{"id":"https://openalex.org/W3043638540","doi":"https://doi.org/10.1145/3624010","title":"A Survey of Privacy Attacks in Machine Learning","display_name":"A Survey of Privacy Attacks in Machine Learning","publication_year":2023,"publication_date":"2023-09-15","ids":{"openalex":"https://openalex.org/W3043638540","doi":"https://doi.org/10.1145/3624010","mag":"3043638540"},"language":"en","primary_location":{"id":"doi:10.1145/3624010","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3624010","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3624010","source":{"id":"https://openalex.org/S157921468","display_name":"ACM Computing Surveys","issn_l":"0360-0300","issn":["0360-0300","1557-7341"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Computing Surveys","raw_type":"journal-article"},"type":"review","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3624010","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5083294162","display_name":"Mar\u00eda Rigaki","orcid":"https://orcid.org/0000-0002-0688-7752"},"institutions":[{"id":"https://openalex.org/I44504214","display_name":"Czech Technical University in Prague","ror":"https://ror.org/03kqpb082","country_code":"CZ","type":"education","lineage":["https://openalex.org/I44504214"]}],"countries":["CZ"],"is_corresponding":true,"raw_author_name":"Maria Rigaki","raw_affiliation_strings":["Czech Technical University in Prague, Czech Republic"],"raw_orcid":"https://orcid.org/0000-0002-0688-7752","affiliations":[{"raw_affiliation_string":"Czech Technical University in Prague, Czech Republic","institution_ids":["https://openalex.org/I44504214"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101875170","display_name":"Sebasti\u00e1n Garc\u00eda","orcid":"https://orcid.org/0000-0001-6238-9910"},"institutions":[{"id":"https://openalex.org/I44504214","display_name":"Czech Technical University in Prague","ror":"https://ror.org/03kqpb082","country_code":"CZ","type":"education","lineage":["https://openalex.org/I44504214"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Sebastian Garcia","raw_affiliation_strings":["Czech Technical University in Prague, Czech Republic"],"raw_orcid":"https://orcid.org/0000-0001-6238-9910","affiliations":[{"raw_affiliation_string":"Czech Technical University in Prague, Czech Republic","institution_ids":["https://openalex.org/I44504214"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5083294162"],"corresponding_institution_ids":["https://openalex.org/I44504214"],"apc_list":null,"apc_paid":null,"fwci":27.4672,"has_fulltext":true,"cited_by_count":187,"citation_normalized_percentile":{"value":0.99751503,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"56","issue":"4","first_page":"1","last_page":"34"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.98580002784729,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8576012849807739},{"id":"https://openalex.org/keywords/adversarial-machine-learning","display_name":"Adversarial machine learning","score":0.7302840352058411},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.7084537148475647},{"id":"https://openalex.org/keywords/categorization","display_name":"Categorization","score":0.6751652359962463},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.662278950214386},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.5217084288597107},{"id":"https://openalex.org/keywords/open-research","display_name":"Open research","score":0.47419410943984985},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4720374345779419},{"id":"https://openalex.org/keywords/taxonomy","display_name":"Taxonomy (biology)","score":0.4638429284095764},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3882811665534973},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.34363335371017456},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.22239965200424194}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8576012849807739},{"id":"https://openalex.org/C2778403875","wikidata":"https://www.wikidata.org/wiki/Q20312394","display_name":"Adversarial machine learning","level":3,"score":0.7302840352058411},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.7084537148475647},{"id":"https://openalex.org/C94124525","wikidata":"https://www.wikidata.org/wiki/Q912550","display_name":"Categorization","level":2,"score":0.6751652359962463},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.662278950214386},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.5217084288597107},{"id":"https://openalex.org/C2778464652","wikidata":"https://www.wikidata.org/wiki/Q309849","display_name":"Open research","level":2,"score":0.47419410943984985},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4720374345779419},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.4638429284095764},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3882811665534973},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.34363335371017456},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.22239965200424194},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3624010","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3624010","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3624010","source":{"id":"https://openalex.org/S157921468","display_name":"ACM Computing Surveys","issn_l":"0360-0300","issn":["0360-0300","1557-7341"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Computing Surveys","raw_type":"journal-article"},{"id":"pmh:oai:arXiv.org:2007.07646","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2007.07646","pdf_url":"https://arxiv.org/pdf/2007.07646","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"doi:10.1145/3624010","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3624010","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3624010","source":{"id":"https://openalex.org/S157921468","display_name":"ACM Computing Surveys","issn_l":"0360-0300","issn":["0360-0300","1557-7341"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Computing Surveys","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.6700000166893005,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G4107003345","display_name":null,"funder_award_id":"CZ.02.1.01/0.0./0.0./16_019/0000765","funder_id":"https://openalex.org/F4320334253","funder_display_name":"Research Center for Informatics, Czech Technical University in Prague"}],"funders":[{"id":"https://openalex.org/F4320334253","display_name":"Research Center for Informatics, Czech Technical University in Prague","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3043638540.pdf","grobid_xml":"https://content.openalex.org/works/W3043638540.grobid-xml"},"referenced_works_count":150,"referenced_works":["https://openalex.org/W41554520","https://openalex.org/W574900623","https://openalex.org/W607505555","https://openalex.org/W1473189865","https://openalex.org/W1503398984","https://openalex.org/W1506806321","https://openalex.org/W1515782956","https://openalex.org/W1522301498","https://openalex.org/W1524281572","https://openalex.org/W1566289585","https://openalex.org/W1632114991","https://openalex.org/W1782590233","https://openalex.org/W1797268635","https://openalex.org/W1825675169","https://openalex.org/W1892323599","https://openalex.org/W1959608418","https://openalex.org/W1988720110","https://openalex.org/W1994616650","https://openalex.org/W2001619934","https://openalex.org/W2001996312","https://openalex.org/W2024922353","https://openalex.org/W2027595342","https://openalex.org/W2042333532","https://openalex.org/W2051267297","https://openalex.org/W2051434435","https://openalex.org/W2053637704","https://openalex.org/W2095705004","https://openalex.org/W2096356985","https://openalex.org/W2099471712","https://openalex.org/W2108598243","https://openalex.org/W2117876524","https://openalex.org/W2120875981","https://openalex.org/W2121863487","https://openalex.org/W2123921160","https://openalex.org/W2155195660","https://openalex.org/W2163455955","https://openalex.org/W2168231600","https://openalex.org/W2219888463","https://openalex.org/W2252024402","https://openalex.org/W2295598076","https://openalex.org/W2335728318","https://openalex.org/W2340897893","https://openalex.org/W2343954916","https://openalex.org/W2396881363","https://openalex.org/W2417429787","https://openalex.org/W2473418344","https://openalex.org/W2512472178","https://openalex.org/W2525332836","https://openalex.org/W2533598788","https://openalex.org/W2535690855","https://openalex.org/W2535873859","https://openalex.org/W2541884796","https://openalex.org/W2557283755","https://openalex.org/W2572504188","https://openalex.org/W2591882872","https://openalex.org/W2603766943","https://openalex.org/W2605258629","https://openalex.org/W2611650229","https://openalex.org/W2613332842","https://openalex.org/W2630997112","https://openalex.org/W2750384547","https://openalex.org/W2752520290","https://openalex.org/W2765200655","https://openalex.org/W2765982206","https://openalex.org/W2768348081","https://openalex.org/W2773446523","https://openalex.org/W2784621220","https://openalex.org/W2786233556","https://openalex.org/W2789304371","https://openalex.org/W2795435272","https://openalex.org/W2798657499","https://openalex.org/W2799040448","https://openalex.org/W2808195004","https://openalex.org/W2811973125","https://openalex.org/W2884943453","https://openalex.org/W2887995258","https://openalex.org/W2895805829","https://openalex.org/W2897830718","https://openalex.org/W2911964244","https://openalex.org/W2912023992","https://openalex.org/W2930249865","https://openalex.org/W2930926105","https://openalex.org/W2945237470","https://openalex.org/W2946363484","https://openalex.org/W2946930197","https://openalex.org/W2951055356","https://openalex.org/W2952604841","https://openalex.org/W2954172636","https://openalex.org/W2962835266","https://openalex.org/W2963080984","https://openalex.org/W2963303354","https://openalex.org/W2963378725","https://openalex.org/W2963456518","https://openalex.org/W2963464195","https://openalex.org/W2963560987","https://openalex.org/W2963844355","https://openalex.org/W2964019258","https://openalex.org/W2964162474","https://openalex.org/W2964253222","https://openalex.org/W2964318098","https://openalex.org/W2965527189","https://openalex.org/W2967985550","https://openalex.org/W2969695741","https://openalex.org/W2970408908","https://openalex.org/W2971760890","https://openalex.org/W2972280210","https://openalex.org/W2972997402","https://openalex.org/W2978426779","https://openalex.org/W2981952041","https://openalex.org/W2983140679","https://openalex.org/W2985580374","https://openalex.org/W2989885118","https://openalex.org/W2994896922","https://openalex.org/W2995525544","https://openalex.org/W2997146418","https://openalex.org/W3007318395","https://openalex.org/W3011159643","https://openalex.org/W3018424040","https://openalex.org/W3029645440","https://openalex.org/W3035616549","https://openalex.org/W3046764764","https://openalex.org/W3049515540","https://openalex.org/W3071470454","https://openalex.org/W3096738375","https://openalex.org/W3099103240","https://openalex.org/W3101156210","https://openalex.org/W3102476541","https://openalex.org/W3103245149","https://openalex.org/W3103802018","https://openalex.org/W3103932910","https://openalex.org/W3103940881","https://openalex.org/W3104224589","https://openalex.org/W3106051020","https://openalex.org/W3106873467","https://openalex.org/W3110470025","https://openalex.org/W3112787034","https://openalex.org/W3114953370","https://openalex.org/W3118608800","https://openalex.org/W3120740533","https://openalex.org/W3126152116","https://openalex.org/W3138166738","https://openalex.org/W3190229640","https://openalex.org/W3204406378","https://openalex.org/W3214437258","https://openalex.org/W4205228770","https://openalex.org/W4212774754","https://openalex.org/W4236362309","https://openalex.org/W4247200422","https://openalex.org/W4288104392","https://openalex.org/W4301014524"],"related_works":["https://openalex.org/W3048732067","https://openalex.org/W4383468834","https://openalex.org/W4283221438","https://openalex.org/W2900159906","https://openalex.org/W4384648009","https://openalex.org/W4287828318","https://openalex.org/W2406556600","https://openalex.org/W4380352238","https://openalex.org/W3126470649","https://openalex.org/W2930249865"],"abstract_inverted_index":{"As":[0],"machine":[1,42,70],"learning":[2,43,71],"becomes":[3,17],"more":[4,18,61],"widely":[5],"used,":[6],"the":[7,21,32,38,49,77,93,100,104,112,126,135,144],"need":[8],"to":[9,66],"study":[10],"its":[11],"implications":[12],"in":[13,25,54],"security":[14,50],"and":[15,103,140,147],"privacy":[16,26,39,67,115],"urgent.":[19],"Although":[20],"body":[22],"of":[23,41,60,95,111,114,125,134,143],"work":[24],"has":[27,44],"been":[28,74],"steadily":[29],"growing":[30],"over":[31],"past":[33,78],"few":[34],"years,":[35],"research":[36,56],"on":[37,99],"aspects":[40],"received":[45],"less":[46],"focus":[47],"than":[48,62],"aspects.":[51],"Our":[52],"contribution":[53],"this":[55],"is":[57,117],"an":[58,83,132],"analysis":[59,124],"45":[63],"papers":[64],"related":[65],"attacks":[68,97],"against":[69],"that":[72,91],"have":[73],"published":[75],"during":[76,151],"seven":[79],"years.":[80],"We":[81],"propose":[82],"attack":[84],"taxonomy,":[85],"together":[86],"with":[87],"a":[88,122,141],"threat":[89],"model":[90],"allows":[92],"categorization":[94],"different":[96,127],"based":[98],"adversarial":[101],"knowledge,":[102],"assets":[105],"under":[106],"attack.":[107],"An":[108],"initial":[109],"exploration":[110],"causes":[113],"leaks":[116],"presented,":[118],"as":[119,121],"well":[120],"detailed":[123],"attacks.":[128],"Finally,":[129],"we":[130],"present":[131],"overview":[133],"most":[136],"commonly":[137],"proposed":[138],"defenses":[139],"discussion":[142],"open":[145],"problems":[146],"future":[148],"directions":[149],"identified":[150],"our":[152],"analysis.":[153]},"counts_by_year":[{"year":2026,"cited_by_count":18},{"year":2025,"cited_by_count":75},{"year":2024,"cited_by_count":64},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":10},{"year":2021,"cited_by_count":10},{"year":2020,"cited_by_count":3}],"updated_date":"2026-05-11T08:15:01.531666","created_date":"2025-10-10T00:00:00"}