Machine learning deployment on edge devices has faced challenges such as computational costs and privacy issues. Membership inference attack (MIA) refers to the attack where the adversary aims to infer whether a data sample belongs to the training set. In other words, user data privacy might be compromised by MIA from a well-trained model. Therefore, it is vital to have defense mechanisms in place to protect training data, especially in privacy-sensitive applications such as healthcare. This paper exploits the implications of quantization on privacy leakage and proposes a novel quantization method that enhances the resistance of a neural network against MIA. Recent studies have shown that model quantization leads to resistance against membership inference attacks. Existing quantization approaches primarily prioritize performance and energy efficiency; we propose a quantization framework with the main objective of boosting the resistance against membership inference attacks. Unlike conventional quantization methods whose primary objectives are compression or increased speed, our proposed quantization aims to provide defense against MIA. We evaluate the effectiveness of our methods on various popular benchmark datasets and model architectures. All popular evaluation metrics, including precision, recall, and F1-score, show improvement when compared to the full bitwidth model. For example, for ResNet on Cifar10, our experimental results show that our algorithm can reduce the attack accuracy of MIA by 14%, the true positive rate by 37%, and F1-score of members by 39% compared to the full bitwidth network. Here, reduction in true positive rate means the attacker will not be able to identify the training dataset members, which is the main goal of the MIA.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC10538103 | PMC |
| http://dx.doi.org/10.3390/s23187722 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
The nonlinear regression trees for retrieving missed data during sea-level measurement.
J Environ Manage
December 2024
Institute of Hydro-Engineering, Polish Academy of Sciences, Poland. Electronic address:
Sea surface displacement (SSD) is a crucial parameter in environmental engineering. The measurements of SSD are susceptible to the failure of instruments and equipment, data losses, and other unpredictable events. In this study, we developed an innovative nonlinear regression trees (NRT) technique to retrieve the missing data of SSD.
View Article and Find Full Text PDFA boundedly rational model for category learning.
Front Psychol
December 2024
Department of Psychology, University of Oregon, Eugene, OR, United States.
The computational modeling of category learning is typically evaluated in terms of the model's accuracy. For a model to accurately infer category membership of stimuli, it has to have sufficient representational precision. Thus, many category learning models infer category representations that guide decision-making and the model's fitness is evaluated by its ability to accurately choose.
View Article and Find Full Text PDFDeveloping and testing a new Ecological Quality Status index based on marine nematode metabarcoding: A proof of concept.
Chemosphere
December 2024
ID-Gene Ecodiagnostics, Chemin Du Pont-du-Centenaire 109, 1228, Plan-les-Ouates, Switzerland; Institute of Oceanology, Polish Academy of Sciences, Powstancow Warszawy 55, 81-712, Sopot, Poland. Electronic address:
Nematodes are the most diverse and dominant group of marine meiofauna with high potential as bioindicators of the ecological quality status (EcoQS). The present study explores, for the first time, the applicability of the nematode metabarcoding to infer EcoQS index based on the calibration of ecological behaviors of nematodes Amplicon Sequence Variants (ASVs). To achieve this, we analyzed the nematode community in sediment eDNA samples collected in 2018 and 2021 in areas around three offshore oil platforms in the Danish west coast of the North Sea.
View Article and Find Full Text PDFDissecting gene expression heterogeneity: generalized Pearson correlation squares and the -lines clustering algorithm.
J Am Stat Assoc
May 2024
Department of Data Sciences and Operations, University of Southern California.
Motivated by the pressing needs for dissecting heterogeneous relationships in gene expression data, here we generalize the squared Pearson correlation to capture a mixture of linear dependences between two real-valued variables, with or without an index variable that specifies the line memberships. We construct the generalized Pearson correlation squares by focusing on three aspects: variable exchangeability, no parametric model assumptions, and inference of population-level parameters. To compute the generalized Pearson correlation square from a sample without a line-membership specification, we develop a -lines clustering algorithm to find clusters that exhibit distinct linear dependences, where can be chosen in a data-adaptive way.
View Article and Find Full Text PDFA Bayesian framework for causal analysis of recurrent events with timing misalignment.
Biometrics
October 2024
Department of Health Services, Policy, and Practice, Brown University, Providence, RI 02903, United States.
Observational studies of recurrent event rates are common in biomedical statistics. Broadly, the goal is to estimate differences in event rates under 2 treatments within a defined target population over a specified follow-up window. Estimation with observational data is challenging because, while membership in the target population is defined in terms of eligibility criteria, treatment is rarely observed exactly at the time of eligibility.
View Article and Find Full Text PDFWant AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!