Umeå universitets logga

umu.sePublikationer
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Data reconstruction attack against principal component analysis
Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.
Umeå universitet, Teknisk-naturvetenskapliga fakulteten, Institutionen för datavetenskap.ORCID-id: 0000-0002-0368-8037
2023 (Engelska)Ingår i: Security and Privacy in Social Networks and Big Data: 9th International Symposium, SocialSec 2023, Canterbury, UK, August 14–16, 2023 / [ed] Budi Arief; Anna Monreale; Michael Sirivianos; Shujun Li, Springer Science+Business Media B.V., 2023, s. 79-92Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Attacking machine learning models is one of the many ways to measure the privacy of machine learning models. Therefore, studying the performance of attacks against machine learning techniques is essential to know whether somebody can share information about machine learning models, and if shared, how much can be shared? In this work, we investigate one of the widely used dimensionality reduction techniques Principal Component Analysis (PCA). We refer to a recent paper that shows how to attack PCA using a Membership Inference Attack (MIA). When using membership inference attacks against PCA, the adversary gets access to some of the principal components and wants to determine if a particular record was used to compute those principal components. We assume that the adversary knows the distribution of training data, which is a reasonable and useful assumption for a membership inference attack. With this assumption, we show that the adversary can make a data reconstruction attack, which is a more severe attack than the membership attack. For a protection mechanism, we propose that the data guardian first generate synthetic data and then compute the principal components. We also compare our proposed approach with Differentially Private Principal Component Analysis (DPPCA). The experimental findings show the degree to which the adversary successfully attempted to recover the users’ original data. We obtained comparable results with DPPCA. The number of principal components the attacker intercepted affects the attack’s outcome. Therefore, our work aims to answer how much information about machine learning models is safe to disclose while protecting users’ privacy.

Ort, förlag, år, upplaga, sidor
Springer Science+Business Media B.V., 2023. s. 79-92
Serie
Lecture Notes in Computer Science, ISSN 03029743, E-ISSN 16113349 ; 14097
Nyckelord [en]
Data reconstruction attack, Generative Adversarial Networks, Membership Inference Attack, Principal Component Analysis, Privacy
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
URN: urn:nbn:se:umu:diva-214976DOI: 10.1007/978-981-99-5177-2_5Scopus ID: 2-s2.0-85172275690ISBN: 9789819951765 (tryckt)ISBN: 978-981-99-5177-2 (digital)OAI: oai:DiVA.org:umu-214976DiVA, id: diva2:1805147
Konferens
9th International Symposium, SocialSec 2023, Canterbury, UK, August 14–16, 2023.
Tillgänglig från: 2023-10-16 Skapad: 2023-10-16 Senast uppdaterad: 2023-10-16Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Person

Kwatra, SaloniTorra, Vicenç

Sök vidare i DiVA

Av författaren/redaktören
Kwatra, SaloniTorra, Vicenç
Av organisationen
Institutionen för datavetenskap
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 109 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf