{"id":"https://openalex.org/W3048133945","doi":"https://doi.org/10.1109/cns48642.2020.9162283","title":"Membership Inference Attacks against MemGuard : IEEE CNS 20 Poster","display_name":"Membership Inference Attacks against MemGuard : IEEE CNS 20 Poster","publication_year":2020,"publication_date":"2020-06-01","ids":{"openalex":"https://openalex.org/W3048133945","doi":"https://doi.org/10.1109/cns48642.2020.9162283","mag":"3048133945"},"language":"en","primary_location":{"id":"doi:10.1109/cns48642.2020.9162283","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns48642.2020.9162283","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5024053576","display_name":"Ben Niu","orcid":"https://orcid.org/0000-0001-5822-8743"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Ben Niu","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112893853","display_name":"Yahong Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yahong Chen","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055342873","display_name":"Likun Zhang","orcid":"https://orcid.org/0000-0003-3898-6533"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]},{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Likun Zhang","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100325254","display_name":"Fenghua Li","orcid":"https://orcid.org/0000-0002-3211-012X"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Fenghua Li","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5024053576"],"corresponding_institution_ids":["https://openalex.org/I19820366","https://openalex.org/I4210156404"],"apc_list":null,"apc_paid":null,"fwci":0.1326,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.53918355,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":93},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"2"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9783999919891357,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7706177234649658},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7570212483406067},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.7096616625785828},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.6512693166732788},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.5464592576026917},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5113601088523865},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4982612133026123},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3913382589817047},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38586360216140747},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.3236399292945862}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7706177234649658},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7570212483406067},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.7096616625785828},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.6512693166732788},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.5464592576026917},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5113601088523865},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4982612133026123},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3913382589817047},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38586360216140747},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3236399292945862}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cns48642.2020.9162283","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns48642.2020.9162283","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Conference on Communications and Network Security (CNS)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W2473418344","https://openalex.org/W2535690855","https://openalex.org/W2884943453","https://openalex.org/W2930926105","https://openalex.org/W2963378725","https://openalex.org/W2964082701","https://openalex.org/W2983140679","https://openalex.org/W3103245149"],"related_works":["https://openalex.org/W3048732067","https://openalex.org/W4383468834","https://openalex.org/W2900159906","https://openalex.org/W4384648009","https://openalex.org/W4283221438","https://openalex.org/W4287828318","https://openalex.org/W2406556600","https://openalex.org/W4380352238","https://openalex.org/W3126470649","https://openalex.org/W2899811703"],"abstract_inverted_index":{"The":[0,70,135],"membership":[1],"inference":[2],"attack":[3,114,125],"makes":[4],"it":[5],"possible":[6],"to":[7,20,47,93,109,126],"extract":[8],"participation":[9],"information":[10],"of":[11,23,61,66,97,112,141],"the":[12,33,54,63,67,82,95,101,107,128,139],"training":[13,32,64],"dataset,":[14],"which":[15,104],"poses":[16],"severe":[17],"privacy":[18,28],"threats":[19],"users.":[21],"Most":[22],"existing":[24],"solutions":[25],"leverage":[26],"differential":[27],"or":[29],"regularization":[30],"when":[31],"target":[34,55,68],"classifier,":[35],"causing":[36],"some":[37],"accuracy":[38],"drops.":[39],"Recently,":[40],"MemGuard,":[41],"a":[42,123],"defense":[43],"with":[44],"adding":[45],"noise":[46,71],"each":[48],"confidence":[49],"score":[50,74],"vector":[51,75],"predicted":[52],"by":[53],"classifier":[56],"has":[57],"been":[58],"proposed,":[59],"instead":[60],"tampering":[62],"process":[65],"classifier.":[69,84],"can":[72,105],"turn":[73],"into":[76],"an":[77],"adversarial":[78,110,129],"example":[79],"that":[80],"misleads":[81],"attacker's":[83],"In":[85],"this":[86],"poster,":[87],"we":[88],"propose":[89,122],"two":[90,143],"novel":[91],"attacks":[92],"foil":[94],"protection":[96],"MemGuard.":[98],"We":[99,120],"apply":[100],"knowledge":[102],"distillation,":[103],"improve":[106],"resilience":[108],"examples":[111],"our":[113,117,132,142],"model,":[115],"as":[116,131],"first":[118],"attack.":[119,134],"also":[121],"resizing":[124],"denoise":[127],"example,":[130],"second":[133],"experimental":[136],"results":[137],"show":[138],"effectiveness":[140],"proposed":[144],"attacks.":[145]},"counts_by_year":[{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}