AdaMixup: A Dynamic Defense Framework for Membership Inference Attack Mitigation
This work addresses privacy concerns for data used in training deep learning models, offering an incremental improvement over existing mixup-based defenses.
The paper tackles the problem of membership inference attacks on deep learning models by proposing AdaMixup, a defense mechanism that uses adaptive mixup techniques to enhance robustness, significantly reducing attack risk while maintaining high model performance across multiple datasets.
Membership inference attacks have emerged as a significant privacy concern in the training of deep learning models, where attackers can infer whether a data point was part of the training set based on the model's outputs. To address this challenge, we propose a novel defense mechanism, AdaMixup. AdaMixup employs adaptive mixup techniques to enhance the model's robustness against membership inference attacks by dynamically adjusting the mixup strategy during training. This method not only improves the model's privacy protection but also maintains high performance. Experimental results across multiple datasets demonstrate that AdaMixup significantly reduces the risk of membership inference attacks while achieving a favorable trade-off between defensive efficiency and model accuracy. This research provides an effective solution for data privacy protection and lays the groundwork for future advancements in mixup training methods.