{"id":"https://openalex.org/W3213187311","doi":"https://doi.org/10.1145/3460120.3485338","title":"Membership Inference Attacks against GANs by Leveraging Over-representation Regions","display_name":"Membership Inference Attacks against GANs by Leveraging Over-representation Regions","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3213187311","doi":"https://doi.org/10.1145/3460120.3485338","mag":"3213187311"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3485338","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3485338","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://orbilu.uni.lu/handle/10993/48640","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5012796533","display_name":"Hailong Hu","orcid":"https://orcid.org/0000-0001-5138-4014"},"institutions":[{"id":"https://openalex.org/I186903577","display_name":"University of Luxembourg","ror":"https://ror.org/036x5ad56","country_code":"LU","type":"education","lineage":["https://openalex.org/I186903577"]}],"countries":["LU"],"is_corresponding":true,"raw_author_name":"Hailong Hu","raw_affiliation_strings":["University of Luxembourg, Esch-sur-Alzette, Luxembourg"],"affiliations":[{"raw_affiliation_string":"University of Luxembourg, Esch-sur-Alzette, Luxembourg","institution_ids":["https://openalex.org/I186903577"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5073684178","display_name":"Jun Pang","orcid":"https://orcid.org/0000-0002-4521-4112"},"institutions":[{"id":"https://openalex.org/I186903577","display_name":"University of Luxembourg","ror":"https://ror.org/036x5ad56","country_code":"LU","type":"education","lineage":["https://openalex.org/I186903577"]}],"countries":["LU"],"is_corresponding":false,"raw_author_name":"Jun Pang","raw_affiliation_strings":["University of Luxembourg, Esch-sur-Alzette, Luxembourg"],"affiliations":[{"raw_affiliation_string":"University of Luxembourg, Esch-sur-Alzette, Luxembourg","institution_ids":["https://openalex.org/I186903577"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5012796533"],"corresponding_institution_ids":["https://openalex.org/I186903577"],"apc_list":null,"apc_paid":null,"fwci":1.3996,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.85295372,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"2387","last_page":"2389"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10775","display_name":"Generative Adversarial Networks and Image Synthesis","score":0.9914000034332275,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8561127781867981},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.8383177518844604},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.8014785647392273},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7025187015533447},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.6442001461982727},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.6172736287117004},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.5776821970939636},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.5513092875480652},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.5258106589317322},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4548819363117218},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.45399507880210876},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4442162811756134},{"id":"https://openalex.org/keywords/generative-grammar","display_name":"Generative grammar","score":0.42607229948043823},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.41502851247787476},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4006103575229645}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8561127781867981},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.8383177518844604},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.8014785647392273},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7025187015533447},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.6442001461982727},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.6172736287117004},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.5776821970939636},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.5513092875480652},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.5258106589317322},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4548819363117218},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.45399507880210876},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4442162811756134},{"id":"https://openalex.org/C39890363","wikidata":"https://www.wikidata.org/wiki/Q36108","display_name":"Generative grammar","level":2,"score":0.42607229948043823},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.41502851247787476},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4006103575229645},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3460120.3485338","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3460120.3485338","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:orbilu.uni.lu:10993/48640","is_oa":true,"landing_page_url":"https://orbilu.uni.lu/handle/10993/48640","pdf_url":null,"source":{"id":"https://openalex.org/S4306401815","display_name":"Open Repository and Bibliography (University of Luxembourg)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I186903577","host_organization_name":"University of Luxembourg","host_organization_lineage":["https://openalex.org/I186903577"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS'21), 2387-2389 (2021); 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2021","raw_type":"peer reviewed"}],"best_oa_location":{"id":"pmh:oai:orbilu.uni.lu:10993/48640","is_oa":true,"landing_page_url":"https://orbilu.uni.lu/handle/10993/48640","pdf_url":null,"source":{"id":"https://openalex.org/S4306401815","display_name":"Open Repository and Bibliography (University of Luxembourg)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I186903577","host_organization_name":"University of Luxembourg","host_organization_lineage":["https://openalex.org/I186903577"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings of the 27th ACM SIGSAC Conference on Computer and Communications Security (CCS'21), 2387-2389 (2021); 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS), 2021","raw_type":"peer reviewed"},"sustainable_development_goals":[{"score":0.7099999785423279,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G2428617082","display_name":null,"funder_award_id":"13550291","funder_id":"https://openalex.org/F4320321038","funder_display_name":"Fonds National de la Recherche Luxembourg"}],"funders":[{"id":"https://openalex.org/F4320321038","display_name":"Fonds National de la Recherche Luxembourg","ror":"https://ror.org/039z13y21"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W2535690855","https://openalex.org/W2795435272","https://openalex.org/W2887995258","https://openalex.org/W2946930197","https://openalex.org/W2962770929","https://openalex.org/W2963378725","https://openalex.org/W2963981733","https://openalex.org/W3042518613","https://openalex.org/W3048775464","https://openalex.org/W3071470454","https://openalex.org/W3096692244","https://openalex.org/W3106873467","https://openalex.org/W3112689365","https://openalex.org/W3164762628","https://openalex.org/W3190860428"],"related_works":["https://openalex.org/W4320018150","https://openalex.org/W2918664383","https://openalex.org/W2040808657","https://openalex.org/W4320855730","https://openalex.org/W106056076","https://openalex.org/W2135200719","https://openalex.org/W2588995807","https://openalex.org/W4307079546","https://openalex.org/W4283317927","https://openalex.org/W4387796593"],"abstract_inverted_index":{"Generative":[0],"adversarial":[1],"networks":[2],"(GANs)":[3],"have":[4],"made":[5],"unprecedented":[6],"performance":[7],"in":[8,16],"image":[9],"synthesis":[10],"and":[11],"play":[12],"a":[13,32,42,83,86,98,112],"key":[14],"role":[15],"various":[17],"downstream":[18],"applications":[19],"of":[20,121,124,133],"computer":[21],"vision.":[22],"However,":[23],"GAN":[24,114,127],"models":[25],"trained":[26],"on":[27,56,81],"sensitive":[28],"data":[29],"also":[30],"pose":[31],"distinct":[33],"threat":[34],"to":[35,68,79],"privacy.":[36],"In":[37],"this":[38],"poster,":[39],"we":[40],"present":[41],"novel":[43],"over-representation":[44],"based":[45],"membership":[46],"inference":[47,70],"attack.":[48],"Unlike":[49],"prior":[50],"attacks":[51],"against":[52],"GANs":[53],"which":[54,75],"focus":[55],"the":[57,62,72,77,94,104,122,130],"overall":[58,105],"metrics,":[59],"such":[60],"as":[61,85],"attack":[63,66,101,106],"accuracy,":[64],"our":[65],"aims":[67],"make":[69],"from":[71],"high-precision":[73],"perspective,":[74],"allows":[76],"adversary":[78,95],"concentrate":[80],"inferring":[82],"sample":[84],"member":[87],"confidently.":[88],"Initial":[89],"experimental":[90],"results":[91],"demonstrate":[92],"that":[93],"can":[96],"achieve":[97],"high":[99],"precision":[100,125],"even":[102],"if":[103],"accuracy":[107],"is":[108],"about":[109],"50%":[110],"for":[111],"well-trained":[113],"model.":[115],"Our":[116],"work":[117],"will":[118],"raise":[119],"awareness":[120],"importance":[123],"when":[126],"owners":[128],"evaluate":[129],"privacy":[131],"risks":[132],"their":[134],"models.":[135]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":5}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}