Tabular data typically contains private and important information; thus, precautions must be taken before they are shared with others. Although several methods (e.g., differential privacy and k-anonymity) have been proposed to prevent information leakage, in recent years, tabular data synthesis models have become popular because they can well trade-off between data utility and privacy. However, recent research has shown that generative models for image data are susceptible to the membership inference attack, which can determine whether a given record was used to train a victim synthesis model. In this paper, we investigate the membership inference attack in the context of tabular data synthesis. We conduct experiments on 4 state-of-the-art tabular data synthesis models under two attack scenarios (i.e., one black-box and one white-box attack), and find that the membership inference attack can seriously jeopardize these models. We next conduct experiments to evaluate how well two popular differentially-private deep learning training algorithms, DP-SGD and DP-GAN, can protect the models against the attack. Our key finding is that both algorithms can largely alleviate this threat by sacrificing the generation quality.
|Title of host publication||CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management|
|Publisher||Association for Computing Machinery|
|Number of pages||5|
|Publication status||Published - 2022 Oct 17|
|Event||31st ACM International Conference on Information and Knowledge Management, CIKM 2022 - Atlanta, United States|
Duration: 2022 Oct 17 → 2022 Oct 21
|Name||International Conference on Information and Knowledge Management, Proceedings|
|Conference||31st ACM International Conference on Information and Knowledge Management, CIKM 2022|
|Period||22/10/17 → 22/10/21|
Bibliographical noteFunding Information:
Noseong Park is the corresponding author. This work was supported by the Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korean government (MSIT) (10% from No. 2020-0-01361, Artificial Intelligence Graduate School Program at Yonsei University and 90% from No. 2021-0-00231, Development of Approximate DBMS Query Technology to Facilitate Fast Query Processing for Exploratory Data Analysis). The work by Sushil Jajodia was supported by the U.S. Office of Naval Research grants N00014-20-1-2407 and N00014-18-1-2670, and by the U.S. National Science Foundation grant CNS-1822094.
© 2022 ACM.
All Science Journal Classification (ASJC) codes
- Business, Management and Accounting(all)
- Decision Sciences(all)