Netinfo Security ›› 2023, Vol. 23 ›› Issue (2): 64-75.doi: 10.3969/j.issn.1671-1122.2023.02.008

Previous Articles     Next Articles

Research on Membership Inference Attack Method Based on Double Threshold Function

CHEN Depeng, LIU Xiao, CUI Jie(), ZHONG Hong   

  1. School of Computer Science and Technology, Anhui University, Hefei 230601, China
  • Received:2022-11-21 Online:2023-02-10 Published:2023-02-28
  • Contact: CUI Jie E-mail:cuijie@ahu.edu.cn

Abstract:

The emergence of massive data and powerful computing power has brought deep learning to an unprecedented height, and its wide application in areas such as intelligent transportation and medical diagnosis has brought many conveniences to people’s daily lives. However, privacy leakage in machine learning cannot be ignored. Among them, the membership inference attack infers that whether the data sample can used in the training set of the machine learning model, thus interfering with the user’s training data. Firstly, this paper introduced the single-threshold-based membership inference attack and its characteristics, visualized the data distribution of members and non-members for different attack methods, then analyzed the internal mechanism of the successful membership inference attack, and proposed an attack model based on a double-threshold function, and systematically analyzed and compared single-threshold and double-threshold membership inference attacks through experiments, and analyzed the attack performance of threshold-based membership inference attacks on different models and different datasets. The comparative experiments on multiple groups of control variables show that the membership inference attack based on the double-threshold function has better performance on some data sets and models, and the overall performance is more stable.

Key words: deep learning, membership inference attack, privacy leak, double-threshold function

CLC Number: