PANORAMIA: Privacy Auditing of Machine Learning Models without Retraining

Kazmi, Mishaal, Lautraite, Hadrien, Akbari, Alireza, Soroco, Mauricio, Tang, Qiaoyue, Wang, Tao, Gambs, Sébastien, Lécuyer, Mathias

Feb-12-2024–arXiv.org Artificial Intelligence

We introduce a privacy auditing scheme for ML models that relies on membership inference attacks using generated data as "non-members". This scheme, which we call PANORAMIA, quantifies the privacy leakage for large-scale ML models without control of the training process or model re-training and only requires access to a subset of the training data. To demonstrate its applicability, we evaluate our auditing scheme across multiple ML domains, ranging from image and tabular data classification to large-scale language models.

baseline, panoramia, target model, (14 more...)

arXiv.org Artificial Intelligence

Feb-12-2024

arXiv.org PDF

Add feedback

Country:
- North America
  - Canada
    - British Columbia > Metro Vancouver Regional District
      - Burnaby (0.04)
      - Vancouver (0.04)
    - Ontario > Toronto (0.04)
    - Quebec > Montreal (0.04)
  - United States (0.04)

Genre:
- Research Report > New Finding (0.93)

Industry:
- Information Technology > Security & Privacy (1.00)

Technology:
- Information Technology > Artificial Intelligence > Machine Learning > Neural Networks > Deep Learning (0.70)