检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:翟旭荣 马垚 于丹[1] 杨玉丽[1] 陈永乐[1] ZHAI Xu-rong;MA Yao;YU Dan;YANG Yu-li;CHEN Yong-le(College of Computer Science and Technology(College of Data Science),Taiyuan University of Technology,Jinzhong 030600,China)
机构地区:[1]太原理工大学计算机科学与技术学院(大数据学院),山西晋中030600
出 处:《计算机工程与设计》2024年第11期3201-3208,共8页Computer Engineering and Design
基 金:山西省基础研究计划基金项目(20210302123131、20210302124395)。
摘 要:为重新评估单个样本层面的隐私风险,降低成员推理攻击中错误推理的高昂代价,提出一种基于样本遗忘的仅标签成员推理攻击方法。通过建立样本遗忘因子计算模型,筛选出更容易被遗忘的样本作为成员推理攻击的目标,保证对每个目标的攻击均是有效推理。结合邻域置信度估计算法,实现由输出标签向真实类概率的转换,在严格的黑盒设置下对目标做出高精度预测,在实践中具有更高的可行性和应用价值。通过实验验证了该方法的有效性,为成员推理攻击的研究提供了一种思路和方法。To re-evaluate the privacy risk at the individual sample level and reduce the high cost of erroneous inference in membership inference attacks,an effective membership inference attack method based on example forgetting was proposed.A sample forgetting factor calculation model was established to screen out samples that were easier to forget as the target of membership inference attacks to ensure that the attack on each target was effective inference.Neighborhood confidence estimation was combined to achieve the conversion from output labels to true class probabilities,enabling high-precision predictions under strict black-box settings.This method has higher practical feasibility and application value.Experimental results demonstrate the effectiveness of this method,and it provides an idea and a method for research on membership inference attacks.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.219.115.102