Membership Inference

TECHNICAL DEFINITION

A privacy attack where an adversary attempts to determine whether a particular data record was included in the training dataset of a given AI model, leveraging the model's differential behavior on members versus non-members.

BACKGROUND

AI anthropomorphism is the attribution of human-like feelings, mental states, and behavioral characteristics to artificial intelligence systems. Factors related to the user of the AI – such as culture, age, education, gender, and personality traits – are also important determinants of the strength of anthropomorphic effects.

SYNONYMS & ALIASES

• Training data leakage
• data presence inference
• privacy breach

USAGE NOTE

Membership inference attacks can reveal sensitive information about individuals whose data was used for training.

DEVELOPERS

Organizations developing technology related to Membership Inference.

• Google AI

  Google AI conducts extensive research into AI privacy, including differential privacy techniques and methods to mitigate membership inference attacks. They develop frameworks and contribute to academic advancements in this area.

• Microsoft Research

  Microsoft Research actively pursues advancements in responsible AI, AI security, and privacy. Their work includes research and development of techniques to understand and defend against membership inference attacks through approaches like differential privacy and model robustness.

• IBM Research

  IBM Research has a long-standing focus on AI ethics, trust, and security. They develop frameworks and conduct research in privacy-preserving machine learning and explainable AI, which includes efforts to counter various privacy attacks like membership inference.

• OpenMined

  OpenMined is an open-source community and organization dedicated to building tools for privacy-preserving AI. Their frameworks like PySyft enable secure multi-party computation and federated learning, which are direct approaches to preventing membership inference and other data leakage.

• Inpher

  Inpher specializes in privacy-preserving machine learning (PPML) platforms that utilize advanced cryptographic techniques such as Fully Homomorphic Encryption (FHE) and Secure Multi-Party Computation (MPC). These technologies inherently protect against privacy breaches like membership inference by allowing computation on encrypted data.

• Anthropic

  Anthropic is focused on AI safety and alignment, which includes understanding and mitigating risks in large language models. Their research into model transparency, robustness, and preventing unintended data leakage directly relates to defending against privacy vulnerabilities such as membership inference.

• Trail of Bits

  Trail of Bits is a cybersecurity company that provides security research and audits for AI systems. They develop methodologies and tools to identify and remediate vulnerabilities, including privacy attacks like membership inference, helping organizations build more secure AI models.

• Meta AI (FAIR)

  Meta AI conducts fundamental research in artificial intelligence, encompassing areas like model robustness, privacy, and security. Their work often involves developing methods to improve the resilience of AI models against various attacks, including membership inference, and exploring privacy-enhancing technologies.