Adversarial Attacks Against Deep Generative Models on Data: A Survey

Sun, Hui; Zhu, Tianqing; Zhang, Zhiqiu; Jin, Dawei; Xiong, Ping; Zhou, Wanlei

doi:10.1109/tkde.2021.3130903

Cited by 32 publications

(6 citation statements)

References 78 publications

(122 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The starting assumption for the partitioning method is that the synthetic data distribution approximates the real dataset distribution. 61 Therefore, the probability that the attack dataset belongs to the training dataset is proportional to the probability that the attack dataset belongs to the synthetic dataset. The partitioning method does not require a large reference dataset, which explains why it is the most commonly implemented in practice.…”

Section: Methodsmentioning

confidence: 99%

“…For these simulations, we ran 50 iterations for each study point where we varied the parameters as follows: (1) the

parameter was varied randomly from 0 to 1, (2) the size of the attack dataset was fixed at 1000 observations, although when we varied that parameter it had no impact on the results as we just need sufficient observations to get a stable value for F1, (3) the training dataset size was set to 5k, 15k, and 25k, (4) the Hamming distance threshold was set to 5 which is within the range of values commonly used in the literature, 61 (5) 2 generative models were used, and (6) 4 different datasets.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Validating a membership disclosure metric for synthetic health data

Emam

Mosquera

Fang³

2022

JAMIA Open

View full text Add to dashboard Cite

Background One of the increasingly accepted methods to evaluate the privacy of synthetic data is by measuring the risk of membership disclosure. This is a measure of the F1 accuracy that an adversary would correctly ascertain that a target individual from the same population as the real data is in the dataset used to train the generative model, and is commonly estimated using a data partitioning methodology with a 0.5 partitioning parameter. Objective Validate the membership disclosure F1 score, evaluate and improve the parametrization of the partitioning method, and provide a benchmark for its interpretation. Materials and methods We performed a simulated membership disclosure attack on 4 population datasets: an Ontario COVID-19 dataset, a state hospital discharge dataset, a national health survey, and an international COVID-19 behavioral survey. Two generative methods were evaluated: sequential synthesis and a generative adversarial network. A theoretical analysis and a simulation were used to determine the correct partitioning parameter that would give the same F1 score as a ground truth simulated membership disclosure attack. Results The default 0.5 parameter can give quite inaccurate membership disclosure values. The proportion of records from the training dataset in the attack dataset must be equal to the sampling fraction of the real dataset from the population. The approach is demonstrated on 7 clinical trial datasets. Conclusions Our proposed parameterization, as well as interpretation and generative model training guidance provide a theoretically and empirically grounded basis for evaluating and managing membership disclosure risk for synthetic data.

show abstract

Section: Methodsmentioning

confidence: 99%

“…For these simulations, we ran 50 iterations for each study point where we varied the parameters as follows: (1) the

Section: Methodsmentioning

confidence: 99%

Validating a membership disclosure metric for synthetic health data

Emam

Mosquera

Fang³

2022

JAMIA Open

View full text Add to dashboard Cite

show abstract

“…In conclusion, they discussed several promising directions such as developing more efficient and scalable techniques and highlighting the primary technical hurdles that need to be addressed. [25] provides a comprehensive overview of adversarial attacks targeting deep generative models (DGMs), which are machine learning models used for generating data like images, text, and audio. The survey covers various types of attacks on DGMs, including those targeting training data, latent codes, generators, discriminators, and the generated data itself.…”

Section: Related Workmentioning

confidence: 99%

Privacy and Security Concerns in Generative AI: A Comprehensive Survey

Golda,

Mekonen,

Pandey

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Generative Artificial Intelligence (GAI) has sparked a transformative wave across various domains, including machine learning, healthcare, business, and entertainment, owing to its remarkable ability to generate lifelike data. This comprehensive survey offers a meticulous examination of the privacy and security challenges inherent to GAI. It provides five pivotal perspectives essential for a comprehensive understanding of these intricacies. The paper encompasses discussions on GAI architectures, diverse generative model types, practical applications, and recent advancements within the field. In addition, it highlights current security strategies and proposes sustainable solutions, emphasizing user, developer, institutional, and policymaker involvement.

show abstract

“…Another study emphasizes the need for secure and robust machine learning techniques in health care, particularly focusing on privacy and security [50]. Finally, a study addresses the vulnerabilities of generative models to adversarial attacks (eg, evasion attacks and membership inference attacks), highlighting a significant area of concern in health care data security [51]. These studies collectively underscore the need for a balanced approach to leveraging the benefits of AI-driven health care innovations while ensuring robust privacy and security measures.…”

Section: Differential Privacy In Gansmentioning

confidence: 99%

Generative AI in Medical Practice: In-Depth Exploration of Privacy and Security Challenges

Chen,

Esmaeilzadeh

2024

J Med Internet Res

View full text Add to dashboard Cite

As advances in artificial intelligence (AI) continue to transform and revolutionize the field of medicine, understanding the potential uses of generative AI in health care becomes increasingly important. Generative AI, including models such as generative adversarial networks and large language models, shows promise in transforming medical diagnostics, research, treatment planning, and patient care. However, these data-intensive systems pose new threats to protected health information. This Viewpoint paper aims to explore various categories of generative AI in health care, including medical diagnostics, drug discovery, virtual health assistants, medical research, and clinical decision support, while identifying security and privacy threats within each phase of the life cycle of such systems (ie, data collection, model development, and implementation phases). The objectives of this study were to analyze the current state of generative AI in health care, identify opportunities and privacy and security challenges posed by integrating these technologies into existing health care infrastructure, and propose strategies for mitigating security and privacy risks. This study highlights the importance of addressing the security and privacy threats associated with generative AI in health care to ensure the safe and effective use of these systems. The findings of this study can inform the development of future generative AI systems in health care and help health care organizations better understand the potential benefits and risks associated with these systems. By examining the use cases and benefits of generative AI across diverse domains within health care, this paper contributes to theoretical discussions surrounding AI ethics, security vulnerabilities, and data privacy regulations. In addition, this study provides practical insights for stakeholders looking to adopt generative AI solutions within their organizations.

show abstract

Adversarial Attacks Against Deep Generative Models on Data: A Survey

Cited by 32 publications

References 78 publications

Validating a membership disclosure metric for synthetic health data

Validating a membership disclosure metric for synthetic health data

Privacy and Security Concerns in Generative AI: A Comprehensive Survey

Generative AI in Medical Practice: In-Depth Exploration of Privacy and Security Challenges

Contact Info

Product

Resources

About