- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Theses and Dissertations /
- PANORAMIA : privacy auditing of machine learning models...
Open Collections
UBC Theses and Dissertations
UBC Theses and Dissertations
PANORAMIA : privacy auditing of machine learning models without retraining Kazmi, Mishaal
Abstract
We present PANORAMIA, a privacy leakage measurement framework for machine learning models that relies on membership inference attacks using generated data as non-members. By relying on generated non-member data, PANORAMIA eliminates the common dependency of privacy measurement tools on in-distribution non-member data. As a result, PANORAMIA does not modify the model, training data, or training process, and only requires access to a subset of the training data. We evaluate PANORAMIA on ML models for image and tabular data classification, as well as on large-scale language models. The theory we develop in this paper provides a meaningful step towards addressing privacy measurements in this setting and provides a more rigorous approach to privacy benchmarks for such models. We demonstrate that PANORAMIA’s privacy measurements can also be empirically valuable, for instance for providing improved measurements with more data.
Item Metadata
| Title |
PANORAMIA : privacy auditing of machine learning models without retraining
|
| Creator | |
| Supervisor | |
| Publisher |
University of British Columbia
|
| Date Issued |
2024
|
| Description |
We present PANORAMIA, a privacy leakage measurement framework for machine learning models that relies on membership inference attacks using generated data as non-members. By relying on generated non-member data, PANORAMIA eliminates the common dependency of privacy measurement tools on in-distribution non-member data. As a result, PANORAMIA does not modify the model, training data, or training process, and only requires access to a subset of the training data. We evaluate PANORAMIA on ML models for image and tabular data classification, as well as on large-scale language models. The theory we develop in this paper provides a meaningful step towards addressing privacy measurements in this setting and provides a more rigorous approach to privacy benchmarks for such models. We demonstrate that PANORAMIA’s privacy measurements can also be empirically valuable, for instance for providing improved measurements with more data.
|
| Genre | |
| Type | |
| Language |
eng
|
| Date Available |
2024-09-25
|
| Provider |
Vancouver : University of British Columbia Library
|
| Rights |
Attribution-NonCommercial-NoDerivatives 4.0 International
|
| DOI |
10.14288/1.0445452
|
| URI | |
| Degree | |
| Program | |
| Affiliation | |
| Degree Grantor |
University of British Columbia
|
| Graduation Date |
2024-11
|
| Campus | |
| Scholarly Level |
Graduate
|
| Rights URI | |
| Aggregated Source Repository |
DSpace
|
Item Media
Item Citations and Data
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International