5/ But the broader message? It's time to give 'parameter access' another serious look in privacy research ๐ฌ
Find more details in the paper (accepted to TMLR), w/ Xiao & Dave
๐ openreview.net/pdf?id=fmKJf...
๐ป github.com/iamgroot42/a...
18.12.2024 03:39 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
4/ The big open question remains: how close are optimal black-box attacks to this theoretical optimum? The gap might be negligible, suggesting black-box methods sufficeโor significant, showing parameter access offers better empirical upper bounds ๐ค
18.12.2024 03:39 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
3/ Our work challenges this assumption head-on. By carefully analyzing SGD dynamics, we prove that optimal membership inference requires white-box access to model parameters. Our Inverse Hessian Attack (IHA) serves as a proof of concept that parameter access helps!
18.12.2024 03:39 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
2/ Prior work (e.g., proceedings.mlr.press/v97/sablayro...) suggests black-box access is optimal for membership inferenceโassuming SGLD as the learning algorithm. But these assumptions break down for models trained with SGD
18.12.2024 03:39 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
1/ Most membership inference attacks (MIAs) have seemingly converged to black-box settings, driven by empirical evidence and theoretical folklore suggesting black-box access was optimal. But what if this assumption missed something critical? ๐จ
tl;dr? It did ๐งต
18.12.2024 03:39 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0
Temporally shifted data splits in membership inference can be misleading โ ๏ธ Be cautious when interpreting these benchmarks!
26.11.2024 18:17 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0
Independent AI researcher, creator of datasette.io and llm.datasette.io, building open source tools for data journalism, writing about a lot of stuff at https://simonwillison.net/
Visiting Researcher at Meta Superintelligence Labs ๐ฆ and PhD student at Northeastern. Organizer at the Trustworthy ML Initiative (trustworthyml.org). s&p in language models + mountain biking.
jaydeepborkar.github.io
Interpretable Deep Networks. http://baulab.info/ @davidbau
I like tokens! Lead for OLMo data at @ai2.bsky.social (Dolma ๐) w @kylelo.bsky.social. Open source is fun ๐คโ๏ธ๐๐ณ๏ธโ๐ Opinions are sampled from my own stochastic parrot
more at https://soldaini.net
Machine Learning Researcher | PhD Candidate @ucsd_cse | @trustworthy_ml
chhaviyadav.org
We're an Al safety and research company that builds reliable, interpretable, and steerable Al systems. Talk to our Al assistant Claude at Claude.ai.
Assistant Professor at UMass Amherst CICS, Research Scientist at Google Research. https://people.cs.umass.edu/~eugene/
Researcher @ Microsoft | ex. PhD @ CISPA | Neurodivergent ๐ง ๐ฆ | AI safety & security | life and peace for all โฎ๏ธ, permanent ceasefire ๐
Opinions my own.
#CBS19News is your source for Charlottesville News First. Download the free CBS19 News mobile app or visit http://www.cbs19news.com to stay informed.
Anti-cynic. Towards a weirder future. Reinforcement Learning, Autonomous Vehicles, transportation systems, the works. Asst. Prof at NYU
https://emerge-lab.github.io
https://www.admonymous.co/eugenevinitsky
Research & Engineering @IBMResearch
Ex RA at @MSFTResearch
Opinions are my own! Tweets about books & food.
https://research.ibm.com/people/deepak-vijaykeerthy
PreDoctoral Researcher at Google DeepMind | IITKGP | IIITD
Here for pre-prints and academic conversations!
Computer Science PhD Student @UWaterloo working on Trust and Accountability in Machine Learning
Professor at UW; Researcher at Meta. LMs, NLP, ML. PNW life.
Pizza, Phrack, and Trustworthy AI for Systems Security at UCL Computer Science
Anthropic AI Safety Fellow
PhD student at Imperial College London.
ML, interpretability, privacy, and stuff
๐ณ๏ธโ๐
https://igorshilov.com/
PhD student in differential privacy & learning at Inria ๐ซ๐ท
Visiting Scientist at Schmidt Sciences. Visiting Researcher at Stanford NLP Group
Interested in AI safety and interpretability
Previously: Anthropic, AI2, Google, Meta, UNC Chapel Hill
