RelaxLoss: Defending Membership Inference Attacks without Losing Utility. (arXiv:2207.05801v1 [cs.LG])

As a long-term threat to the privacy of training data, membership inference
attacks (MIAs) emerge ubiquitously in machine learning models. Existing works
evidence strong connection between the distinguishability of the training and
testing loss distributions and the model's vulnerability to MIAs. Motivated by
existing results, we propose a novel training framework based on a relaxed loss
with a more achievable learning target, which leads to narrowed generalization
gap and reduced privacy leakage. RelaxLoss is applicable to any classification
model with …

attacks lg utility