Datamodel Distance: A New Metric for Privacy

Authors

  • Paul Lintilhac Thayer School of Engineering and Department of Computer Science, Dartmouth College
  • Henry Scheible Thayer School of Engineering and Department of Computer Science, Dartmouth College
  • Nathaniel D. Bastian Department of Electrical Engineering and Computer Science, United States Military Academy

DOI:

https://doi.org/10.1609/aaaiss.v4i1.31773

Abstract

Recent work developing Membership Inference Attacks has demonstrated that certain points in the dataset are often in- trinsically easier to attack than others. In this paper, we intro- duce a new pointwise metric, the Datamodel Distance, and show that it is empirically correlated to and establishes a theoreti- cal lower bound for the success probability for a point under the LiRA Membership Inference Attack. This establishes a connection between the concepts of Datamodels and Member- ship Inference, and also gives new intuitive explanations for why certain points are more susceptible to attack than others. We then use datamodels as a lens through which to investigate the Privacy Onion Efect.

Downloads

Published

2024-11-08

How to Cite

Lintilhac, P., Scheible, H., & Bastian, N. D. (2024). Datamodel Distance: A New Metric for Privacy. Proceedings of the AAAI Symposium Series, 4(1), 68-75. https://doi.org/10.1609/aaaiss.v4i1.31773

Issue

Vol. 4 No. 1: Proceedings of the 2024 AAAI Fall Symposia

Section

AI Trustworthiness and Risk Assessment for Challenging Contexts (ATRACC)