Lessons Learned: Defending Against Property Inference Attacks

Joshua Stock; Jens Wettlaufer; Daniel Demmler; Hannes Federrath

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Lessons Learned: Defending Against Property Inference Attacks

Topics: Machine Learning and AI Security; Privacy Enhancing Technologies

In Proceedings of the 20th International Conference on Security and Cryptography SECRYPT - Volume 1, 312-323, 2023 , Rome, Italy

Authors: Joshua Stock ¹ ; Jens Wettlaufer ² ; Daniel Demmler ¹ and Hannes Federrath ¹

Affiliations: ¹ Security in Distributed Systems, Universität Hamburg, Germany ; ² Institute of Electrical and Electronics Engineers (IEEE), U.S.A.

Keyword(s): Machine Learning, Privacy Attacks, Property Inference, Defense Mechanisms, Adversarial Training.

Abstract: This work investigates and evaluates defense strategies against property inference attacks (PIAs), a privacy attack against machine learning models. While for other privacy attacks like membership inference, a lot of research on defense mechanisms has been published, this is the first work focusing on defending against PIAs. One of the mitigation strategies we test in this paper is a novel proposal called property unlearning. Extensive experiments show that while this technique is very effective when defending against specific adversaries, it is not able to generalize, i.e., protect against a whole class of PIAs. To investigate the reasons behind this limitation, we present the results of experiments with the explainable AI tool LIME and the visualization technique t-SNE. These show how ubiquitous statistical properties of training data are in the parameters of a trained machine learning model. Hence, we develop the conjecture that post-training techniques like property unlearning mi ght not suffice to provide the desirable generic protection against PIAs. We conclude with a discussion of different defense approaches, a summary of the lessons learned and directions for future work. (More)

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.144.93.14

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Stock, J.; Wettlaufer, J.; Demmler, D. and Federrath, H. (2023). Lessons Learned: Defending Against Property Inference Attacks. In Proceedings of the 20th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-666-8; ISSN 2184-7711, SciTePress, pages 312-323. DOI: 10.5220/0012049200003555

@conference{secrypt23,
author={Joshua Stock. and Jens Wettlaufer. and Daniel Demmler. and Hannes Federrath.},
title={Lessons Learned: Defending Against Property Inference Attacks},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - SECRYPT},
year={2023},
pages={312-323},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012049200003555},
isbn={978-989-758-666-8},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - SECRYPT
TI - Lessons Learned: Defending Against Property Inference Attacks
SN - 978-989-758-666-8
IS - 2184-7711
AU - Stock, J.
AU - Wettlaufer, J.
AU - Demmler, D.
AU - Federrath, H.
PY - 2023
SP - 312
EP - 323
DO - 10.5220/0012049200003555
PB - SciTePress