在深度学习中,成员推理攻击是指对于任意给定的样本,推断其是否属于目标模型的训练数据集｡由于训练数据集中包含隐私信息,对成员推理攻击进行防御属于重要的隐私保护问题｡文章首先介绍了成员推理攻击的定义和造成攻击的原因;接着详细地介绍了现有的防御算法;最后提出防御方案,并描述防御方案的防御途径｡与当下最先进的成员推理攻击防御措施相比,该方案在保护成员隐私和保护模型效用之间提供了最优越的权衡｡文章对所使用的方案做了详细的解释,帮助研究者更好地理解成员推理攻击及其防御,为进一步降低训练数据集的隐私风险､更好地取得模型效用和隐私安全之间的平衡性,提供了一定的参考｡

Membership inference attacks in deep learning refer to inferring whether a given sample belongs to the training dataset of a target model. Due to the presence of privacy-sensitive information in the training dataset, defending against membership inference attacks is crucial for privacy protection. This paper begins by defining membership inference attacks and elucidating the underlying reasons causing such attacks. Subsequently, existing defense algorithms are comprehensively reviewed. Finally, a novel defense mechanism is proposed, delineating the defensive approach adopted in this paper. Compared to state-of-the-art defenses against membership inference attacks, this method offers superior trade-offs between preserving member privacy and maintaining model utility. Detailed explanations of the employed techniques are provided to facilitate a better understanding of membership inference attacks and their defenses, thereby furnishing valuable insights for mitigating privacy risks in training datasets and striking a balance between model utility and privacy security.