{"id":"https://openalex.org/W3107015477","doi":"https://doi.org/10.1145/3372297.3423363","title":"Estimating g-Leakage via Machine Learning","display_name":"Estimating g-Leakage via Machine Learning","publication_year":2020,"publication_date":"2020-10-30","ids":{"openalex":"https://openalex.org/W3107015477","doi":"https://doi.org/10.1145/3372297.3423363","mag":"3107015477"},"language":"en","primary_location":{"id":"doi:10.1145/3372297.3423363","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3372297.3423363","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5114859809","display_name":"Marco Romanelli","orcid":"https://orcid.org/0000-0002-3810-4476"},"institutions":[{"id":"https://openalex.org/I142476485","display_name":"\u00c9cole Polytechnique","ror":"https://ror.org/05hy3tk52","country_code":"FR","type":"education","lineage":["https://openalex.org/I142476485","https://openalex.org/I4210145102"]},{"id":"https://openalex.org/I102064193","display_name":"University of Siena","ror":"https://ror.org/01tevnk56","country_code":"IT","type":"education","lineage":["https://openalex.org/I102064193"]},{"id":"https://openalex.org/I4210145102","display_name":"Institut Polytechnique de Paris","ror":"https://ror.org/042tfbd02","country_code":"FR","type":"education","lineage":["https://openalex.org/I4210145102"]}],"countries":["FR","IT"],"is_corresponding":true,"raw_author_name":"Marco Romanelli","raw_affiliation_strings":["Inria &amp; \u00c9cole Polytechnique &amp; IPP &amp; Universit\u00e0 di Siena, Palaiseau, France","COMETE - Concurrency, Mobility and Transactions (B\u00e2t Alan Turing, Campus de l'Ecole Polytechnique, 1 rue Honor\u00e9 d'Estienne d'orves, 91120 Palaiseau (France) - France)","UNISI - Universit\u00e0 degli Studi di Siena = University of Siena (Rettorato - Via Banchi di Sotto 55 - 53100 Siena - Italy)"],"affiliations":[{"raw_affiliation_string":"Inria &amp; \u00c9cole Polytechnique &amp; IPP &amp; Universit\u00e0 di Siena, Palaiseau, France","institution_ids":["https://openalex.org/I142476485","https://openalex.org/I4210145102"]},{"raw_affiliation_string":"COMETE - Concurrency, Mobility and Transactions (B\u00e2t Alan Turing, Campus de l'Ecole Polytechnique, 1 rue Honor\u00e9 d'Estienne d'orves, 91120 Palaiseau (France) - France)","institution_ids":["https://openalex.org/I142476485"]},{"raw_affiliation_string":"UNISI - Universit\u00e0 degli Studi di Siena = University of Siena (Rettorato - Via Banchi di Sotto 55 - 53100 Siena - Italy)","institution_ids":["https://openalex.org/I102064193"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066098595","display_name":"Konstantinos Chatzikokolakis","orcid":"https://orcid.org/0000-0002-3081-5775"},"institutions":[{"id":"https://openalex.org/I200777214","display_name":"National and Kapodistrian University of Athens","ror":"https://ror.org/04gnjpq42","country_code":"GR","type":"education","lineage":["https://openalex.org/I200777214"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Konstantinos Chatzikokolakis","raw_affiliation_strings":["University of Athens, Athens, Greece","NKUA - National and Kapodistrian University of Athens (Athens 157 72 - Greece)"],"affiliations":[{"raw_affiliation_string":"University of Athens, Athens, Greece","institution_ids":["https://openalex.org/I200777214"]},{"raw_affiliation_string":"NKUA - National and Kapodistrian University of Athens (Athens 157 72 - Greece)","institution_ids":["https://openalex.org/I200777214"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090842450","display_name":"Catuscia Palamidessi","orcid":"https://orcid.org/0000-0003-4597-7002"},"institutions":[{"id":"https://openalex.org/I4210145102","display_name":"Institut Polytechnique de Paris","ror":"https://ror.org/042tfbd02","country_code":"FR","type":"education","lineage":["https://openalex.org/I4210145102"]},{"id":"https://openalex.org/I142476485","display_name":"\u00c9cole Polytechnique","ror":"https://ror.org/05hy3tk52","country_code":"FR","type":"education","lineage":["https://openalex.org/I142476485","https://openalex.org/I4210145102"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Catuscia Palamidessi","raw_affiliation_strings":["Inria &amp; \u00c9cole Polytechnique &amp; IPP, Palaiseau, France","COMETE - Concurrency, Mobility and Transactions (B\u00e2t Alan Turing, Campus de l'Ecole Polytechnique, 1 rue Honor\u00e9 d'Estienne d'orves, 91120 Palaiseau (France) - France)"],"affiliations":[{"raw_affiliation_string":"Inria &amp; \u00c9cole Polytechnique &amp; IPP, Palaiseau, France","institution_ids":["https://openalex.org/I142476485","https://openalex.org/I4210145102"]},{"raw_affiliation_string":"COMETE - Concurrency, Mobility and Transactions (B\u00e2t Alan Turing, Campus de l'Ecole Polytechnique, 1 rue Honor\u00e9 d'Estienne d'orves, 91120 Palaiseau (France) - France)","institution_ids":["https://openalex.org/I142476485"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5071189599","display_name":"Pablo Piantanida","orcid":"https://orcid.org/0000-0002-8717-2117"},"institutions":[{"id":"https://openalex.org/I277688954","display_name":"Universit\u00e9 Paris-Saclay","ror":"https://ror.org/03xjwb503","country_code":"FR","type":"education","lineage":["https://openalex.org/I277688954"]},{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"funder","lineage":["https://openalex.org/I1294671590"]},{"id":"https://openalex.org/I4210107720","display_name":"CentraleSup\u00e9lec","ror":"https://ror.org/019tcpt25","country_code":"FR","type":"facility","lineage":["https://openalex.org/I277688954","https://openalex.org/I4210107720"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Pablo Piantanida","raw_affiliation_strings":["CentraleSupelec &amp; CNRS &amp; Universit\u00e9 Paris Saclay, Gif-sur-Yvette, France","CNRS - Centre National de la Recherche Scientifique (France)","CentraleSup\u00e9lec (3, rue Joliot Curie,\r\nPlateau de Moulon,\r\n91192 GIF-SUR-YVETTE Cedex - France)"],"affiliations":[{"raw_affiliation_string":"CentraleSupelec &amp; CNRS &amp; Universit\u00e9 Paris Saclay, Gif-sur-Yvette, France","institution_ids":["https://openalex.org/I4210107720","https://openalex.org/I277688954","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"CNRS - Centre National de la Recherche Scientifique (France)","institution_ids":["https://openalex.org/I1294671590"]},{"raw_affiliation_string":"CentraleSup\u00e9lec (3, rue Joliot Curie,\r\nPlateau de Moulon,\r\n91192 GIF-SUR-YVETTE Cedex - France)","institution_ids":["https://openalex.org/I4210107720"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5114859809"],"corresponding_institution_ids":["https://openalex.org/I142476485","https://openalex.org/I102064193","https://openalex.org/I4210145102"],"apc_list":null,"apc_paid":null,"fwci":1.32173594,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.83994863,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"697","last_page":"716"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7508255243301392},{"id":"https://openalex.org/keywords/frequentist-inference","display_name":"Frequentist inference","score":0.6625626087188721},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5930104851722717},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5842159986495972},{"id":"https://openalex.org/keywords/bayes-theorem","display_name":"Bayes' theorem","score":0.5211103558540344},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.5105737447738647},{"id":"https://openalex.org/keywords/learnability","display_name":"Learnability","score":0.5061158537864685},{"id":"https://openalex.org/keywords/observability","display_name":"Observability","score":0.4659990072250366},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4294590353965759},{"id":"https://openalex.org/keywords/bayes-classifier","display_name":"Bayes classifier","score":0.4237532913684845},{"id":"https://openalex.org/keywords/bayesian-probability","display_name":"Bayesian probability","score":0.3998068571090698},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3295377492904663},{"id":"https://openalex.org/keywords/bayesian-inference","display_name":"Bayesian inference","score":0.22165080904960632},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.1652049720287323}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7508255243301392},{"id":"https://openalex.org/C162376815","wikidata":"https://www.wikidata.org/wiki/Q2158281","display_name":"Frequentist inference","level":4,"score":0.6625626087188721},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5930104851722717},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5842159986495972},{"id":"https://openalex.org/C207201462","wikidata":"https://www.wikidata.org/wiki/Q182505","display_name":"Bayes' theorem","level":3,"score":0.5211103558540344},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.5105737447738647},{"id":"https://openalex.org/C2777723229","wikidata":"https://www.wikidata.org/wiki/Q4367921","display_name":"Learnability","level":2,"score":0.5061158537864685},{"id":"https://openalex.org/C36299963","wikidata":"https://www.wikidata.org/wiki/Q1369844","display_name":"Observability","level":2,"score":0.4659990072250366},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4294590353965759},{"id":"https://openalex.org/C185207860","wikidata":"https://www.wikidata.org/wiki/Q17004744","display_name":"Bayes classifier","level":4,"score":0.4237532913684845},{"id":"https://openalex.org/C107673813","wikidata":"https://www.wikidata.org/wiki/Q812534","display_name":"Bayesian probability","level":2,"score":0.3998068571090698},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3295377492904663},{"id":"https://openalex.org/C160234255","wikidata":"https://www.wikidata.org/wiki/Q812535","display_name":"Bayesian inference","level":3,"score":0.22165080904960632},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.1652049720287323},{"id":"https://openalex.org/C28826006","wikidata":"https://www.wikidata.org/wiki/Q33521","display_name":"Applied mathematics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3372297.3423363","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3372297.3423363","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.4399999976158142,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W203253523","https://openalex.org/W607505555","https://openalex.org/W1138977110","https://openalex.org/W1480376833","https://openalex.org/W1545192341","https://openalex.org/W1554944419","https://openalex.org/W1873763122","https://openalex.org/W1982065519","https://openalex.org/W2048142551","https://openalex.org/W2056277260","https://openalex.org/W2060871119","https://openalex.org/W2067955804","https://openalex.org/W2097151854","https://openalex.org/W2100483895","https://openalex.org/W2103759928","https://openalex.org/W2149517094","https://openalex.org/W2508641559","https://openalex.org/W2604754095","https://openalex.org/W2911978475","https://openalex.org/W2928004262","https://openalex.org/W2969765251","https://openalex.org/W4212863985","https://openalex.org/W4236362309","https://openalex.org/W4245577611"],"related_works":["https://openalex.org/W4220993161","https://openalex.org/W2057359786","https://openalex.org/W2034570513","https://openalex.org/W1969985447","https://openalex.org/W1986699031","https://openalex.org/W4365601408","https://openalex.org/W4285191047","https://openalex.org/W3210203749","https://openalex.org/W2041448365","https://openalex.org/W891638917"],"abstract_inverted_index":{"This":[0],"paper":[1],"considers":[2],"the":[3,7,14,19,25,33,48,62,66,77,88,91,95,117,124,128,147,171,181,198,207,221,225],"problem":[4],"of":[5,10,39,79,90,94,119,144,154,170,191],"estimating":[6],"information":[8,36],"leakage":[9,145],"a":[11,53,163,188],"system":[12,49],"in":[13],"black-box":[15,168],"scenario,":[16],"i.e.":[17],"when":[18,76,224],"system's":[20],"internals":[21],"are":[22,37],"unknown":[23],"to":[24,30,47,64,111,116,122,134,166,179],"learner,":[26],"or":[27,50],"too":[28],"complicated":[29],"analyze,":[31],"and":[32,106,141,159,184,215],"only":[34,132],"available":[35],"pairs":[38],"input-output":[40,67,125],"data":[41,202],"samples,":[42],"obtained":[43],"by":[44,52],"submitting":[45],"queries":[46],"provided":[51],"third":[54],"party.":[55],"The":[56],"frequentist":[57,222],"approach":[58,165,219],"relies":[59],"on":[60],"counting":[61],"frequencies":[63],"estimate":[65,180],"conditional":[68,182],"probabilities,":[69],"however":[70],"this":[71,86],"method":[72],"is":[73,82,131,146,185,228],"not":[74,177],"accurate":[75,114],"domain":[78,227],"possible":[80],"outputs":[81],"large.":[83,229],"To":[84],"overcome":[85],"difficulty,":[87],"estimation":[89,169],"Bayes":[92,129],"error":[93],"ideal":[96],"classifier":[97],"was":[98],"recently":[99],"investigated":[100],"using":[101,173,212],"Machine":[102],"Learning":[103],"(ML)":[104],"models,":[105],"it":[107],"has":[108],"been":[109],"shown":[110],"be":[112],"more":[113,139],"thanks":[115],"ability":[118],"those":[120],"models":[121],"learn":[123],"correspondence.":[126],"However,":[127],"vulnerability":[130],"suitable":[133,186],"describe":[135],"one-try":[136],"attacks.":[137],"A":[138],"general":[140],"flexible":[142],"measure":[143],"g-vulnerability,":[148],"which":[149,175],"encompasses":[150],"several":[151],"different":[152,157],"types":[153],"adversaries,":[155],"with":[156],"goals":[158],"capabilities.":[160],"We":[161],"propose":[162],"novel":[164],"perform":[167],"g-vulnerability":[172],"ML":[174,192],"does":[176],"require":[178],"probabilities":[183],"for":[187,200],"large":[189],"class":[190],"algorithms.":[193],"First,":[194],"we":[195,205],"formally":[196],"show":[197],"learnability":[199],"all":[201],"distributions.":[203],"Then,":[204],"evaluate":[206],"performance":[208],"via":[209],"various":[210],"experiments":[211],"k-Nearest":[213],"Neighbors":[214],"Neural":[216],"Networks.":[217],"Our":[218],"outperform":[220],"one":[223],"observables":[226]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}