Against Membership Inference Attack: Pruning is All You Need

Yijue Wang; Chenghong Wang; Zigeng Wang; Shanglin Zhou; Hang Liu; Jinbo Bi; Caiwen Ding; Sanguthevar Rajasekaran

doi:10.24963/ijcai.2021/432

Against Membership Inference Attack: Pruning is All You Need

Yijue Wang, Chenghong Wang, Zigeng Wang, Shanglin Zhou, Hang Liu, Jinbo Bi, Caiwen Ding, Sanguthevar Rajasekaran

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

25 Scopus citations

Abstract

The large model size, high computational operations, and vulnerability against membership inference attack (MIA) have impeded deep learning or deep neural networks (DNNs) popularity, especially on mobile devices. To address the challenge, we envision that the weight pruning technique will help DNNs against MIA while reducing model storage and computational operation. In this work, we propose a pruning algorithm, and we show that the proposed algorithm can find a subnetwork that can prevent privacy leakage from MIA and achieves competitive accuracy with the original DNNs. We also verify our theoretical insights with experiments. Our experimental results illustrate that the attack accuracy using model compression is up to 13.6% and 10% lower than that of the baseline and Min-Max game, accordingly.

Original language	English (US)
Title of host publication	Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021
Editors	Zhi-Hua Zhou
Publisher	International Joint Conferences on Artificial Intelligence
Pages	3141-3147
Number of pages	7
ISBN (Electronic)	9780999241196
DOIs	https://doi.org/10.24963/ijcai.2021/432
State	Published - 2021
Externally published	Yes
Event	30th International Joint Conference on Artificial Intelligence, IJCAI 2021 - Virtual, Online, Canada Duration: Aug 19 2021 → Aug 27 2021

Publication series

Name	IJCAI International Joint Conference on Artificial Intelligence
ISSN (Print)	1045-0823

Conference

Conference	30th International Joint Conference on Artificial Intelligence, IJCAI 2021
Country/Territory	Canada
City	Virtual, Online
Period	8/19/21 → 8/27/21

All Science Journal Classification (ASJC) codes

Artificial Intelligence

Access to Document

10.24963/ijcai.2021/432

Cite this

Wang, Y., Wang, C., Wang, Z., Zhou, S., Liu, H., Bi, J., Ding, C., & Rajasekaran, S. (2021). Against Membership Inference Attack: Pruning is All You Need. In Z.-H. Zhou (Ed.), Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021 (pp. 3141-3147). (IJCAI International Joint Conference on Artificial Intelligence). International Joint Conferences on Artificial Intelligence. https://doi.org/10.24963/ijcai.2021/432

Wang, Yijue ; Wang, Chenghong ; Wang, Zigeng et al. / Against Membership Inference Attack : Pruning is All You Need. Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021. editor / Zhi-Hua Zhou. International Joint Conferences on Artificial Intelligence, 2021. pp. 3141-3147 (IJCAI International Joint Conference on Artificial Intelligence).

@inproceedings{557588f2237f465d8c6f183282ad17d4,

title = "Against Membership Inference Attack: Pruning is All You Need",

abstract = "The large model size, high computational operations, and vulnerability against membership inference attack (MIA) have impeded deep learning or deep neural networks (DNNs) popularity, especially on mobile devices. To address the challenge, we envision that the weight pruning technique will help DNNs against MIA while reducing model storage and computational operation. In this work, we propose a pruning algorithm, and we show that the proposed algorithm can find a subnetwork that can prevent privacy leakage from MIA and achieves competitive accuracy with the original DNNs. We also verify our theoretical insights with experiments. Our experimental results illustrate that the attack accuracy using model compression is up to 13.6% and 10% lower than that of the baseline and Min-Max game, accordingly.",

author = "Yijue Wang and Chenghong Wang and Zigeng Wang and Shanglin Zhou and Hang Liu and Jinbo Bi and Caiwen Ding and Sanguthevar Rajasekaran",

note = "Publisher Copyright: {\textcopyright} 2021 International Joint Conferences on Artificial Intelligence. All rights reserved.; 30th International Joint Conference on Artificial Intelligence, IJCAI 2021 ; Conference date: 19-08-2021 Through 27-08-2021",

year = "2021",

doi = "10.24963/ijcai.2021/432",

language = "English (US)",

series = "IJCAI International Joint Conference on Artificial Intelligence",

publisher = "International Joint Conferences on Artificial Intelligence",

pages = "3141--3147",

editor = "Zhi-Hua Zhou",

booktitle = "Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021",

}

Wang, Y, Wang, C, Wang, Z, Zhou, S, Liu, H, Bi, J, Ding, C & Rajasekaran, S 2021, Against Membership Inference Attack: Pruning is All You Need. in Z-H Zhou (ed.), Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021. IJCAI International Joint Conference on Artificial Intelligence, International Joint Conferences on Artificial Intelligence, pp. 3141-3147, 30th International Joint Conference on Artificial Intelligence, IJCAI 2021, Virtual, Online, Canada, 8/19/21. https://doi.org/10.24963/ijcai.2021/432

Against Membership Inference Attack: Pruning is All You Need. / Wang, Yijue; Wang, Chenghong; Wang, Zigeng et al.
Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021. ed. / Zhi-Hua Zhou. International Joint Conferences on Artificial Intelligence, 2021. p. 3141-3147 (IJCAI International Joint Conference on Artificial Intelligence).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Against Membership Inference Attack

T2 - 30th International Joint Conference on Artificial Intelligence, IJCAI 2021

AU - Wang, Yijue

AU - Wang, Chenghong

AU - Wang, Zigeng

AU - Zhou, Shanglin

AU - Liu, Hang

AU - Bi, Jinbo

AU - Ding, Caiwen

AU - Rajasekaran, Sanguthevar

PY - 2021

Y1 - 2021

N2 - The large model size, high computational operations, and vulnerability against membership inference attack (MIA) have impeded deep learning or deep neural networks (DNNs) popularity, especially on mobile devices. To address the challenge, we envision that the weight pruning technique will help DNNs against MIA while reducing model storage and computational operation. In this work, we propose a pruning algorithm, and we show that the proposed algorithm can find a subnetwork that can prevent privacy leakage from MIA and achieves competitive accuracy with the original DNNs. We also verify our theoretical insights with experiments. Our experimental results illustrate that the attack accuracy using model compression is up to 13.6% and 10% lower than that of the baseline and Min-Max game, accordingly.

AB - The large model size, high computational operations, and vulnerability against membership inference attack (MIA) have impeded deep learning or deep neural networks (DNNs) popularity, especially on mobile devices. To address the challenge, we envision that the weight pruning technique will help DNNs against MIA while reducing model storage and computational operation. In this work, we propose a pruning algorithm, and we show that the proposed algorithm can find a subnetwork that can prevent privacy leakage from MIA and achieves competitive accuracy with the original DNNs. We also verify our theoretical insights with experiments. Our experimental results illustrate that the attack accuracy using model compression is up to 13.6% and 10% lower than that of the baseline and Min-Max game, accordingly.

UR - http://www.scopus.com/inward/record.url?scp=85117367922&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85117367922&partnerID=8YFLogxK

U2 - 10.24963/ijcai.2021/432

DO - 10.24963/ijcai.2021/432

M3 - Conference contribution

AN - SCOPUS:85117367922

T3 - IJCAI International Joint Conference on Artificial Intelligence

SP - 3141

EP - 3147

BT - Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021

A2 - Zhou, Zhi-Hua

PB - International Joint Conferences on Artificial Intelligence

Y2 - 19 August 2021 through 27 August 2021

ER -

Wang Y, Wang C, Wang Z, Zhou S, Liu H, Bi J et al. Against Membership Inference Attack: Pruning is All You Need. In Zhou ZH, editor, Proceedings of the 30th International Joint Conference on Artificial Intelligence, IJCAI 2021. International Joint Conferences on Artificial Intelligence. 2021. p. 3141-3147. (IJCAI International Joint Conference on Artificial Intelligence). doi: 10.24963/ijcai.2021/432

Against Membership Inference Attack: Pruning is All You Need

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this