乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,30]],"date-time":"2024-10-30T22:22:29Z","timestamp":1730326949140,"version":"3.28.0"},"publisher-location":"New York, NY, USA","reference-count":61,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607224","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"250-263","update-policy":"http:\/\/dx.doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Witnessing Erosion of Membership Inference Defenses: Understanding Effects of Data Drift in Membership Privacy"],"prefix":"10.1145","author":[{"ORCID":"http:\/\/orcid.org\/0000-0003-0908-1233","authenticated-orcid":false,"given":"Seung Ho","family":"Na","sequence":"first","affiliation":[{"name":"KAIST, Republic of Korea"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-4796-0629","authenticated-orcid":false,"given":"Kwanwoo","family":"Kim","sequence":"additional","affiliation":[{"name":"KAIST, Republic of Korea"}]},{"ORCID":"http:\/\/orcid.org\/0000-0002-1077-5606","authenticated-orcid":false,"given":"Seungwon","family":"Shin","sequence":"additional","affiliation":[{"name":"KAIST, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"volume-title":"Ember: an open dataset for training static pe malware machine learning models. arXiv preprint arXiv:1804.04637","year":"2018","author":"Anderson S","key":"e_1_3_2_1_1_1","unstructured":"Hyrum\u00a0S Anderson and Phil Roth. 2018. Ember: an open dataset for training static pe malware machine learning models. arXiv preprint arXiv:1804.04637 (2018)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1137\/1.9781611972771.42"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417238"},{"volume-title":"29th USENIX Security Symposium (USENIX Security 20)","year":"2020","author":"Chen Yizheng","key":"e_1_3_2_1_4_1","unstructured":"Yizheng Chen, Shiqi Wang, Dongdong She, and Suman Jana. 2020. On training robust { PDF} malware classifiers. In 29th USENIX Security Symposium (USENIX Security 20). 2343\u20132360."},{"volume-title":"International conference on machine learning. PMLR","year":"2021","author":"Choquette-Choo A","key":"e_1_3_2_1_5_1","unstructured":"Christopher\u00a0A Choquette-Choo, Florian Tramer, Nicholas Carlini, and Nicolas Papernot. 2021. Label-only membership inference attacks. In International conference on machine learning. PMLR, 1964\u20131974."},{"key":"e_1_3_2_1_6_1","unstructured":"Luke Diliberto. 2021. When Should You Retrain Machine Learning Models?https:\/\/www.phdata.io\/blog\/when-to-retrain-machine-learning-models\/"},{"key":"e_1_3_2_1_7_1","unstructured":"Domino. 2022. How COVID-19 Has Infected AI Models. https:\/\/www.dominodatalab.com\/blog\/how-covid-19-has-infected-ai-models"},{"key":"e_1_3_2_1_8_1","unstructured":"Emeli Dral. 2021. When to Retrain an Machine Learning Model? Run these 5 checks to decide on the schedule. https:\/\/www.kdnuggets.com\/2021\/07\/retrain-machine-learning-model-5-checks-decide-schedule.html"},{"volume-title":"A survey on concept drift adaptation. ACM computing surveys (CSUR) 46, 4","year":"2014","author":"Gama Jo\u00e3o","key":"e_1_3_2_1_9_1","unstructured":"Jo\u00e3o Gama, Indr\u0117 \u017dliobait\u0117, Albert Bifet, Mykola Pechenizkiy, and Abdelhamid Bouchachia. 2014. A survey on concept drift adaptation. ACM computing surveys (CSUR) 46, 4 (2014), 1\u201337."},{"volume-title":"Generative adversarial nets. Advances in neural information processing systems 27","year":"2014","author":"Goodfellow Ian","key":"e_1_3_2_1_10_1","unstructured":"Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. 2014. Generative adversarial nets. Advances in neural information processing systems 27 (2014)."},{"key":"e_1_3_2_1_11_1","first-page":"723","article-title":"A kernel two-sample test","volume":"13","author":"Gretton Arthur","year":"2012","unstructured":"Arthur Gretton, Karsten\u00a0M Borgwardt, Malte\u00a0J Rasch, Bernhard Sch\u00f6lkopf, and Alexander Smola. 2012. A kernel two-sample test. The Journal of Machine Learning Research 13, 1 (2012), 723\u2013773.","journal-title":"The Journal of Machine Learning Research"},{"volume-title":"Classifier technology and the illusion of progress. Statistical science 21, 1","year":"2006","author":"Hand J","key":"e_1_3_2_1_12_1","unstructured":"David\u00a0J Hand. 2006. Classifier technology and the illusion of progress. Statistical science 21, 1 (2006), 1\u201314."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPRW53098.2021.00368"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR.2016.90"},{"volume-title":"International Conference on Learning Representations.","year":"2020","author":"Heckel Reinhard","key":"e_1_3_2_1_15_1","unstructured":"Reinhard Heckel and Fatih\u00a0Furkan Yilmaz. 2020. Early Stopping in Deep Networks: Double Descent and How to Eliminate it. In International Conference on Learning Representations."},{"volume-title":"Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531 2, 7","year":"2015","author":"Hinton Geoffrey","key":"e_1_3_2_1_16_1","unstructured":"Geoffrey Hinton, Oriol Vinyals, Jeff Dean, 2015. Distilling the knowledge in a neural network. arXiv preprint arXiv:1503.02531 2, 7 (2015)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.neucom.2021.04.112"},{"volume-title":"Membership inference attacks on machine learning: A survey. ACM Computing Surveys (CSUR)","year":"2021","author":"Hu Hongsheng","key":"e_1_3_2_1_18_1","unstructured":"Hongsheng Hu, Zoran Salcic, Lichao Sun, Gillian Dobbie, Philip\u00a0S Yu, and Xuyun Zhang. 2021. Membership inference attacks on machine learning: A survey. ACM Computing Surveys (CSUR) (2021)."},{"volume-title":"Normalization techniques in training dnns: Methodology, analysis and application. arXiv preprint arXiv:2009.12836","year":"2020","author":"Huang Lei","key":"e_1_3_2_1_19_1","unstructured":"Lei Huang, Jie Qin, Yi Zhou, Fan Zhu, Li Liu, and Ling Shao. 2020. Normalization techniques in training dnns: Methodology, analysis and application. arXiv preprint arXiv:2009.12836 (2020)."},{"volume-title":"Practical blind membership inference attack via differential comparisons. arXiv preprint arXiv:2101.01341","year":"2021","author":"Hui Bo","key":"e_1_3_2_1_20_1","unstructured":"Bo Hui, Yuchen Yang, Haolin Yuan, Philippe Burlina, Neil\u00a0Zhenqiang Gong, and Yinzhi Cao. 2021. Practical blind membership inference attack via differential comparisons. arXiv preprint arXiv:2101.01341 (2021)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363201"},{"volume-title":"International conference on machine learning. PMLR, 5345\u20135355","year":"2021","author":"Kaya Yigitcan","key":"e_1_3_2_1_22_1","unstructured":"Yigitcan Kaya and Tudor Dumitras. 2021. When Does Data Augmentation Help With Membership Inference Attacks?. In International conference on machine learning. PMLR, 5345\u20135355."},{"volume-title":"On the effectiveness of regularization against membership inference attacks. arXiv preprint arXiv:2006.05336","year":"2020","author":"Kaya Yigitcan","key":"e_1_3_2_1_23_1","unstructured":"Yigitcan Kaya, Sanghyun Hong, and Tudor Dumitras. 2020. On the effectiveness of regularization against membership inference attacks. arXiv preprint arXiv:2006.05336 (2020)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/312129.312285"},{"key":"e_1_3_2_1_25_1","unstructured":"Alex Krizhevsky Geoffrey Hinton 2009. Learning multiple layers of features from tiny images. (2009)."},{"volume-title":"29th USENIX Security Symposium (USENIX Security 20)","year":"2020","author":"Leino Klas","key":"e_1_3_2_1_26_1","unstructured":"Klas Leino and Matt Fredrikson. 2020. Stolen Memories: Leveraging Model Memorization for Calibrated { White-Box} Membership Inference. In 29th USENIX Security Symposium (USENIX Security 20). 1605\u20131622."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3422337.3447836"},{"volume-title":"Label-leaks: Membership inference attack with label. arXiv preprint arXiv:2007.15528","year":"2020","author":"Li Zheng","key":"e_1_3_2_1_28_1","unstructured":"Zheng Li and Yang Zhang. 2020. Label-leaks: Membership inference attack with label. arXiv preprint arXiv:2007.15528 (2020)."},{"volume-title":"Marvin: Efficient and comprehensive mobile app classification through static and dynamic analysis. In 2015 IEEE 39th annual computer software and applications conference, Vol.\u00a02","year":"2015","author":"Lindorfer Martina","key":"e_1_3_2_1_29_1","unstructured":"Martina Lindorfer, Matthias Neugschwandtner, and Christian Platzer. 2015. Marvin: Efficient and comprehensive mobile app classification through static and dynamic analysis. In 2015 IEEE 39th annual computer software and applications conference, Vol.\u00a02. IEEE, 422\u2013433."},{"key":"e_1_3_2_1_30_1","first-page":"2346","article-title":"Learning under concept drift: A review","volume":"31","author":"Lu Jie","year":"2018","unstructured":"Jie Lu, Anjin Liu, Fan Dong, Feng Gu, Joao Gama, and Guangquan Zhang. 2018. Learning under concept drift: A review. IEEE Transactions on Knowledge and Data Engineering 31, 12 (2018), 2346\u20132363.","journal-title":"IEEE Transactions on Knowledge and Data Engineering"},{"key":"e_1_3_2_1_31_1","first-page":"77","article-title":"Matchmaker: Data Drift Mitigation in Machine Learning for Large-Scale Systems","volume":"4","author":"Mallick Ankur","year":"2022","unstructured":"Ankur Mallick, Kevin Hsieh, Behnaz Arzani, and Gauri Joshi. 2022. Matchmaker: Data Drift Mitigation in Machine Learning for Large-Scale Systems. Proceedings of Machine Learning and Systems 4 (2022), 77\u201394.","journal-title":"Proceedings of Machine Learning and Systems"},{"volume-title":"Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In Network and Distributed Systems Security (NDSS) Symposium.","year":"2018","author":"Mirsky Yisroel","key":"e_1_3_2_1_32_1","unstructured":"Yisroel Mirsky, Tomer Doitshman, Yuval Elovici, and Asaf Shabtai. 2018. Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection. In Network and Distributed Systems Security (NDSS) Symposium."},{"volume-title":"Environment, Human Psychology, Global Socioeconomy, and Education. The Scientific World Journal 2022","year":"2022","author":"Miyah Youssef","key":"e_1_3_2_1_33_1","unstructured":"Youssef Miyah, Mohammed Benjelloun, Sanae Lairini, and Anissa Lahrichi. 2022. COVID-19 Impact on Public Health, Environment, Human Psychology, Global Socioeconomy, and Education. The Scientific World Journal 2022 (2022)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-019-09784-7"},{"volume-title":"A unifying view on dataset shift in classification. Pattern recognition 45, 1","year":"2012","author":"Moreno-Torres G","key":"e_1_3_2_1_35_1","unstructured":"Jose\u00a0G Moreno-Torres, Troy Raeder, Roc\u00edo Alaiz-Rodr\u00edguez, Nitesh\u00a0V Chawla, and Francisco Herrera. 2012. A unifying view on dataset shift in classification. Pattern recognition 45, 1 (2012), 521\u2013530."},{"volume-title":"When does label smoothing help?Advances in neural information processing systems 32","year":"2019","author":"M\u00fcller Rafael","key":"e_1_3_2_1_36_1","unstructured":"Rafael M\u00fcller, Simon Kornblith, and Geoffrey\u00a0E Hinton. 2019. When does label smoothing help?Advances in neural information processing systems 32 (2019)."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3564657"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243855"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00065"},{"volume-title":"Exploring generalization in deep learning. Advances in neural information processing systems 30","year":"2017","author":"Neyshabur Behnam","key":"e_1_3_2_1_40_1","unstructured":"Behnam Neyshabur, Srinadh Bhojanapalli, David McAllester, and Nati Srebro. 2017. Exploring generalization in deep learning. Advances in neural information processing systems 30 (2017)."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1015330.1015435"},{"key":"e_1_3_2_1_42_1","unstructured":"OECD. 2020. COVID-19 and the aviation industry: Impact and policy responses. https:\/\/www.oecd.org\/coronavirus\/policy-responses\/covid-19-and-the-aviation-industry-impact-and-policy-responses-26d521c1\/"},{"volume-title":"Early stopping-but when? In Neural Networks: Tricks of the trade","author":"Prechelt Lutz","key":"e_1_3_2_1_43_1","unstructured":"Lutz Prechelt. 1998. Early stopping-but when? In Neural Networks: Tricks of the trade. Springer, 55\u201369."},{"volume-title":"A survey of privacy attacks in machine learning. arXiv preprint arXiv:2007.07646","year":"2020","author":"Rigaki Maria","key":"e_1_3_2_1_44_1","unstructured":"Maria Rigaki and Sebastian Garcia. 2020. A survey of privacy attacks in machine learning. arXiv preprint arXiv:2007.07646 (2020)."},{"volume-title":"ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models. In Network and Distributed Systems Security Symposium","year":"2019","author":"Salem Ahmed","key":"e_1_3_2_1_45_1","unstructured":"Ahmed Salem, Yang Zhang, Mathias Humbert, Mario Fritz, and Michael Backes. 2019. ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models. In Network and Distributed Systems Security Symposium 2019. Internet Society."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v35i11.17150"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0378-3758(00)00115-4"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"volume-title":"Super-convergence: Very fast training of neural networks using large learning rates. In Artificial intelligence and machine learning for multi-domain operations applications, Vol.\u00a011006","year":"2019","author":"Smith N","key":"e_1_3_2_1_49_1","unstructured":"Leslie\u00a0N Smith and Nicholay Topin. 2019. Super-convergence: Very fast training of neural networks using large learning rates. In Artificial intelligence and machine learning for multi-domain operations applications, Vol.\u00a011006. SPIE, 369\u2013386."},{"volume-title":"30th USENIX Security Symposium (USENIX Security 21)","year":"2021","author":"Song Liwei","key":"e_1_3_2_1_50_1","unstructured":"Liwei Song and Prateek Mittal. 2021. Systematic evaluation of privacy risks of machine learning models. In 30th USENIX Security Symposium (USENIX Security 21). 2615\u20132632."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354211"},{"volume-title":"Dropout: a simple way to prevent neural networks from overfitting. The journal of machine learning research 15, 1","year":"2014","author":"Srivastava Nitish","key":"e_1_3_2_1_52_1","unstructured":"Nitish Srivastava, Geoffrey Hinton, Alex Krizhevsky, Ilya Sutskever, and Ruslan Salakhutdinov. 2014. Dropout: a simple way to prevent neural networks from overfitting. The journal of machine learning research 15, 1 (2014), 1929\u20131958."},{"volume-title":"Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. arXiv preprint arXiv:2110.08324","year":"2021","author":"Tang Xinyu","key":"e_1_3_2_1_53_1","unstructured":"Xinyu Tang, Saeed Mahloujifar, Liwei Song, Virat Shejwalkar, Milad Nasr, Amir Houmansadr, and Prateek Mittal. 2021. Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture. arXiv preprint arXiv:2110.08324 (2021)."},{"volume-title":"Pattern recognition","author":"Theodoridis Sergios","key":"e_1_3_2_1_54_1","unstructured":"Sergios Theodoridis and Konstantinos Koutroumbas. 2006. Pattern recognition. Elsevier."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.5555\/211359"},{"volume-title":"Against membership inference attack: Pruning is all you need. arXiv preprint arXiv:2008.13578","year":"2020","author":"Wang Yijue","key":"e_1_3_2_1_56_1","unstructured":"Yijue Wang, Chenghong Wang, Zigeng Wang, Shanglin Zhou, Hang Liu, Jinbo Bi, Caiwen Ding, and Sanguthevar Rajasekaran. 2020. Against membership inference attack: Pruning is all you need. arXiv preprint arXiv:2008.13578 (2020)."},{"volume-title":"Learning in the presence of concept drift and hidden contexts. Machine learning 23, 1","year":"1996","author":"Widmer Gerhard","key":"e_1_3_2_1_57_1","unstructured":"Gerhard Widmer and Miroslav Kubat. 1996. Learning in the presence of concept drift and hidden contexts. Machine learning 23, 1 (1996), 69\u2013101."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273496.1273632"},{"volume-title":"Defending model inversion and membership inference attacks via prediction purification. arXiv preprint arXiv:2005.03915","year":"2020","author":"Yang Ziqi","key":"e_1_3_2_1_59_1","unstructured":"Ziqi Yang, Bin Shao, Bohan Xuan, Ee-Chien Chang, and Fan Zhang. 2020. Defending model inversion and membership inference attacks via prediction purification. arXiv preprint arXiv:2005.03915 (2020)."},{"volume-title":"Privacy risk in machine learning: Analyzing the connection to overfitting. In 2018 IEEE 31st computer security foundations symposium (CSF)","author":"Yeom Samuel","key":"e_1_3_2_1_60_1","unstructured":"Samuel Yeom, Irene Giacomelli, Matt Fredrikson, and Somesh Jha. 2018. Privacy risk in machine learning: Analyzing the connection to overfitting. In 2018 IEEE 31st computer security foundations symposium (CSF). IEEE, 268\u2013282."},{"volume-title":"Privacy-preserving machine learning through data obfuscation. arXiv preprint arXiv:1807.01860","year":"2018","author":"Zhang Tianwei","key":"e_1_3_2_1_61_1","unstructured":"Tianwei Zhang, Zecheng He, and Ruby\u00a0B Lee. 2018. Privacy-preserving machine learning through data obfuscation. arXiv preprint arXiv:1807.01860 (2018)."}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2023","location":"Hong Kong China"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607224","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,16]],"date-time":"2024-10-16T10:38:05Z","timestamp":1729075085000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607224"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":61,"alternative-id":["10.1145\/3607199.3607224","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607224","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}