• Stars
    star
    116
  • Rank 303,894 (Top 6 %)
  • Language
    Python
  • License
    MIT License
  • Created over 4 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Systematic Evaluation of Membership Inference Privacy Risks of Machine Learning Models

About

This code accompanies the paper "Systematic Evaluation of Privacy Risks of Machine Learning Models", accepted by USENIX Security 2021.

Usage

membership_inference_attacks.py contains the main membership inference attack code;
privacy_risk_score_utils.py contains the code to compute the privacy risk score for each individual sample.

In each folder, MIA_evaluate.py performs attacks against target machine learning classifiers.
If you want to further compute the privacy risk score, first import privacy_risk_score_utils.py; after initializing the attack class in MIA_evaluate.py, add risk_score = calculate_risk_score(MIA.s_tr_m_entr, MIA.s_te_m_entr, MIA.s_tr_labels, MIA.s_te_labels, MIA.t_tr_m_entr, MIA.t_tr_labels)

Impact

Our evaluation methods have been intergrated into Google's TensorFlow Privacy library, including both attack methods and the fine-grained individual privacy risk analysis.

More Repositories

1

ModelPoisoning

Code for "Analyzing Federated Learning through an Adversarial Lens" https://arxiv.org/abs/1811.12470
Python
148
star
2

SSD

SSD: A Unified Framework for Self-Supervised Outlier Detection [ICLR 2021]
Python
130
star
3

adv-patch-paper-list

A paper list for localized adversarial patch research
123
star
4

hydra

Code and checkpoints of compressed networks for the paper titled "HYDRA: Pruning Adversarially Robust Neural Networks" (NeurIPS 2020) (https://arxiv.org/abs/2002.10509).
Python
88
star
5

PatchGuard

Code for paper "PatchGuard: A Provably Robust Defense against Adversarial Patches via Small Receptive Fields and Masking"
Python
62
star
6

privacy-vs-robustness

Privacy Risks of Securing Machine Learning Models against Adversarial Examples
Python
44
star
7

advml-traffic-sign

Code for the 'DARTS: Deceiving Autonomous Cars with Toxic Signs' paper
Jupyter Notebook
35
star
8

PatchCleanser

Code for "PatchCleanser: Certifiably Robust Defense against Adversarial Patches for Any Image Classifier"
Python
34
star
9

patch-defense-leaderboard

A Leaderboard for Certifiable Robustness against Adversarial Patch Attacks
19
star
10

MVG-Mechansim

A module for the Matrix-Variate Gaussian (MVG) mechanism for differential privacy under matrix-valued query.
Python
18
star
11

unlearning-verification

verifying machine unlearning by backdooring
Python
17
star
12

DetectorGuard

Code for "DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks"
Python
14
star
13

MIAdefenseSELENA

[USENIX Security 2022] Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture
Python
13
star
14

robustness-via-transport

Python
12
star
15

OOD-Attacks

Attacks using out-of-distribution adversarial examples
Python
12
star
16

DP-RandP

[NeurIPS 2023] Differentially Private Image Classification by Learning Priors from Random Processes
Python
11
star
17

tta_risk

Python
9
star
18

ObjectSeeker

Code for "ObjectSeeker: Certifiably Robust Object Detection against Patch Hiding Attacks via Patch-agnostic Masking"
Python
9
star
19

variation-regularization

Official code for the paper "Formulating Robustness Against Unforeseen Attacks"
Jupyter Notebook
7
star
20

robust_representation_similarity

Understanding robust learning through the lens of representation similarity
Python
6
star
21

RON-Gauss

Implementation for the RON-Gauss system for non-interactive differentially-private data release.
Python
6
star
22

Rotation_BD

Code for "Just Rotate it: Deploying Backdoor Attacks via Rotation Transformation"
Python
5
star
23

sybilfuse

C++
4
star
24

comps

exploring intentional connection migration for privacy
Python
4
star
25

SICO-tools

Code for several of the tools used in the AMC CCS Paper "SICO: Surgical Interception Attacks by Manipulating BGP Communities"
Python
3
star
26

Root-ORAM

MATLAB
3
star
27

PatchCURE

Python
2
star
28

certificate-database

This is a MySQL dump backup of a database of 1.8 million certificates and corresponding BGP data from when those certificates were issued.
SQLPL
2
star
29

RobustRAG

Python
2
star
30

proxy-distributions

Official repository for our paper titled "Robust Learning Meets Generative Models: Can Proxy Distributions Improve Adversarial Robustness?"
1
star
31

advml_website

HTML
1
star
32

CA-vantage-point-selection

An algorithm designed to select best vantage points for use by CAs.
Python
1
star
33

Counter-Raptor-Tor-Client

C
1
star
34

PinMe

This is the repo for the project, known as PinMe, http://arsalanmosenia.com/papers/Pinme_preprint.pdf
Python
1
star
35

routing-aware-dns

A program to resolve DNS based on BGP route age.
Python
1
star
36

BGP-age-false-positive-study

This repository is designed to compute the false positives of various age-based BGP monitoring systems for use by certificate authorities.
Python
1
star
37

quicstep

Python
1
star
38

LinkMirage

LinkMirage
Python
1
star
39

LabelDP

[PETS 2022] Machine Learning with Differentially Private Labels: Mechanisms and Frameworks
Python
1
star