BriefGPT.xyz
May, 2022
反向推断攻击防御之失败教训
Property Unlearning: A Defense Strategy Against Property Inference Attacks
HTML
PDF
Joshua Stock, Jens Wettlaufer, Daniel Demmler, Hannes Federrath
TL;DR
本文针对机器学习模型遭受的隐私攻击主题,着重研究防御隐私推断攻击的多种策略,并提出了一种基于属性遗忘的新型防御机制,研究发现属性遗忘对于特定敌手极其有效,但难以泛化,作者提出使用添加高斯噪声的处理方法可能产生更优的结果。
Abstract
During the training of
machine learning models
, they may store or "learn" more information about the training data than what is actually needed for the prediction or classification task. This is exploited by
property in
→