultät
Veröffentlichungsdatum
0000-00-00
Anmeldedatum
0000-00-00
Anmelder/Inhaber
weitere Inhaber
Anmeldeland
Priorität
Begutachtungsstatus
Institut(e)
Institute for Machine Learning in Biomed Imaging (IML)
Förderungen
German Federal Ministry of Education and Research
Konrad Zuse School of Excellence in Reliable AI (RelAI)
Bavarian State Ministry for Science and the Arts through the Munich Centre for Machine Learning (MCML)
Helmholtz Junior Research Group grant