BriefGPT.xyz
Jan, 2024
差分隐私与对抗鲁棒机器学习:实证评估
Differentially Private and Adversarially Robust Machine Learning: An Empirical Evaluation
HTML
PDF
Janvi Thakkar, Giulio Zizzo, Sergio Maffeis
TL;DR
使用敌对训练和差分隐私训练的组合,本研究探讨了针对同时攻击的防御方法。通过使用成员推断攻击来基准测试DP-Adv技术的性能,并实证显示该方法的隐私性与非鲁棒私有模型相当。此外,该研究还强调了在动态训练范式中探索隐私保证的需求。
Abstract
Malicious adversaries can attack
machine learning models
to infer sensitive information or damage the system by launching a series of
evasion attacks
. Although various work addresses privacy and security concerns
→