ENS researchers propose Generalized Leverage Score for efficient privacy risk assessment
New metric predicts membership inference attack vulnerability without costly shadow model training.
Deep Dive
Researchers Valentin Dorseuil, Jamal Atif, and Olivier Cappé from DI-ENS and CMAP published "Generalized Leverage Score for Scalable Assessment of Privacy Vulnerability." They established a theoretical link between membership inference attack (MIA) risk and a data point's influence on a model, formalized as the leverage score for linear models. They then generalized this computationally efficient score for deep learning, with empirical results showing strong correlation with actual MIA success rates.
Why It Matters
Enables organizations to proactively identify vulnerable data points in AI training sets, strengthening privacy compliance and security.