CalvinBackup/awesome-ml-privacy-attacks

mirror of https://github.com/stratosphereips/awesome-ml-privacy-attacks.git synced 2025-12-15 22:59:39 +00:00

Go to file

Maria Rigaki 8e2dc3db03 Added two more papers

2020-07-09 12:26:04 +02:00

README.md

Added two more papers

2020-07-09 12:26:04 +02:00

README.md

Awesome atacks on ML privacy

This repository contains a curated list of papers related to privacy attacks against machine learning. A code repository is provided when available. For corections, suggestions and missing papers, please either open an issue or submit a pull request.

Table of Contents

Surveys and Overviews
Papers

Surveys and Overviews

An Overview of Privacy in Machine Learning (De Cristofaro, 2020)
A Survey of Privacy Attacks in Machine Learning (Rigaki and Garcia, 2020)

Papers and Code

Membership inference

Membership inference attacks against machine learning models (Shokri et al., 2017) (code)
Understanding membership inferences on well-generalized learning models(Long et al., 2018)
Privacy risk in machine learning:Analyzing the connection to overfitting, (Yeom et al., 2018) (code)
Membership inference attack against differentially private deep learning model (Rahman ett al., 2018)
Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning. (Nasr et al., 2019) (code)
Logan: Membership inference attacks against generative models. (Hayes et al. 2019) (code)
Evaluating differentially private machine learning in practice (Jayaraman and Evans, 2019) (code)
Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models (Salem et al., 2019) (code)
Privacy risks of securing machine learning models against adversarial examples (Song L. et al., 2019) (code)
White-box vs Black-box: Bayes Optimal Strategies for Membership Inference (Sablayrolles etal., 2019)
Privacy risks of explaining machine learning models (Shokri et al., 2019)
Demystifying membership inference attacks in machine learning as a service (Truex et al., 2019)
Monte carlo and reconstruction membership inference attacks against generative models (Hilprecht et al., 2019)
MemGuard: Defending against Black-Box Membership Inference Attacks via Adversarial Examples (Jia et al., 2019) (code)
Gan-leaks: A taxonomy of membership inference attacks against gans (Chen,et al., 2019))
Auditing Data Provenance in Text-Generation Models (Song and Shmatikov, 2019)
Membership Inference Attacks on Sequence-to-Sequence Models: Is My Data In Your Machine Translation System? (Hisamoto et al., 2020)
Revisiting Membership InferenceUnder Realistic Assumptions (Jayaraman et al., 2020)

Reconstruction

Reconstruction attacks cover also attacks known as model inversion and attribute inference.

Privacy in pharmacogenetics: An end-to-end case study of personalized warfarin dosing (Fredrikson et al., 2014)
Model inversion attacks that exploit confidence information and basic countermeasures (Fredrikson et al., 2015) (code)
A methodology for formalizing model-inversion attacks (Wu et al., 2016)
Deep models under the gan: Information leakage from collaborative deep learning (Hitaj et al., 2017)
Machine learning models that remember too much (Song, C. et al., 2017) (code)
Model inversion attacks for prediction systems: Without knowledge of non-sensitive attributes (Hidano et al., 2017)
The secret sharer: Evaluating and testing unintended memorization in neural networks (Carlini et al., 2019)
Deep leakage from gradients (Zhu et al., 2019) (code)
Model inversion attacks against collaborative inference (He et al., 2019) (code)
Beyond Inferring Class Representatives: User-Level Privacy Leakage From Federated Learning (Wang et al., 2019)
Neural network inversion in adversarial setting via background knowledge alignment (Yang et al., 2019)
iDLG: Improved Deep Leakage from Gradients (Zhao et al., 2020) (code)
Privacy Risks of General-Purpose Language Models (Pan et al., 2020)
The secret revealer: generative model-inversion attacks against deep neural networks) (link (Zhang et al., 2020)
Inverting Gradients - How easy is it to break privacy in federated learning? (Geiping et al., 2020)

Property inference

Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers (Ateniese et al., 2015)
Property inference attacks on fully connected neural networks using permutation invariant representations (Ganju et al., 2018)
Exploiting unintended feature leakage in collaborative learning (Melis et al., 2019) (code)
Overlearning Reveals Sensitive Attributes (Song C. et al., 2020) (code)

Model extraction

Stealing machine learning models via prediction apis (Tramèr et al., 2016) (code)
Stealing hyperparameters in machine learning(Wang B. et al., 2018)
Copycat CNN: Stealing Knowledge by Persuading Confession with Random Non-Labeled Data (Correia-Silva et al., 2018) (code)
Towards reverse-engineering black-box neural networks.(Oh et al., 2018) (code)
Knockoff nets: Stealing functionality of black-box models (Orekondy et al., 2019) (code)
PRADA: protecting against DNN model stealing attacks (juuti et al., 2019) (code)
Model Reconstruction from Model Explanations (Milli et al., 2019)
Exploring connections between active learning and model extraction (Chandrasekaran et al., 2020)
High Accuracy and High Fidelity Extraction of Neural Networks (Jagielski et al., 2020)
Thieves on Sesame Street! Model Extraction of BERT-based APIs (Krishna et al., 2020) (code)