ML Privacy Meter: Aiding Regulatory Compliance by Quantifying the
Privacy Risks of Machine Learning
- URL: http://arxiv.org/abs/2007.09339v1
- Date: Sat, 18 Jul 2020 06:21:35 GMT
- Title: ML Privacy Meter: Aiding Regulatory Compliance by Quantifying the
Privacy Risks of Machine Learning
- Authors: Sasi Kumar Murakonda, Reza Shokri
- Abstract summary: Machine learning models pose an additional privacy risk to the data by indirectly revealing about it through the model predictions and parameters.
There is an immediate need for a tool that can quantify the privacy risk to data from models.
We present ML Privacy Meter, a tool that can quantify the privacy risk to data from models through state of the art membership inference attack techniques.
- Score: 10.190911271176201
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: When building machine learning models using sensitive data, organizations
should ensure that the data processed in such systems is adequately protected.
For projects involving machine learning on personal data, Article 35 of the
GDPR mandates it to perform a Data Protection Impact Assessment (DPIA). In
addition to the threats of illegitimate access to data through security
breaches, machine learning models pose an additional privacy risk to the data
by indirectly revealing about it through the model predictions and parameters.
Guidances released by the Information Commissioner's Office (UK) and the
National Institute of Standards and Technology (US) emphasize on the threat to
data from models and recommend organizations to account for and estimate these
risks to comply with data protection regulations. Hence, there is an immediate
need for a tool that can quantify the privacy risk to data from models.
In this paper, we focus on this indirect leakage about training data from
machine learning models. We present ML Privacy Meter, a tool that can quantify
the privacy risk to data from models through state of the art membership
inference attack techniques. We discuss how this tool can help practitioners in
compliance with data protection regulations, when deploying machine learning
models.
Related papers
- A Review on Machine Unlearning [3.1168315477643245]
This paper provides an in-depth review of the security and privacy concerns in machine learning models.
First, we present how machine learning can use users' private data in daily life and the role that plays in this problem.
Then, we introduce the concept of machine unlearning by describing the security threats in machine learning models.
arXiv Detail & Related papers (2024-11-18T06:18:13Z) - Game-Theoretic Machine Unlearning: Mitigating Extra Privacy Leakage [12.737028324709609]
Recent legislation obligates organizations to remove requested data and its influence from a trained model.
We propose a game-theoretic machine unlearning algorithm that simulates the competitive relationship between unlearning performance and privacy protection.
arXiv Detail & Related papers (2024-11-06T13:47:04Z) - The Frontier of Data Erasure: Machine Unlearning for Large Language Models [56.26002631481726]
Large Language Models (LLMs) are foundational to AI advancements.
LLMs pose risks by potentially memorizing and disseminating sensitive, biased, or copyrighted information.
Machine unlearning emerges as a cutting-edge solution to mitigate these concerns.
arXiv Detail & Related papers (2024-03-23T09:26:15Z) - PrivacyMind: Large Language Models Can Be Contextual Privacy Protection Learners [81.571305826793]
We introduce Contextual Privacy Protection Language Models (PrivacyMind)
Our work offers a theoretical analysis for model design and benchmarks various techniques.
In particular, instruction tuning with both positive and negative examples stands out as a promising method.
arXiv Detail & Related papers (2023-10-03T22:37:01Z) - A Survey on Differential Privacy with Machine Learning and Future
Outlook [0.0]
differential privacy is used to protect machine learning models from any attacks and vulnerabilities.
This survey paper presents different differentially private machine learning algorithms categorized into two main categories.
arXiv Detail & Related papers (2022-11-19T14:20:53Z) - Certified Data Removal in Sum-Product Networks [78.27542864367821]
Deleting the collected data is often insufficient to guarantee data privacy.
UnlearnSPN is an algorithm that removes the influence of single data points from a trained sum-product network.
arXiv Detail & Related papers (2022-10-04T08:22:37Z) - Privacy-preserving Generative Framework Against Membership Inference
Attacks [10.791983671720882]
We design a privacy-preserving generative framework against membership inference attacks.
We first map the source data to the latent space through the VAE model to get the latent code, then perform noise process satisfying metric privacy on the latent code, and finally use the VAE model to reconstruct the synthetic data.
Our experimental evaluation demonstrates that the machine learning model trained with newly generated synthetic data can effectively resist membership inference attacks and still maintain high utility.
arXiv Detail & Related papers (2022-02-11T06:13:30Z) - Distributed Machine Learning and the Semblance of Trust [66.1227776348216]
Federated Learning (FL) allows the data owner to maintain data governance and perform model training locally without having to share their data.
FL and related techniques are often described as privacy-preserving.
We explain why this term is not appropriate and outline the risks associated with over-reliance on protocols that were not designed with formal definitions of privacy in mind.
arXiv Detail & Related papers (2021-12-21T08:44:05Z) - Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks,
and Defenses [150.64470864162556]
This work systematically categorizes and discusses a wide range of dataset vulnerabilities and exploits.
In addition to describing various poisoning and backdoor threat models and the relationships among them, we develop their unified taxonomy.
arXiv Detail & Related papers (2020-12-18T22:38:47Z) - PCAL: A Privacy-preserving Intelligent Credit Risk Modeling Framework
Based on Adversarial Learning [111.19576084222345]
This paper proposes a framework of Privacy-preserving Credit risk modeling based on Adversarial Learning (PCAL)
PCAL aims to mask the private information inside the original dataset, while maintaining the important utility information for the target prediction task performance.
Results indicate that PCAL can learn an effective, privacy-free representation from user data, providing a solid foundation towards privacy-preserving machine learning for credit risk analysis.
arXiv Detail & Related papers (2020-10-06T07:04:59Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.