References & Citations
Computer Science > Cryptography and Security
Title: An Empirical Study on the Membership Inference Attack against Tabular Data Synthesis Models
(Submitted on 17 Aug 2022 (v1), last revised 25 Aug 2022 (this version, v2))
Abstract: Tabular data typically contains private and important information; thus, precautions must be taken before they are shared with others. Although several methods (e.g., differential privacy and k-anonymity) have been proposed to prevent information leakage, in recent years, tabular data synthesis models have become popular because they can well trade-off between data utility and privacy. However, recent research has shown that generative models for image data are susceptible to the membership inference attack, which can determine whether a given record was used to train a victim synthesis model. In this paper, we investigate the membership inference attack in the context of tabular data synthesis. We conduct experiments on 4 state-of-the-art tabular data synthesis models under two attack scenarios (i.e., one black-box and one white-box attack), and find that the membership inference attack can seriously jeopardize these models. We next conduct experiments to evaluate how well two popular differentially-private deep learning training algorithms, DP-SGD and DP-GAN, can protect the models against the attack. Our key finding is that both algorithms can largely alleviate this threat by sacrificing the generation quality.
Submission history
From: Jayoung Kim [view email][v1] Wed, 17 Aug 2022 07:09:08 GMT (6107kb,D)
[v2] Thu, 25 Aug 2022 07:28:50 GMT (6106kb,D)
Link back to: arXiv, form interface, contact.