@inproceedings{04d1645373af43188ec4ed52a613cf4e,
title = "Membership Inference Attack Using Self Influence Functions",
abstract = "Member inference (MI) attacks aim to determine if a specific data sample was used to train a machine learning model. Thus, MI is a major privacy threat to models trained on private sensitive data, such as medical records. In MI attacks one may consider the black-box settings, where the model's parameters and activations are hidden from the adversary, or the white-box case where they are available to the attacker. In this work, we focus on the latter and present a novel MI attack for it that employs influence functions, or more specifically the samples' self-influence scores, to perform MI prediction. The proposed method is evaluated on CIFAR-10, CIFAR-100, and Tiny ImageNet datasets using various architectures such as AlexNet, ResNet, and DenseNet. Our new attack method achieves new state-of-the-art (SOTA) results for MI even with limited adversarial knowledge, and is effective against MI defense methods such as data augmentation and differential privacy. Our code is available at https://github.com/giladcohen/sif-mi-attack.",
keywords = "Algorithms, Explainable, accountable, ethical computer vision, fair, privacy-preserving",
author = "Gilad Cohen and Raja Giryes",
note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 2024 IEEE Winter Conference on Applications of Computer Vision, WACV 2024 ; Conference date: 04-01-2024 Through 08-01-2024",
year = "2024",
month = jan,
day = "3",
doi = "https://doi.org/10.1109/WACV57701.2024.00482",
language = "الإنجليزيّة",
series = "Proceedings - 2024 IEEE Winter Conference on Applications of Computer Vision, WACV 2024",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "4880--4889",
booktitle = "Proceedings - 2024 IEEE Winter Conference on Applications of Computer Vision, WACV 2024",
address = "الولايات المتّحدة",
}