Timezone: »

 
Poster
Label Inference Attacks from Log-loss Scores
Abhinav Aggarwal · Shiva Kasiviswanathan · Zekun Xu · Oluwaseyi Feyisetan · Nathanael Teissier

Thu Jul 22 09:00 PM -- 11:00 PM (PDT) @ Virtual
in Poster Session 6 »

Log-loss (also known as cross-entropy loss) metric is ubiquitously used across machine learning applications to assess the performance of classification algorithms. In this paper, we investigate the problem of inferring the labels of a dataset from single (or multiple) log-loss score(s), without any other access to the dataset. Surprisingly, we show that for any finite number of label classes, it is possible to accurately infer the labels of the dataset from the reported log-loss score of a single carefully constructed prediction vector if we allow arbitrary precision arithmetic. Additionally, we present label inference algorithms (attacks) that succeed even under addition of noise to the log-loss scores and under limited precision arithmetic. All our algorithms rely on ideas from number theory and combinatorics and require no model training. We run experimental simulations on some real datasets to demonstrate the ease of running these attacks in practice.

Keywords: Privacy, Anonymity, and Security · Social Aspects of Machine Learning

Author Information

Abhinav Aggarwal (Amazon Alexa)
Shiva Kasiviswanathan (Amazon)
Zekun Xu (Amazon)
Oluwaseyi Feyisetan (Amazon)
Nathanael Teissier (Amazon Alexa)

Related Events (a corresponding poster, oral, or spotlight)

More from the Same Authors