中圖分類號(hào)： TP309
文獻(xiàn)標(biāo)識(shí)碼： A
DOI： 10.19358/j.issn.2096-5133.2021.08.011
引用格式： 王鵬焱. 機(jī)器學(xué)習(xí)中的成員推斷攻擊與防御研究[J].信息技術(shù)與網(wǎng)絡(luò)安全，2021，40(8)：65-70,83.

Reasearch on membership inference attack and defense in machine learning

Abstract： As machine learning penetrates into all aspects of daily life, its data privacy issues have received more and more attention. Membership inference attacks are one of the security threats faced by machine learning algorithms. They are used to infer whether specific data exists in the training set of machine learning models, which brings great security risks to users and poses challenges to the security of machine learning models. To this end, the researchers inferred that attacks can not only discover threats to private data, but also provide ideas for the proposal of defense technologies. This article conducts a detailed analysis of the research on membership inference attacks in recent years, and divides the attacks into three types: discriminative model attacks, generative model attacks, and federated learning attacks according to different application scenarios. At the same time, according to the development status of membership inference attacks and defense, this paper expounds the factors that affect the attack and the classic defense strategies. Finally, it points out the problems that need to be solved in the membership inference attacks and the future development direction.

Key words : machine learning；membership inference attack；privacy security；defense technology