SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning. (arXiv:2212.10986v2 [cs.LG] UPDATED)

Deploying machine learning models in production may allow adversaries to
infer sensitive information about training data. There is a vast literature
analyzing different types of inference risks, ranging from membership inference
to reconstruction attacks. Inspired by the success of games (i.e.,
probabilistic experiments) to study security properties in cryptography, some
authors describe privacy inference risks in machine learning using a similar
game-based style. However, adversary capabilities and goals are often stated in
subtly different ways from one presentation to the …

arxiv attacks authors cryptography data game games inference information literature machine machine learning machine learning models presentation privacy production risks security study success training training data treatment types