Application of particle swarm algorithm in defending membership inference attack

• 1、School of Cyberspace Security,Beijing University of Posts and Telecommunications,beijing

Abstract：Recently, with the continuous popularization and development of big data and machine learning technologies, the privacy leakage problem of training data is becoming increasingly serious. In the case that can only call the model\'s API without obtaining its internal structure and parameters, given a piece of data, membership inference attackcan determine whether it is in the model\'s training data set. In order to resist this attack, based on a full study and analysis of its attack characteristics, this paper draws on the particle swarm algorithm migration form, and proposes a particle swarm sample migration algorithm to generate a new data set from the original data set. Then trainng model with the new data set, so that the model does not directly contact the original data, thereby achieving the protection of data privacy. On the MNIST dataset, the method in this paper resists membership inference attack well with a controlled loss of accuracy (3%).

Keywords： Machinelearning Privacy protection membership inference attack Particle swarm optimization