Corpus ID: 231583084

Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning

@article{Nasr2021AdversaryIL,
  title={Adversary Instantiation: Lower Bounds for Differentially Private Machine Learning},
  author={Milad Nasr and Shuang Song and Abhradeep Thakurta and Nicolas Papernot and Nicholas Carlini},
  journal={ArXiv},
  year={2021},
  volume={abs/2101.04535}
}

Milad Nasr, Shuang Song, +2 authors Nicholas Carlini
Published 2021
Computer Science
ArXiv

Differentially private (DP) machine learning allows us to train models on private data while limiting data leakage. DP formalizes this data leakage through a cryptographic game, where an adversary must predict if a model was trained on a dataset D, or a dataset D′ that differs in just one example. If observing the training algorithm does not meaningfully increase the adversary’s odds of successfully guessing which dataset the model was trained on, then the algorithm is said to be differentially… Expand

View PDF on arXiv

Share This Paper

4 Citations

Background Citations

1

Figures and Tables from this paper

Membership Inference Attacks on Machine Learning: A Survey

H. Hu, Z. Salcic, G. Dobbie, Xuyun Zhang
Computer Science
ArXiv
2021

PDF

Practical and Private (Deep) Learning without Sampling or Shuffling

P. Kairouz, B. McMahan, Shuang Song, Om Thakkar, Abhradeep Thakurta, Z. Xu
Computer Science
ArXiv
2021

PDF

ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models

Yugeng Liu, Rui Wen, +6 authors Yang Zhang
Computer Science, Mathematics
ArXiv
2021

1
PDF

The Distributed Discrete Gaussian Mechanism for Federated Learning with Secure Aggregation

P. Kairouz, Ziyu Liu, T. Steinke
Computer Science, Mathematics
ArXiv
2021

PDF

References

SHOWING 1-10 OF 57 REFERENCES

SORT BY

Evaluating Differentially Private Machine Learning in Practice

Bargav Jayaraman, D. Evans
Computer Science
USENIX Security Symposium
2019

107
PDF

Membership Inference Attacks Against Machine Learning Models

R. Shokri, Marco Stronati, Congzheng Song, Vitaly Shmatikov
Computer Science, Mathematics
2017 IEEE Symposium on Security and Privacy (SP)
2017

978
PDF

Exploiting Unintended Feature Leakage in Collaborative Learning

Luca Melis, Congzheng Song, Emiliano De Cristofaro, Vitaly Shmatikov
Computer Science
2019 IEEE Symposium on Security and Privacy (SP)
2019

277
PDF

Differentially Private Empirical Risk Minimization

K. Chaudhuri, C. Monteleoni, A. Sarwate
Computer Science, Medicine
J. Mach. Learn. Res.
2011

826
PDF

Auditing Differentially Private Machine Learning: How Private is Private SGD?

M. Jagielski, Jonathan R. Ullman, Alina Oprea
Computer Science, Business
NeurIPS
2020

14
Highly Influential
PDF

Label-Only Membership Inference Attacks

Christopher A. Choquette-Choo, Florian Tramèr, Nicholas Carlini, Nicolas Papernot
Computer Science, Mathematics
ArXiv
2020

13
PDF

Scalable Private Learning with PATE

Nicolas Papernot, Shuang Song, Ilya Mironov, A. Raghunathan, Kunal Talwar, Ú. Erlingsson
Computer Science, Mathematics
ICLR
2018

203
PDF

Towards Practical Differentially Private Convex Optimization

Roger Iyengar, Joseph P. Near, D. Song, O. Thakkar, Abhradeep Thakurta, Lun Wang
Computer Science
2019 IEEE Symposium on Security and Privacy (SP)
2019

49
PDF

Private Empirical Risk Minimization: Efficient Algorithms and Tight Error Bounds

Raef Bassily, A. D. Smith, Abhradeep Thakurta
Mathematics, Computer Science
2014 IEEE 55th Annual Symposium on Foundations of Computer Science
2014

392
Highly Influential
PDF

Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning

Milad Nasr, R. Shokri, A. Houmansadr
Computer Science, Mathematics
2019 IEEE Symposium on Security and Privacy (SP)
2019

187
PDF