Enhancing Privacy in Machine Learning: A Robust Approach for Preventing Attribute Inference Attacks

Myria Bouhaddi; Kamel Adi

doi:10.5220/0012768700003767

Enhancing Privacy in Machine Learning: A Robust Approach for Preventing Attribute Inference Attacks

Myria Bouhaddi, Kamel Adi

2024

Abstract

Machine learning (ML) models, widely used in sectors like healthcare, finance, and smart city development, face significant privacy risks due to their use of crowdsourced data containing sensitive information. These models are particularly susceptible to attribute inference attacks, where adversaries use model predictions and public or acquired metadata to uncover sensitive attributes such as locations or political affiliations. In response, our study proposes a novel, two-phased defense mechanism designed to efficiently balance data utility with privacy. Initially, our approach identifies the minimal level of noise needed in the prediction score to thwart an adversary’s classifier. This threshold is determined using adversarial ML techniques. We then enhance privacy by injecting noise based on a probability distribution derived from a constrained convex optimization problem. To validate the effectiveness of our privacy mechanism, we conducted extensive experiments using real-world datasets. Our results indicate that our defense model significantly outperforms existing methods, and additionally demonstrates its adaptability to various data types.

Download

Paper Citation

in Harvard Style

Bouhaddi M. and Adi K. (2024). Enhancing Privacy in Machine Learning: A Robust Approach for Preventing Attribute Inference Attacks. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 224-236. DOI: 10.5220/0012768700003767

in Bibtex Style

@conference{secrypt24,
author={Myria Bouhaddi and Kamel Adi},
title={Enhancing Privacy in Machine Learning: A Robust Approach for Preventing Attribute Inference Attacks},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={224-236},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012768700003767},
isbn={978-989-758-709-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Enhancing Privacy in Machine Learning: A Robust Approach for Preventing Attribute Inference Attacks
SN - 978-989-758-709-2
AU - Bouhaddi M.
AU - Adi K.
PY - 2024
SP - 224
EP - 236
DO - 10.5220/0012768700003767
PB - SciTePress