nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Privacy Attacks and Defenses in Machine Learning: A Survey

verfasst von : Wei Liu, Xun Han, Meiling He

Erschienen in: Proceedings of the 13th International Conference on Computer Engineering and Networks

Verlag: Springer Nature Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As machine learning has gradually become an important technology in the field of artificial intelligence, its development is also facing challenges in terms of privacy. This article aims to summarize the attack methods and defense strategies for machine learning models in recent years. Attack methods include embedding inversion attack, attribute inference attack, membership inference attack and model extraction attack, etc. Defense measures include but are not limited to homomorphic encryption, adversarial training, differential privacy, secure multi-party computation, etc., focusing on the analysis of privacy protection issues in machine learning, and providing certain references and references for related research.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Snowflake Anonymous Network Traffic Identification

Nächstes Kapitel Metaverse Security and Forensic Research

Akhtar, N., Mian, A.: Threat of adversarial attacks on deep learning in computer vision: a survey. IEEE Access 6, 14410–14430 (2018)CrossRef

Amodei, D., Olah, C., Steinhardt, J., Christiano, P., Schulman, J., Mané, D.: Concrete problems in ai safety (2016). arXiv:1606.06565

Arumugam, K., Naved, M., Shinde, P.P., Leiva-Chauca, O., Huaman-Osorio, A., Gonzales-Yanac, T.: Multiple disease prediction using machine learning algorithms. Mater. Today Proc. 80, 3682–3685 (2023)CrossRef

Bae, H., Jang, J., Jung, D., Jang, H., Ha, H., Lee, H., Yoon, S.: Security and privacy issues in deep learning (2018). arXiv:1807.11655

Barreno, M., Nelson, B., Joseph, A.D., Tygar, J.D.: The security of machine learning. Mach. Learn. 81, 121–148 (2010)MathSciNetCrossRef

Braun, L., Huppert, M., Khayata, N., Schneider, T., Tkachenko, O.: Fuse–flexible file format and intermediate representation for secure multi-party computation. Cryptology ePrint Archive (2023)

Doan, T.V.T., Messai, M.L., Gavin, G., Darmont, J.: A survey on implementations of homomorphic encryption schemes. J. Supercomput. 1–42 (2023)

Fan, C., Jia, P., Lin, M., Wei, L., Guo, P., Zhao, X., Liu, X.: Cloud-assisted private set intersection via multi-key fully homomorphic encryption. Mathematics 11(8), 1784 (2023)CrossRef

Feldman, V., McMillan, A., Talwar, K.: Stronger privacy amplification by shuffling for rényi and approximate differential privacy. In: Proceedings of the 2023 Annual ACM-SIAM Symposium on Discrete Algorithms (SODA), pp. 4966–4981. SIAM (2023)

10.

Flores Fernández, A., Sánchez Morales, E., Botsch, M., Facchi, C., García Higuera, A.: Generation of correction data for autonomous driving by means of machine learning and on-board diagnostics. Sensors 23(1), 159 (2023)CrossRef

11.

Gao, C., Yu, J.: Securerc: a system for privacy-preserving relation classification using secure multi-party computation. Comput. Secur. 128, 103, 142 (2023)

12.

Gong, X., Wang, Q., Chen, Y., Yang, W., Jiang, X.: Model extraction attacks and defenses on cloud-based machine learning models. IEEE Commun. Mag. 58(12), 83–89 (2020)CrossRef

13.

Haug, C.J., Drazen, J.M.: Artificial intelligence and machine learning in clinical medicine, 2023. N. Engl. J. Med. 388(13), 1201–1208 (2023)CrossRef

14.

Hayet, I., Yao, Z., Luo, B.: Invernet: An inversion attack framework to infer fine-tuning datasets through word embeddings. In: Findings of the Association for Computational Linguistics: EMNLP 2022, pp. 5009–5018 (2022)

15.

Hu, H., Salcic, Z., Sun, L., Dobbie, G., Yu, P.S., Zhang, X.: Membership inference attacks on machine learning: a survey. ACM Comput. Surv. (CSUR) 54(11s), 1–37 (2022)CrossRef

16.

Jagielski, M., Carlini, N., Berthelot, D., Kurakin, A., Papernot, N.: High accuracy and high fidelity extraction of neural networks. In: Proceedings of the 29th USENIX Conference on Security Symposium, pp. 1345–1362 (2020)

17.

Jain, N., Pal, S.K., Upadhyay, D.K.: Implementation and analysis of homomorphic encryption schemes. Int. J. Cryptogr. Inf. Secur. (IJCIS) 2(2), 27–44 (2012)

18.

Ji, S., Du, T., Li, J., Shen, C., Li, B.: Security and privacy of machine learning models: a survey. Ruan Jian Xue Bao/J. Softw. 32(1), 41–67 (2021)

19.

Jia, J., Gong, N.Z.: Attriguard: A practical defense against attribute inference attacks via adversarial machine learning. In: 27th \(\{\)USENIX\(\}\) security symposium (\(\{\)USENIX\(\}\) security 18), pp. 513–529 (2018)

20.

Kamal, A.A.A.M., Iwamura, K.: Privacy preserving multi-party multiplication of polynomials based on (k, n) threshold secret sharing. ICT Express (2023)

21.

Li, F., Chen, T., Zhu, S.: A (t, n) threshold quantum secret sharing scheme with fairness. Int. J. Theor. Phys. 62(6), 119 (2023)MathSciNetCrossRef

22.

Li, M., Tian, Z., Du, X., Yuan, X., Shan, C., Guizani, M.: Power normalized cepstral robust features of deep neural networks in a cloud computing data privacy protection scheme. Neurocomputing 518, 165–173 (2023)CrossRef

23.

Li, Y., Wang, R., Li, Y., Zhang, M., Long, C.: Wind power forecasting considering data privacy protection: A federated deep reinforcement learning approach. Appl. Energy 329, 120, 291 (2023)

24.

Lin, T.H., Lee, Y.S., Chang, F.C., Chang, J.M., Wu, P.Y.: Protecting sensitive attributes by adversarial training through class-overlapping techniques. IEEE Trans. Inf. Forensics Secur. (2023)

25.

Liu, J., Lau, C.P., Chellappa, R.: Diffprotect: generate adversarial examples with diffusion models for facial privacy protection (2023). arXiv:2305.13625

26.

Liu, X., Tu, X.F., Luo, D., Xu, G., Xiong, N.N., Chen, X.B.: Secure multi-party computation of graphs’ intersection and union under the malicious model. Electronics 12(2), 258 (2023)CrossRef

27.

Liu, Y., Feng, Q., Peng, C., Luo, M., He, D.: Asymmetric secure multi-party signing protocol for the identity-based signature scheme in the IEEE p1363 standard for public key cryptography. In: Emerging Information Security and Applications: Third International Conference, EISA 2022, Wuhan, China, October 29–30, 2022, Proceedings, pp. 1–20. Springer (2023)

28.

Liu, Y., Wen, R., He, X., Salem, A., Zhang, Z., Backes, M., De Cristofaro, E., Fritz, M., Zhang, Y.: \(\{\)ML-Doctor\(\}\): Holistic risk assessment of inference attacks against machine learning models. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 4525–4542 (2022)

29.

Luo, X., Chen, Z., Tao, M., Yang, F.: Encrypted semantic communication using adversarial training for privacy preserving. IEEE Commun. Lett. (2023)

30.

Mahesh, B.: Machine learning algorithms-a review. Int. J. Sci. Res. (IJSR). [Internet] 9, 381–386 (2020)

31.

Moerland, T.M., Broekens, J., Plaat, A., Jonker, C.M., et al.: Model-based reinforcement learning: a survey. Found. Trends® Mach. Learn. 16(1), 1–118 (2023)

32.

Ning, X., Tian, W., He, F., Bai, X., Sun, L., Li, W.: Hyper-sausage coverage function neuron model and learning algorithm for image classification. Pattern Recognit. 136, 109, 216 (2023)

33.

Nouman, M., Qasim, U., Nasir, H., Almasoud, A., Imran, M., Javaid, N.: Malicious node detection using machine learning and distributed data storage using blockchain in wsns. IEEE Access (2023)

34.

Papernot, N., McDaniel, P., Sinha, A., Wellman, M.: Towards the science of security and privacy in machine learning (2016). arXiv:1611.03814

35.

Papernot, N., McDaniel, P., Sinha, A., Wellman, M.P.: Sok: security and privacy in machine learning. In: 2018 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 399–414. IEEE (2018)

36.

Pawase, A.D., Mandage, V.T., Panchal, S.S., Patil, S.Y., Deokar, P.: A shop recommendation system to empower retailers using machine learning

37.

Rashid, K., Saeed, Y., Ali, A., Jamil, F., Alkanhel, R., Muthanna, A.: An adaptive real-time malicious node detection framework using machine learning in vehicular ad-hoc networks (vanets). Sensors 23(5), 2594 (2023)CrossRef

38.

Salem, A., Zhang, Y., Humbert, M., Berrang, P., Fritz, M., Backes, M.: Ml-leaks: model and data independent membership inference attacks and defenses on machine learning models (2018). arXiv:1806.01246

39.

Salih, A., Zeebaree, S.T., Ameen, S., Alkhyyat, A., Shukur, H.M.: A survey on the role of artificial intelligence, machine learning and deep learning for cybersecurity attack detection. In: 2021 7th International Engineering Conference “Research & Innovation amid Global Pandemic” (IEC), pp. 61–66. IEEE (2021)

40.

Sen, J.: Homomorphic encryption-theory and application. In: Theory and Practice of Cryptography and Network Security Protocols and Technologies, vol. 31 (2013)

41.

Sharifani, K., Amini, M.: Machine learning and deep learning: a review of methods and applications. World Inf. Technol. Eng. J. 10(07), 3897–3904 (2023)

42.

Song, C., Huang, R.: Secure convolution neural network inference based on homomorphic encryption. Appl. Sci. 13(10), 6117 (2023)CrossRef

43.

Sun, S., Huang, H., Peng, T., Shen, C., Wang, D.: A data privacy protection diagnosis framework for multiple machines vibration signals based on a swarm learning algorithm. IEEE Trans. Instrum. Meas. 72, 1–9 (2023)

44.

Truex, S., Liu, L., Gursoy, M.E., Yu, L., Wei, W.: Towards demystifying membership inference attacks (2018). arXiv:1807.09173

45.

Venkateswar, K.: Using Amazon Sagemaker to Operationalize Machine Learning. Santa Clara, CA. USENIX Association (2019)

46.

Weng, Z., Qin, Z., Tao, X., Pan, C., Liu, G., Li, G.Y.: Deep learning enabled semantic communications with speech recognition and synthesis. IEEE Trans. Wirel. Commun. (2023)

47.

Wu, J., Huang, Z., Hu, Z., Lv, C.: Toward human-in-the-loop ai: enhancing deep reinforcement learning via real-time human guidance for autonomous driving. Engineering 21, 75–91 (2023)CrossRef

48.

Xin, J., Lyu, X., Ma, J.: Natural backdoor attacks on speech recognition models. In: Machine Learning for Cyber Security: 4th International Conference, ML4CS 2022, Guangzhou, China, December 2–4, 2022, Proceedings, Part I, pp. 597–610. Springer (2023)

49.

Xu, M., Yoon, S., Fuentes, A., Park, D.S.: A comprehensive survey of image augmentation techniques for deep learning. Pattern Recognit. 109347 (2023)

50.

Xu, Q., He, X., Lyu, L., Qu, L., Haffari, G.: Beyond model extraction: imitation attack for black-box nlp apis. arXiv e-prints pp. arXiv–2108 (2021)

51.

Ye, J., Maddi, A., Murakonda, S.K., Bindschaedler, V., Shokri, R.: Enhanced membership inference attacks against machine learning models. In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 3093–3106 (2022)

52.

Yi, T., Chen, X., Zhu, Y., Ge, W., Han, Z.: Review on the application of deep learning in network attack detection. J. Netw. Comput. Appl. 212, 103,580 (2023)

53.

Yu, Y., Li, Z., Tu, Y., Yuan, Y., Li, Y., Pang, Z.: Blockchain-based distributed identity cryptography key management. In: 2023 15th International Conference on Computer Research and Development (ICCRD), pp. 236–240. IEEE (2023)

54.

Zhang, J., Tian, H., Xiong, K., Tang, Y.L., Yang, L.: Fair multi-party private set intersection protocol based on cloud server. J. Comput. Appl. 0 (2023)

55.

Zhao, B.Z.H., Agrawal, A., Coburn, C., Asghar, H.J., Bhaskar, R., Kaafar, M.A., Webb, D., Dickinson, P.: On the (in) feasibility of attribute inference attacks on machine learning models. In: 2021 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 232–251. IEEE (2021)

56.

Zheng, R., Qu, L., Cui, B., Shi, Y., Yin, H.: Automl for deep recommender systems: a survey. ACM Trans. Inf. Syst. (2023)

Titel: Privacy Attacks and Defenses in Machine Learning: A Survey
verfasst von: Wei Liu
Xun Han
Meiling He
Verlag: Springer Nature Singapore
Buch: Proceedings of the 13th International Conference on Computer Engineering and Networks
Print ISBN: 978-981-9992-46-1

Electronic ISBN: 978-981-9992-47-8

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-981-99-9247-8_41

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"