Survey: Leakage and Privacy at Inference Time

Survey: Leakage and Privacy at Inference Time

Leakage of data from publicly available Machine Learning (ML) models is an area of growing significance since commercial and government applications of ML can draw on multiple sources of data, potentially including users' and clients' sensitive data. We provide a comprehensive survey of co...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on pattern analysis and machine intelligence 2023-07, Vol.45 (7), p.9090-9108
Hauptverfasser: Jegorova, Marija, Kaul, Chaitanya, Mayor, Charlie, O'Neil, Alison Q., Weir, Alexander, Murray-Smith, Roderick, Tsaftaris, Sotirios A.
Format: Artikel
Sprache:eng
Schlagworte:
adversarial defences
Computational modeling
data anonymization
Data leakage
Data models
Data privacy
feature leakage
Glass box
Inference
inference-time attacks
Leakage
Machine learning
machine unlearning
membership inference
Privacy
privacy attacks and defences
property inference
Task analysis
Taxonomy
Training
Training data
verifying forgetting
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Leakage of data from publicly available Machine Learning (ML) models is an area of growing significance since commercial and government applications of ML can draw on multiple sources of data, potentially including users' and clients' sensitive data. We provide a comprehensive survey of contemporary advances on several fronts, covering involuntary data leakage which is natural to ML models, potential malicious leakage which is caused by privacy attacks, and currently available defence mechanisms. We focus on inference-time leakage, as the most likely scenario for publicly available models. We first discuss what leakage is in the context of different data, tasks, and model architectures. We then propose a taxonomy across involuntary and malicious leakage, followed by description of currently available defences, assessment metrics, and applications. We conclude with outstanding challenges and open questions, outlining some promising directions for future research.
ISSN:0162-8828
1939-3539
2160-9292
DOI:10.1109/TPAMI.2022.3229593