Готові списки джерел за темами / Membership Inference

Зміст

  1. Статті в журналах
  2. Дисертації
  3. Частини книг
  4. Тези доповідей конференцій
  5. Звіти організацій

Добірка наукової літератури з теми "Membership Inference"

Автор: Grafiati
Опубліковано: 8 лютого 2025

Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями

Оберіть тип джерела:

Ознайомтеся зі списками актуальних статей, книг, дисертацій, тез та інших наукових джерел на тему "Membership Inference".

Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.

Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.

Статті в журналах з теми "Membership Inference"

1

Pedersen, Joseph, Rafael Muñoz-Gómez, Jiangnan Huang, Haozhe Sun, Wei-Wei Tu, and Isabelle Guyon. "LTU Attacker for Membership Inference." Algorithms 15, no. 7 (July 20, 2022): 254. http://dx.doi.org/10.3390/a15070254.

Повний текст джерела
Анотація:
We address the problem of defending predictive models, such as machine learning classifiers (Defender models), against membership inference attacks, in both the black-box and white-box setting, when the trainer and the trained model are publicly released. The Defender aims at optimizing a dual objective: utility and privacy. Privacy is evaluated with the membership prediction error of a so-called “Leave-Two-Unlabeled” LTU Attacker, having access to all of the Defender and Reserved data, except for the membership label of one sample from each, giving the strongest possible attack scenario. We prove that, under certain conditions, even a “naïve” LTU Attacker can achieve lower bounds on privacy loss with simple attack strategies, leading to concrete necessary conditions to protect privacy, including: preventing over-fitting and adding some amount of randomness. This attack is straightforward to implement against any model trainer, and we demonstrate its performance against MemGaurd. However, we also show that such a naïve LTU Attacker can fail to attack the privacy of models known to be vulnerable in the literature, demonstrating that knowledge must be complemented with strong attack strategies to turn the LTU Attacker into a powerful means of evaluating privacy. The LTU Attacker can incorporate any existing attack strategy to compute individual privacy scores for each training sample. Our experiments on the QMNIST, CIFAR-10, and Location-30 datasets validate our theoretical results and confirm the roles of over-fitting prevention and randomness in the algorithms to protect against privacy attacks.
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Zhao, Yanchao, Jiale Chen, Jiale Zhang, Zilu Yang, Huawei Tu, Hao Han, Kun Zhu, and Bing Chen. "User-Level Membership Inference for Federated Learning in Wireless Network Environment." Wireless Communications and Mobile Computing 2021 (October 19, 2021): 1–17. http://dx.doi.org/10.1155/2021/5534270.

Повний текст джерела
Анотація:
With the rise of privacy concerns in traditional centralized machine learning services, federated learning, which incorporates multiple participants to train a global model across their localized training data, has lately received significant attention in both industry and academia. Bringing federated learning into a wireless network scenario is a great move. The combination of them inspires tremendous power and spawns a number of promising applications. Recent researches reveal the inherent vulnerabilities of the various learning modes for the membership inference attacks that the adversary could infer whether a given data record belongs to the model’s training set. Although the state-of-the-art techniques could successfully deduce the membership information from the centralized machine learning models, it is still challenging to infer the member data at a more confined level, the user level. It is exciting that the common wireless monitor technique in the wireless network environment just provides a good ground for fine-grained membership inference. In this paper, we novelly propose and define a concept of user-level inference attack in federated learning. Specifically, we first give a comprehensive analysis of active and targeted membership inference attacks in the context of federated learning. Then, by considering a more complicated scenario that the adversary can only passively observe the updating models from different iterations, we incorporate the generative adversarial networks into our method, which can enrich the training set for the final membership inference model. In the end, we comprehensively research and implement inferences launched by adversaries of different roles, which makes the attack scenario complete and realistic. The extensive experimental results demonstrate the effectiveness of our proposed attacking approach in the case of single label and multilabel.
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Hilprecht, Benjamin, Martin Härterich, and Daniel Bernau. "Monte Carlo and Reconstruction Membership Inference Attacks against Generative Models." Proceedings on Privacy Enhancing Technologies 2019, no. 4 (October 1, 2019): 232–49. http://dx.doi.org/10.2478/popets-2019-0067.

Повний текст джерела
Анотація:
Abstract We present two information leakage attacks that outperform previous work on membership inference against generative models. The first attack allows membership inference without assumptions on the type of the generative model. Contrary to previous evaluation metrics for generative models, like Kernel Density Estimation, it only considers samples of the model which are close to training data records. The second attack specifically targets Variational Autoencoders, achieving high membership inference accuracy. Furthermore, previous work mostly considers membership inference adversaries who perform single record membership inference. We argue for considering regulatory actors who perform set membership inference to identify the use of specific datasets for training. The attacks are evaluated on two generative model architectures, Generative Adversarial Networks (GANs) and Variational Autoen-coders (VAEs), trained on standard image datasets. Our results show that the two attacks yield success rates superior to previous work on most data sets while at the same time having only very mild assumptions. We envision the two attacks in combination with the membership inference attack type formalization as especially useful. For example, to enforce data privacy standards and automatically assessing model quality in machine learning as a service setups. In practice, our work motivates the use of GANs since they prove less vulnerable against information leakage attacks while producing detailed samples.
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Bu, Diyue, Xiaofeng Wang, and Haixu Tang. "Haplotype-based membership inference from summary genomic data." Bioinformatics 37, Supplement_1 (July 1, 2021): i161—i168. http://dx.doi.org/10.1093/bioinformatics/btab305.

Повний текст джерела
Анотація:
Abstract Motivation The availability of human genomic data, together with the enhanced capacity to process them, is leading to transformative technological advances in biomedical science and engineering. However, the public dissemination of such data has been difficult due to privacy concerns. Specifically, it has been shown that the presence of a human subject in a case group can be inferred from the shared summary statistics of the group, e.g. the allele frequencies, or even the presence/absence of genetic variants (e.g. shared by the Beacon project) in the group. These methods rely on the availability of the target’s genome, i.e. the DNA profile of a target human subject, and thus are often referred to as the membership inference method. Results In this article, we demonstrate the haplotypes, i.e. the sequence of single nucleotide variations (SNVs) showing strong genetic linkages in human genome databases, may be inferred from the summary of genomic data without using a target’s genome. Furthermore, novel haplotypes that did not appear in the database may be reconstructed solely from the allele frequencies from genomic datasets. These reconstructed haplotypes can be used for a haplotype-based membership inference algorithm to identify target subjects in a case group with greater power than existing methods based on SNVs. Availability and implementation The implementation of the membership inference algorithms is available at https://github.com/diybu/Haplotype-based-membership-inferences.
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Yang, Ziqi, Lijin Wang, Da Yang, Jie Wan, Ziming Zhao, Ee-Chien Chang, Fan Zhang, and Kui Ren. "Purifier: Defending Data Inference Attacks via Transforming Confidence Scores." Proceedings of the AAAI Conference on Artificial Intelligence 37, no. 9 (June 26, 2023): 10871–79. http://dx.doi.org/10.1609/aaai.v37i9.26289.

Повний текст джерела
Анотація:
Neural networks are susceptible to data inference attacks such as the membership inference attack, the adversarial model inversion attack and the attribute inference attack, where the attacker could infer useful information such as the membership, the reconstruction or the sensitive attributes of a data sample from the confidence scores predicted by the target classifier. In this paper, we propose a method, namely PURIFIER, to defend against membership inference attacks. It transforms the confidence score vectors predicted by the target classifier and makes purified confidence scores indistinguishable in individual shape, statistical distribution and prediction label between members and non-members. The experimental results show that PURIFIER helps defend membership inference attacks with high effectiveness and efficiency, outperforming previous defense methods, and also incurs negligible utility loss. Besides, our further experiments show that PURIFIER is also effective in defending adversarial model inversion attacks and attribute inference attacks. For example, the inversion error is raised about 4+ times on the Facescrub530 classifier, and the attribute inference accuracy drops significantly when PURIFIER is deployed in our experiment.
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Wang, Xiuling, and Wendy Hui Wang. "GCL-Leak: Link Membership Inference Attacks against Graph Contrastive Learning." Proceedings on Privacy Enhancing Technologies 2024, no. 3 (July 2024): 165–85. http://dx.doi.org/10.56553/popets-2024-0073.

Повний текст джерела
Анотація:
Graph contrastive learning (GCL) has emerged as a successful method for self-supervised graph learning. It involves generating augmented views of a graph by augmenting its edges and aims to learn node embeddings that are invariant to graph augmentation. Despite its effectiveness, the potential privacy risks associated with GCL models have not been thoroughly explored. In this paper, we delve into the privacy vulnerability of GCL models through the lens of link membership inference attacks (LMIA). Specifically, we focus on the federated setting where the adversary has white-box access to the node embeddings of all the augmented views generated by the target GCL model. Designing such white-box LMIAs against GCL models presents a significant and unique challenge due to potential variations in link memberships among node pairs in the target graph and its augmented views. This variability renders members indistinguishable from non-members when relying solely on the similarity of their node embeddings in the augmented views. To address this challenge, our in-depth analysis reveals that the key distinguishing factor lies in the similarity of node embeddings within augmented views where the node pairs share identical link memberships as those in the training graph. However, this poses a second challenge, as information about whether a node pair has identical link membership in both the training graph and augmented views is only available during the attack training phase. This demands the attack classifier to handle the additional “identical-membership" information which is available only for training and not for testing. To overcome this challenge, we propose GCL-LEAK, the first link membership inference attack against GCL models. The key component of GCL-LEAK is a new attack classifier model designed under the “Learning Using Privileged Information (LUPI)” paradigm, where the privileged information of “same-membership” is encoded as part of the attack classifier's structure. Our extensive set of experiments on four representative GCL models showcases the effectiveness of GCL-LEAK. Additionally, we develop two defense mechanisms that introduce perturbation to the node embeddings. Our empirical evaluation demonstrates that both defense mechanisms significantly reduce attack accuracy while preserving the accuracy of GCL models.
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Jayaraman, Bargav, Lingxiao Wang, Katherine Knipmeyer, Quanquan Gu, and David Evans. "Revisiting Membership Inference Under Realistic Assumptions." Proceedings on Privacy Enhancing Technologies 2021, no. 2 (January 29, 2021): 348–68. http://dx.doi.org/10.2478/popets-2021-0031.

Повний текст джерела
Анотація:
Abstract We study membership inference in settings where assumptions commonly used in previous research are relaxed. First, we consider cases where only a small fraction of the candidate pool targeted by the adversary are members and develop a PPV-based metric suitable for this setting. This skewed prior setting is more realistic than the balanced prior setting typically considered. Second, we consider adversaries that select inference thresholds according to their attack goals, such as identifying as many members as possible with a given false positive tolerance. We develop a threshold selection designed for achieving particular attack goals. Since previous inference attacks fail in imbalanced prior settings, we develop new inference attacks based on the intuition that inputs corresponding to training set members will be near a local minimum in the loss function. An attack that combines this with thresholds on the per-instance loss can achieve high PPV even in settings where other attacks are ineffective.
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Kulynych, Bogdan, Mohammad Yaghini, Giovanni Cherubin, Michael Veale, and Carmela Troncoso. "Disparate Vulnerability to Membership Inference Attacks." Proceedings on Privacy Enhancing Technologies 2022, no. 1 (November 20, 2021): 460–80. http://dx.doi.org/10.2478/popets-2022-0023.

Повний текст джерела
Анотація:
Abstract A membership inference attack (MIA) against a machine-learning model enables an attacker to determine whether a given data record was part of the model’s training data or not. In this paper, we provide an in-depth study of the phenomenon of disparate vulnerability against MIAs: unequal success rate of MIAs against different population subgroups. We first establish necessary and sufficient conditions for MIAs to be prevented, both on average and for population subgroups, using a notion of distributional generalization. Second, we derive connections of disparate vulnerability to algorithmic fairness and to differential privacy. We show that fairness can only prevent disparate vulnerability against limited classes of adversaries. Differential privacy bounds disparate vulnerability but can significantly reduce the accuracy of the model. We show that estimating disparate vulnerability by naïvely applying existing attacks can lead to overestimation. We then establish which attacks are suitable for estimating disparate vulnerability, and provide a statistical framework for doing so reliably. We conduct experiments on synthetic and real-world data finding significant evidence of disparate vulnerability in realistic settings.
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Tejash Umedbhai Chaudhari, Krunal Balubhai Patel, and Vimal Bhikhubhai Patel. "A study of generalized bell-shaped membership function on Mamdani fuzzy inference system for Students’ Performance Evaluation." World Journal of Advanced Research and Reviews 3, no. 2 (August 30, 2019): 083–90. http://dx.doi.org/10.30574/wjarr.2019.3.2.0046.

Повний текст джерела
Анотація:
This paper presents a Mamdani fuzzy inference system for evaluation of students’ performance based on Generalized bell-shaped membership function (𝑖. 𝑒 . gbellmf(x; a, b, c) = 1 1+| x−c a | 2b). The objective of this research work is to study the control of parameter ‘b’ in the generalized bell-shaped membership function. Experimental Mamdani fuzzy inference systems will keep every condition identical except changing the parameter ‘b’ in the generalized bell-shaped membership function. Different values of parameter ‘b’ in generalized bell-shaped membership function using Mamdani fuzzy inference system have been proposed and the results are compared with a statistical tool.
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Xia, Fan, Yuhao Liu, Bo Jin, Zheng Yu, Xingwei Cai, Hao Li, Zhiyong Zha, Dai Hou, and Kai Peng. "Leveraging Multiple Adversarial Perturbation Distances for Enhanced Membership Inference Attack in Federated Learning." Symmetry 16, no. 12 (December 18, 2024): 1677. https://doi.org/10.3390/sym16121677.

Повний текст джерела
Анотація:
In recent years, federated learning (FL) has gained significant attention for its ability to protect data privacy during distributed training. However, it also introduces new privacy leakage risks. Membership inference attacks (MIAs), which aim to determine whether a specific sample is part of the training dataset, pose a significant threat to federated learning. Existing research on membership inference attacks in federated learning has primarily focused on leveraging intrinsic model parameters or manipulating the training process. However, the widespread adoption of privacy-preserving frameworks in federated learning has significantly diminished the effectiveness of traditional attack methods. To overcome this limitation, this paper aims to explore an efficient Membership Inference Attack algorithm tailored for encrypted federated learning scenarios, providing new perspectives for optimizing privacy-preserving technologies. Specifically, this paper proposes a novel Membership Inference Attack algorithm based on multiple adversarial perturbation distances (MAPD_MIA) by leveraging the asymmetry in adversarial perturbation distributions near decision boundaries between member and non-member samples. By analyzing these asymmetric perturbation characteristics, the algorithm achieves accurate membership identification. Experimental results demonstrate that the proposed algorithm achieves accuracy rates of 63.0%, 68.7%, and 59.5%, and precision rates of 59.0%, 65.9%, and 55.8% on CIFAR10, CIFAR100, and MNIST datasets, respectively, outperforming three mainstream Membership Inference Attack methods. Furthermore, the algorithm exhibits robust attack performance against two common defense mechanisms, MemGuard and DP-SGD. This study provides new benchmarks and methodologies for evaluating membership privacy leakage risks in federated learning scenarios.
Стилі APA, Harvard, Vancouver, ISO та ін.
Більше джерел

Дисертації з теми "Membership Inference"

1

Zens, Gregor. "Bayesian shrinkage in mixture-of-experts models: identifying robust determinants of class membership." Springer, 2019. http://dx.doi.org/10.1007/s11634-019-00353-y.

Повний текст джерела
Анотація:
A method for implicit variable selection in mixture-of-experts frameworks is proposed. We introduce a prior structure where information is taken from a set of independent covariates. Robust class membership predictors are identified using a normal gamma prior. The resulting model setup is used in a finite mixture of Bernoulli distributions to find homogenous clusters of women in Mozambique based on their information sources on HIV. Fully Bayesian inference is carried out via the implementation of a Gibbs sampler.
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Ullah, Noor. "ANFIS BASED MODELS FOR ACCESSING QUALITY OF WIKIPEDIA ARTICLES." Thesis, Högskolan Dalarna, Datateknik, 2010. http://urn.kb.se/resolve?urn=urn:nbn:se:du-4909.

Повний текст джерела
Анотація:
Wikipedia is a free, web-based, collaborative, multilingual encyclopedia project supported by the non-profit Wikimedia Foundation. Due to the free nature of Wikipedia and allowing open access to everyone to edit articles the quality of articles may be affected. As all people don’t have equal level of knowledge and also different people have different opinions about a topic so there may be difference between the contributions made by different authors. To overcome this situation it is very important to classify the articles so that the articles of good quality can be separated from the poor quality articles and should be removed from the database. The aim of this study is to classify the articles of Wikipedia into two classes class 0 (poor quality) and class 1(good quality) using the Adaptive Neuro Fuzzy Inference System (ANFIS) and data mining techniques. Two ANFIS are built using the Fuzzy Logic Toolbox [1] available in Matlab. The first ANFIS is based on the rules obtained from J48 classifier in WEKA while the other one was built by using the expert’s knowledge. The data used for this research work contains 226 article’s records taken from the German version of Wikipedia. The dataset consists of 19 inputs and one output. The data was preprocessed to remove any similar attributes. The input variables are related to the editors, contributors, length of articles and the lifecycle of articles. In the end analysis of different methods implemented in this research is made to analyze the performance of each classification method used.
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Zegzulka, Ivo. "Aplikace fuzzy logiky při hodnocení dodavatelů firmy." Master's thesis, Vysoké učení technické v Brně. Fakulta podnikatelská, 2014. http://www.nusl.cz/ntk/nusl-224446.

Повний текст джерела
Анотація:
This thesis deals with the design of fuzzy system that can evaluate supplier of spare parts for service. The result should be applicable to a company Iveta Šťastníková - car and tire service. Primarily it should simplify operations associated with the selection of appropriate spare parts, tools and other equipment needed to operate with car service station. First, we introduce the theoretical basis for the paper, and then we go to the present state and the analysis itself. The result is a proposed solution which should correspond to the needs of the owner.
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Shah, Raza. "Property inference decision-making and decision switching of undergraduate engineers : implications for ideational diversity & fluency through movements in a Cartesian concept design space." Thesis, University of Cambridge, 2017. https://www.repository.cam.ac.uk/handle/1810/278700.

Повний текст джерела
Анотація:
Design fixation is a phenomenon experienced by professional designers and engineering design students that stifles creativity and innovation through discouraging ideational productivity, fluency and diversity. During the design idea and concept generation phase of the design process, a reliance on perceptual surface feature similarities between design artefacts increases the likelihood of design fixation leading to design duplication. Psychologists, educators and designers have become increasingly interested in creative idea generation processes that encourage innovation and entrepreneurial outcomes. However, there is a notable lack of collaborative research between psychology, education and engineering design particularly on inductive reasoning of undergraduate engineering students in higher education. The data gathered and analysed for this study provides an insight into property inference decision-making preferences and decision switching (SWITCH) patterns of engineering undergraduates under similarity-based inductive judgements [SIM] and category-based inductive judgements [CAT]. For this psychology experiment, property induction tasks were devised using abstract shapes in a triad configuration. Participants (N = 180), on an undergraduate engineering programme in London, observed a triad of shapes with a target shape more similar-looking to one of two given shapes. Factors manipulated for this experiment included category alignment, category group, property type and target shape. Despite the cognitive development and maturation stage of undergraduate engineers (adults) in higher education, this study identified similarity-based inductive judgements [SIM] to play a significant role during inductive reasoning relative to the strength of category-based inductive judgements [CAT]. In addition to revealing the property inference decision-making preferences of a sample of undergraduate engineers (N = 180), two types of switch classification and two types of non-switch classification (SWITCH) were found and named SIM_NCC, SIM-Salient, Reverse_CAT and CAT_Switching. These different classifications for property inference switching and non-switching presented a more complex pattern of decision-making driven by the relative strength between similarity-based inductive judgements [SIM] and category-based inductive judgements [CAT]. The conditions that encouraged CAT_Switching is of particular interest to design because it corresponds to inference decision switching that affirms the sharing of properties between dissimilar-looking shapes designated as category members, i.e., in a conflicting category alignment condition (CoC). For CAT_Switching, this study found a significant interaction between a particular set of conditions that significantly increased the likelihood of property inference decisions switching to affirm the sharing of properties between dissimilar-looking shapes. Stimuli conditions that combined a conflicting category alignment condition (where dissimilar-looking shapes belong to the same category) with category specificity, a causal property and a target shape with merged (or blended) perceptual surface features significantly increased the likelihood of a property inference decision switching. CAT_Switching has important implications for greater ideational productivity, fluency and diversity to discourage design fixation within the conceptual design space. CAT_Switching conditions could encourage more creative design transformations with alternative design functions through inductive inferences that generalise between dissimilar artefact designs. The findings from this study led to proposing a Cartesian view of the concept design space to represent the possibilities for greater movements through flexible and expanding category boundaries to encourage conceptual combinations, greater ideational fluency and greater ideational diversity within a configuration design space. This study has also created a platform for further research into property inference decision-making, ideational diversity and category boundary flexibility under stimuli conditions that encourage designers and design students to make inductive generalisations between dissimilar domains of knowledge through a greater emphasis on causal relations and semantic networks.
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Spacca, Jordy Luiz Cerminaro. "Usando o Sistema de Inferência Neuro Fuzzy - ANFIS para o cálculo da cinemática inversa de um manipulador de 5 DOF /." Ilha Solteira, 2019. http://hdl.handle.net/11449/183448.

Повний текст джерела
Анотація:
Orientador: Suely Cunha Amaro Mantovani
Resumo: No estudo dos manipuladores são utilizados os conceitos da cinemática direta e a inversa. No cálculo da cinemática direta tem-se a facilidade da notação de Denavit-Hartenberg, mas o desafio maior é a resolução da cinemática inversa, que se torna mais complexa conforme aumentam os graus de liberdade do manipulador, além de apresentar múltiplas soluções. As variáveis angulares obtidas pelas equações da cinemática inversa são utilizadas pelo controlador, para posicionar o órgão terminal do manipulador em um ponto específico de seu volume de trabalho. Na busca de alternativas para contornar estes problemas, neste trabalho utilizam-se os Modelos Adaptativos de Inferência Neuro-Fuzzy - ANFIS para a resolução da cinemática inversa, por meio de simulações, para obter o posicionamento de um manipulador robótico de 5 graus de liberdade, composto por sete servomotores controlados pela plataforma de desenvolvimento Intel® Galileo Gen 2, usado como caso de estudo. Nas simulações usamse ANFIS com uma arquitetura com três e quatro funções de pertinência de entrada, do tipo gaussiana. O desempenho da arquitetura da ANFIS implementada foi comparado com uma Rede Perceptron Multicamadas, demonstrando com os resultados favoráveis a ANFIS, a sua capacidade de aprender e resolver com baixo erro quadrático médio e com precisão, a cinemática inversa para o manipulador em estudo. Verifica-se também, que a performance das ANFIS melhora, quanto à precisão dos resultados, demonstrado pelo desvio médio d... (Resumo completo, clicar acesso eletrônico abaixo)
Abstract: In the study of manipulator’s, the concepts of direct and inverse kinematics are used. In the computation of forward kinematics, it has of the ease of Denavit-Hartenberg notation, but the biggest challenge is the resolution of the inverse kinematics, which becomes more complex as the manipulator's degrees of freedom increase, besides presenting multiple solutions. The angular variables obtained by the inverse kinematics equations are used by the controller to position the terminal organ of the manipulator at a specific point in its work volume. In the search for alternatives to overcome these problems, in this work, the Adaptive Neuro-Fuzzy Inference Models (ANFIS) are used to solve the inverse kinematics, by means of simulations, to obtain the positioning of a robot manipulator of 5 degrees of freedom, consisting of seven servomotors controlled by the Intel® Galileo Gen 2 development platform, used as a case's study . In the simulations ANFIS's architecture are used three and four Gaussian membership functions of input. The performance of the implemented ANFIS architecture was compared to a Multi-layered Perceptron Network, demonstrating with the favorable results the ANFIS, its ability to learn and solve with low mean square error and with precision, the inverse kinematics for the manipulator under study. It is also verified that the performance of the ANFIS improves, as regards the accuracy of the results in the training process, , demonstrated by the mean deviation of the... (Complete abstract click electronic access below)
Mestre
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Kim, Hyowon. "Improving Inferences about Preferences in Choice Modeling." The Ohio State University, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=osu1587524882296023.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Azize, Achraf. "Privacy-Utility Trade-offs in Sequential Decision-Making under Uncertainty." Electronic Thesis or Diss., Université de Lille (2022-....), 2024. http://www.theses.fr/2024ULILB029.

Повний текст джерела
Анотація:
Les thèmes abordés dans cette thèse visent à caractériser les compromis à réaliser entre confidentialité et utilité dans la prise de décision séquentielle dans l'incertain. Le principal cadre adopté pour définir la confidentialité est la protection différentielle, et le principal cadre d'utilité est le problème de bandit stochastique à plusieurs bras. Tout d'abord, nous proposons différentes définitions qui étendent la définition de confidentialité à l'environnement des bandits à plusieurs bras.Ensuite, nous quantifions la difficulté des bandits avec protection différentielle en prouvant des bornes inférieures sur la performance des algorithmes de bandits confidentielles. Ces bornes suggèrent l'existence de deux régimes de difficulté en fonction du budget de confidentialité et des distributions de récompenses.Nous proposons également un plan générique pour concevoir des versions confidentielles quasi-optimales des algorithmes de bandits.Nous instancions ce schéma directeur pour concevoir des versions confidentielles de différents algorithmes de bandits dans différents contextes: bandits à bras finis, linéaires et contextuels avec le regret comme mesure d'utilité, et bandits à bras finis avec la complexité d'échantillonnage comme mesure d'utilité.L'analyse théorique et expérimentale des algorithmes proposés valide aussi l'existence de deux régimes de difficulté en fonction du budget de confidentialité.Dans la deuxième partie de cette thèse, nous passons des défenses de la confidentialité aux attaques. Plus précisément, nous étudions les attaques par inférence d'appartenance où un adversaire cherche à savoir si un point cible a été inclus ou pas dans l'ensemble de données d'entrée d'un algorithme. Nous définissons la fuite d'information sur un point comme l'avantage de l'adversaire optimal essayant de déduire l'appartenance de ce point.Nous quantifions ensuite cette fuite d'information pour la moyenne empirique et d'autres variantes en termes de la distance de Mahalanobis entre le point cible et la distribution génératrice des données.Notre analyse asymptotique repose sur une nouvelle technique de preuve qui combine une expansion de Edgeworth du test de vraisemblance et un théorème central limite de Lindeberg-Feller.Notre analyse montre que le test de vraisemblance pour la moyenne empirique est une attaque par produit scalaire mais corrigé pour la géométrie des données en utilisant l'inverse de la matrice de covariance.Enfin, comme conséquences de notre analyse, nous proposons un nouveau score de covariance et une nouvelle stratégie de sélection des points cible pour l'audit des algorithmes de descente de gradient dans le cadre de l'apprentissage fédéré en white-box
The topics addressed in this thesis aim to characterise the privacy-utility trade-offs in sequential decision-making under uncertainty. The main privacy framework adopted is Differential Privacy (DP), and the main setting for studying utility is the stochastic Multi-Armed Bandit (MAB) problem. First, we propose different definitions that extend DP to the setting of multi-armed bandits. Then, we quantify the hardness of private bandits by proving lower bounds on the performance of bandit algorithms verifying the DP constraint. These bounds suggest the existence of two hardness regimes depending on the privacy budget and the reward distributions. We further propose a generic blueprint to design near-optimal DP extensions of bandit algorithms. We instantiate the blueprint to design DP versions of different bandit algorithms under different settings: finite-armed, linear and contextual bandits under regret as a utility measure, and finite-armed bandits under sample complexity of identifying the optimal arm as a utility measure. The theoretical and experimental analysis of the proposed algorithms furthermore validates the existence of two hardness regimes depending on the privacy budget.In the second part of this thesis, we shift the view from privacy defences to attacks. Specifically, we study fixed-target Membership Inference (MI) attacks, where an adversary aims to infer whether a fixed target point was included or not in the input dataset of an algorithm. We define the target-dependent leakage of a datapoint as the advantage of the optimal adversary trying to infer the membership of that datapoint. Then, we quantify both the target-dependent leakage and the trade-off functions for the empirical mean and variants of interest in terms of the Mahalanobis distance between the target point and the data-generating distribution. Our asymptotic analysis builds on a novel proof technique that combines an Edgeworth expansion of the Likelihood Ratio (LR) test and a Lindeberg-Feller central limit theorem. Our analysis shows that the LR test for the empirical mean is a scalar product attack but corrected for the geometry of the data using the inverse of the covariance matrix. Finally, as by-products of our analysis, we propose a new covariance score and a new canary selection strategy for auditing gradient descent algorithms in the white-box federated learning setting
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Lee, Sheau Chuen, and 李曉春. "The Design of a Fast Inference and Symmetric Membership Function Based Fuzzy Chip." Thesis, 1996. http://ndltd.ncl.edu.tw/handle/24997616625348102706.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Alharbi, Basma Mohammed. "Latent Feature Models for Uncovering Human Mobility Patterns from Anonymized User Location Traces with Metadata." Diss., 2017. http://hdl.handle.net/10754/623122.

Повний текст джерела
Анотація:
In the mobile era, data capturing individuals’ locations have become unprecedentedly available. Data from Location-Based Social Networks is one example of large-scale user-location data. Such data provide a valuable source for understanding patterns governing human mobility, and thus enable a wide range of research. However, mining and utilizing raw user-location data is a challenging task. This is mainly due to the sparsity of data (at the user level), the imbalance of data with power-law users and locations check-ins degree (at the global level), and more importantly the lack of a uniform low-dimensional feature space describing users. Three latent feature models are proposed in this dissertation. Each proposed model takes as an input a collection of user-location check-ins, and outputs a new representation space for users and locations respectively. To avoid invading users privacy, the proposed models are designed to learn from anonymized location data where only IDs - not geophysical positioning or category - of locations are utilized. To enrich the inferred mobility patterns, the proposed models incorporate metadata, often associated with user-location data, into the inference process. In this dissertation, two types of metadata are utilized to enrich the inferred patterns, timestamps and social ties. Time adds context to the inferred patterns, while social ties amplifies incomplete user-location check-ins. The first proposed model incorporates timestamps by learning from collections of users’ locations sharing the same discretized time. The second proposed model also incorporates time into the learning model, yet takes a further step by considering time at different scales (hour of a day, day of a week, month, and so on). This change in modeling time allows for capturing meaningful patterns over different times scales. The last proposed model incorporates social ties into the learning process to compensate for inactive users who contribute a large volume of incomplete user-location check-ins. To assess the quality of the new representation spaces for each model, evaluation is done using an external application, social link prediction, in addition to case studies and analysis of inferred patterns. Each proposed model is compared to baseline models, where results show significant improvements.
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Fernandes, Flávio Duarte Pacheco. "LHView: Location Aware Hybrid Partial View." Master's thesis, 2017. http://hdl.handle.net/10362/66268.

Повний текст джерела
Анотація:
The rise of the Cloud creates enormous business opportunities for companies to provide global services, which requires applications supporting the operation of those services to scale while minimizing maintenance costs, either due to unnecessary allocation of resources or due to excessive human supervision and administration. Solutions designed to support such systems have tackled fundamental challenges from individual component failure to transient network partitions. A fundamental aspect that all scalable large systems have to deal with is the membership of the system, i.e, tracking the active components that compose the system. Most systems rely on membership management protocols that operate at the application level, many times exposing the interface of a logical overlay network, that should guarantee high scalability, efficiency, and robustness. Although these protocols are capable of repairing the overlay in face of large numbers of individual components faults, when scaling to global settings (i.e, geo-distributed scenarios), this robustness is a double edged-sword because it is extremely complex for a node in a system to distinguish between a set of simultaneously node failures and a (transient) network partition. Thus the occurrence of a network partition creates isolated sub-sets of nodes incapable of reconnecting even after the recovery from the partition. This work address this challenges by proposing a novel datacenter-aware membership protocol to tolerate network partitions by applying existing overlay management techniques and classification techniques that may allow the system to efficiently cope with such events without compromising the remaining properties of the overlay network. Furthermore, we strive to achieve these goals with a solution that requires minimal human intervention.
Стилі APA, Harvard, Vancouver, ISO та ін.

Частини книг з теми "Membership Inference"

1

Xu, Tianxiang, Chang Liu, Kun Zhang, and Jianlin Zhang. "Membership Inference Attacks Against Medical Databases." In Communications in Computer and Information Science, 15–25. Singapore: Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-99-8138-0_2.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Monreale, Anna, Francesca Naretto, and Simone Rizzo. "Agnostic Label-Only Membership Inference Attack." In Network and System Security, 249–64. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-39828-5_14.

Повний текст джерела
Анотація:
AbstractIn recent years we are witnessing the diffusion of AI systems based on powerful Machine Learning models which find application in many critical contexts such as medicine and financial market. In such contexts, it is important to design Trustworthy AI systems while guaranteeing privacy protection. However, some attacks on the privacy of Machine Learning models have been designed to show the threats of exposing such models. Membership Inference is one of the simplest privacy threats faced by Machine Learning models. It is based on the assumption that an adversary, observing the confidence of the model prediction, can infer whether a particular record was used for training the classifier. A variant, called Label-Only attack, exploits the adversary’s knowledge of the training data statistics to infer the record membership without accessing the confidence score of the prediction. In this paper, we propose a variant of the Label-Only attack, called Aloa, which estimates the prediction confidence exploiting a mechanism that is completely agnostic to the input data distributions. In fact, it requires neither statistical knowledge of the data nor the type of variables. Experimental results show better performance of our attack with respect to the competitors.
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Ha, Trung, Trang Vo, Tran Khanh Dang, and Nguyen Thi Huyen Trang. "Differential Privacy Under Membership Inference Attacks." In Future Data and Security Engineering. Big Data, Security and Privacy, Smart City and Industry 4.0 Applications, 255–69. Singapore: Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-99-8296-7_18.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Barezzani, Sergio. "Membership Inference Attacks in Machine Learning." In Encyclopedia of Cryptography, Security and Privacy, 1–4. Berlin, Heidelberg: Springer Berlin Heidelberg, 2024. http://dx.doi.org/10.1007/978-3-642-27739-9_1825-1.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Goto, Yumeki, Nami Ashizawa, Toshiki Shibahara, and Naoto Yanai. "Do Backdoors Assist Membership Inference Attacks?" In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 251–65. Cham: Springer Nature Switzerland, 2024. http://dx.doi.org/10.1007/978-3-031-64954-7_13.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Barezzani, Sergio. "Membership Inference Attacks in Machine Learning." In Encyclopedia of Cryptography, Security and Privacy, 1520–23. Cham: Springer Nature Switzerland, 2025. https://doi.org/10.1007/978-3-030-71522-9_1825.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Zari, Oualid, Javier Parra-Arnau, Ayşe Ünsal, Thorsten Strufe, and Melek Önen. "Membership Inference Attack Against Principal Component Analysis." In Privacy in Statistical Databases, 269–82. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-13945-1_19.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Senavirathne, Navoda, and Vicenç Torra. "Dissecting Membership Inference Risk in Machine Learning." In Cyberspace Safety and Security, 36–54. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-94029-4_3.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Chen, Shi, and Yubin Zhong. "Two-Stage High Precision Membership Inference Attack." In Machine Learning for Cyber Security, 521–35. Cham: Springer Nature Switzerland, 2023. http://dx.doi.org/10.1007/978-3-031-20099-1_44.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Yan, Ran, Ruiying Du, Kun He, and Jing Chen. "Efficient Adversarial Training with Membership Inference Resistance." In Pattern Recognition and Computer Vision, 474–86. Singapore: Springer Nature Singapore, 2023. http://dx.doi.org/10.1007/978-981-99-8429-9_38.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.

Тези доповідей конференцій з теми "Membership Inference"

1

Lou, Jiadong, and Xu Yuan. "Membership Inference via Self-Comparison." In 2024 IEEE Conference on Communications and Network Security (CNS), 1–9. IEEE, 2024. http://dx.doi.org/10.1109/cns62487.2024.10735627.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Yichuan, Shi, Olivera Kotevska, Viktor Reshniak, and Amir Sadovnik. "Assessing Membership Inference Attacks under Distribution Shifts." In 2024 IEEE International Conference on Big Data (BigData), 4127–31. IEEE, 2024. https://doi.org/10.1109/bigdata62323.2024.10825580.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Galli, Filippo, Luca Melis, and Tommaso Cucinotta. "Noisy Neighbors: Efficient membership inference attacks against LLMs." In Proceedings of the Fifth Workshop on Privacy in Natural Language Processing, 1–6. Stroudsburg, PA, USA: Association for Computational Linguistics, 2024. http://dx.doi.org/10.18653/v1/2024.privatenlp-1.1.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Lejbølle Jelstrup, Malthe Andreas, and Siavash Arjomand Bigdeli. "Deepmarking: Leveraging Adversarial Noise for Membership Inference Attacks." In 2024 IEEE International Conference on Computational Photography (ICCP), 1–10. IEEE, 2024. http://dx.doi.org/10.1109/iccp61108.2024.10644615.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
5

DeAlcala, Daniel, Gonzalo Mancera, Aythami Morales, Julian Fierrez, Ruben Tolosana, and Javier Ortega-Garcia. "A Comprehensive Analysis of Factors Impacting Membership Inference." In 2024 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW), 3585–93. IEEE, 2024. http://dx.doi.org/10.1109/cvprw63382.2024.00362.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Zhang, Rongting, Martin Andres Bertran, and Aaron Roth. "Order of Magnitude Speedups for LLM Membership Inference." In Proceedings of the 2024 Conference on Empirical Methods in Natural Language Processing, 4431–43. Stroudsburg, PA, USA: Association for Computational Linguistics, 2024. http://dx.doi.org/10.18653/v1/2024.emnlp-main.253.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Xie, Roy, Junlin Wang, Ruomin Huang, Minxing Zhang, Rong Ge, Jian Pei, Neil Zhenqiang Gong, and Bhuwan Dhingra. "ReCaLL: Membership Inference via Relative Conditional Log-Likelihoods." In Proceedings of the 2024 Conference on Empirical Methods in Natural Language Processing, 8671–89. Stroudsburg, PA, USA: Association for Computational Linguistics, 2024. http://dx.doi.org/10.18653/v1/2024.emnlp-main.493.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Shi, Haonan, Tu Ouyang, and An Wang. "Learning-Based Difficulty Calibration for Enhanced Membership Inference Attacks." In 2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P), 62–77. IEEE, 2024. http://dx.doi.org/10.1109/eurosp60621.2024.00012.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Shah, Akash, Sapna Varshney, and Monica Mehrotra. "DepInferAttack: Framework for Membership Inference Attack in Depression Dataset." In 2024 4th International Conference on Technological Advancements in Computational Sciences (ICTACS), 1326–32. IEEE, 2024. https://doi.org/10.1109/ictacs62700.2024.10840770.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Dixit, Neil. "Quantifying Classification Metrics in Black Box Membership Inference Attacks." In 2025 IEEE 4th International Conference on AI in Cybersecurity (ICAIC), 1–6. IEEE, 2025. https://doi.org/10.1109/icaic63015.2025.10848684.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.

Звіти організацій з теми "Membership Inference"

1

Tsidylo, Ivan M., Serhiy O. Semerikov, Tetiana I. Gargula, Hanna V. Solonetska, Yaroslav P. Zamora, and Andrey V. Pikilnyak. Simulation of intellectual system for evaluation of multilevel test tasks on the basis of fuzzy logic. CEUR Workshop Proceedings, June 2021. http://dx.doi.org/10.31812/123456789/4370.

Повний текст джерела
Анотація:
The article describes the stages of modeling an intelligent system for evaluating multilevel test tasks based on fuzzy logic in the MATLAB application package, namely the Fuzzy Logic Toolbox. The analysis of existing approaches to fuzzy assessment of test methods, their advantages and disadvantages is given. The considered methods for assessing students are presented in the general case by two methods: using fuzzy sets and corresponding membership functions; fuzzy estimation method and generalized fuzzy estimation method. In the present work, the Sugeno production model is used as the closest to the natural language. This closeness allows for closer interaction with a subject area expert and build well-understood, easily interpreted inference systems. The structure of a fuzzy system, functions and mechanisms of model building are described. The system is presented in the form of a block diagram of fuzzy logical nodes and consists of four input variables, corresponding to the levels of knowledge assimilation and one initial one. The surface of the response of a fuzzy system reflects the dependence of the final grade on the level of difficulty of the task and the degree of correctness of the task. The structure and functions of the fuzzy system are indicated. The modeled in this way intelligent system for assessing multilevel test tasks based on fuzzy logic makes it possible to take into account the fuzzy characteristics of the test: the level of difficulty of the task, which can be assessed as “easy”, “average", “above average”, “difficult”; the degree of correctness of the task, which can be assessed as “correct”, “partially correct”, “rather correct”, “incorrect”; time allotted for the execution of a test task or test, which can be assessed as “short”, “medium”, “long”, “very long”; the percentage of correctly completed tasks, which can be assessed as “small”, “medium”, “large”, “very large”; the final mark for the test, which can be assessed as “poor”, “satisfactory”, “good”, “excellent”, which are included in the assessment. This approach ensures the maximum consideration of answers to questions of all levels of complexity by formulating a base of inference rules and selection of weighting coefficients when deriving the final estimate. The robustness of the system is achieved by using Gaussian membership functions. The testing of the controller on the test sample brings the functional suitability of the developed model.
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Paule, Bernard, Flourentzos Flourentzou, Tristan de KERCHOVE d’EXAERDE, Julien BOUTILLIER, and Nicolo Ferrari. PRELUDE Roadmap for Building Renovation: set of rules for renovation actions to optimize building energy performance. Department of the Built Environment, 2023. http://dx.doi.org/10.54337/aau541614638.

Повний текст джерела
Анотація:
In the context of climate change and the environmental and energy constraints we face, it is essential to develop methods to encourage the implementation of efficient solutions for building renovation. One of the objectives of the European PRELUDE project [1] is to develop a "Building Renovation Roadmap"(BRR) aimed at facilitating decision-making to foster the most efficient refurbishment actions, the implementation of innovative solutions and the promotion of renewable energy sources in the renovation process of existing buildings. In this context, Estia is working on the development of inference rules that will make it possible. On the basis of a diagnosis such as the Energy Performance Certificate, it will help establishing a list of priority actions. The dynamics that drive this project permit to decrease the subjectivity of a human decisions making scheme. While simulation generates digital technical data, interpretation requires the translation of this data into natural language. The purpose is to automate the translation of the results to provide advice and facilitate decision-making. In medicine, the diagnostic phase is a process by which a disease is identified by its symptoms. Similarly, the idea of the process is to target the faulty elements potentially responsible for poor performance and to propose remedial solutions. The system is based on the development of fuzzy logic rules [2],[3]. This choice was made to be able to manipulate notions of membership with truth levels between 0 and 1, and to deliver messages in a linguistic form, understandable by non-specialist users. For example, if performance is low and parameter x is unfavourable, the algorithm can gives an incentive to improve the parameter such as: "you COULD, SHOULD or MUST change parameter x". Regarding energy performance analysis, the following domains are addressed: heating, domestic hot water, cooling, lighting. Regarding the parameters, the analysis covers the following topics: Characteristics of the building envelope. and of the technical installations (heat production-distribution, ventilation system, electric lighting, etc.). This paper describes the methodology used, lists the fields studied and outlines the expected outcomes of the project.
Стилі APA, Harvard, Vancouver, ISO та ін.
Також вас можуть зацікавити розширені добірки на тему "Membership Inference" для конкретних типів джерел:
Статті в журналах
Ми пропонуємо знижки на всі преміум-плани для авторів, чиї праці увійшли до тематичних добірок літератури. Зв'яжіться з нами, щоб отримати унікальний промокод!

До бібліографії