Abstract
The risk posed by Membership Inference Attack (MIA) to deep learning models for Computer Vision (CV) tasks is well known, but MIA has not been addressed or explored fully in the Natural Language Processing (NLP) domain. In this work, we analyze the security risk posed by MIA to NLP models. We show that NLP models are at great risk to MIA, in some cases even more so than models trained on Computer Vision (CV) datasets. This includes an 8.04% increase in attack success rate on average for NLP models (as compared to CV models and datasets). We determine that there are some unique issues in NLP classification tasks in terms of model overfitting, model complexity, and data diversity that make the privacy leakage severe and very different from CV classification tasks. Based on these findings, we propose a novel defense algorithm - Gap score Regularization Integrated Pruning (GRIP), which can protect NLP models against MIA and achieve competitive testing accuracy. Our experimental results show that GRIP can decrease the MIA success rate by as much as 31.25% when compared to the undefended model. In addition, when compared to differential privacy, GRIP offers 7.81% more robustness to MIA and 13.24% higher testing accuracy. Overall our experimental results span four NLP and two CV datasets, and are tested with a total of five different model architectures.
Original language | English (US) |
---|---|
Title of host publication | Proceedings - 2022 IEEE International Conference on Big Data, Big Data 2022 |
Editors | Shusaku Tsumoto, Yukio Ohsawa, Lei Chen, Dirk Van den Poel, Xiaohua Hu, Yoichi Motomura, Takuya Takagi, Lingfei Wu, Ying Xie, Akihiro Abe, Vijay Raghavan |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 5823-5832 |
Number of pages | 10 |
ISBN (Electronic) | 9781665480451 |
DOIs | |
State | Published - 2022 |
Externally published | Yes |
Event | 2022 IEEE International Conference on Big Data, Big Data 2022 - Osaka, Japan Duration: Dec 17 2022 → Dec 20 2022 |
Publication series
Name | Proceedings - 2022 IEEE International Conference on Big Data, Big Data 2022 |
---|
Conference
Conference | 2022 IEEE International Conference on Big Data, Big Data 2022 |
---|---|
Country/Territory | Japan |
City | Osaka |
Period | 12/17/22 → 12/20/22 |
Bibliographical note
Publisher Copyright:© 2022 IEEE.