Please use this identifier to cite or link to this item: http://hdl.handle.net/10397/119086
PIRA download icon_1.1View/Download Full Text
DC FieldValueLanguage
dc.contributorDepartment of Electrical and Electronic Engineeringen_US
dc.creatorBai, Len_US
dc.creatorHu, Hen_US
dc.creatorYe, Qen_US
dc.creatorXu, Jen_US
dc.creatorLi, Jen_US
dc.creatorFang, Cen_US
dc.creatorShi, Jen_US
dc.date.accessioned2026-06-02T02:53:22Z-
dc.date.available2026-06-02T02:53:22Z-
dc.identifier.issn1545-5971en_US
dc.identifier.urihttp://hdl.handle.net/10397/119086-
dc.language.isoenen_US
dc.publisherInstitute of Electrical and Electronics Engineersen_US
dc.rights© 2025 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.en_US
dc.rightsThe following publication L. Bai et al., 'RMR: A Relative Membership Risk Measure for Machine Learning Models,' in IEEE Transactions on Dependable and Secure Computing, vol. 22, no. 5, pp. 4699-4710, Sept.-Oct. 2025 is available at https://doi.org/10.1109/TDSC.2025.3551921.en_US
dc.subjectMachine learningen_US
dc.subjectMembership inference attacken_US
dc.subjectPrivacy leakageen_US
dc.titleRMR : a relative membership risk measure for machine learning modelsen_US
dc.typeJournal/Magazine Articleen_US
dc.identifier.spage4699en_US
dc.identifier.epage4710en_US
dc.identifier.volume22en_US
dc.identifier.issue5en_US
dc.identifier.doi10.1109/TDSC.2025.3551921en_US
dcterms.abstractPrivacy leakage poses a significant threat when machine learning foundation models trained on private data are released. One such threat is membership inference attacks (MIA), which determine whether a specific example was included in a model's training set. This article shifts focus from developing new MIA algorithms to measuring a model's risk under MIA. We introduce a novel metric, Relative Membership Risk (RMR), which assesses a model's MIA vulnerability from a comparative standpoint. RMR calculates the difference in prediction loss for training examples relative to a predefined reference model, enabling risk comparison across models without needing to delve into details like training strategy, architecture, or data distribution. We also explore the selection of the reference model and show that using a high-risk reference model enhances the accuracy of the RMR measure. To identify the most vulnerable reference model, we propose an efficient iterative algorithm that selects the optimal model from a set of candidates. Through extensive empirical evaluations on various datasets and network architectures, we demonstrate that RMR is an accurate and efficient tool for measuring the membership privacy risk of both individual training examples and the overall machine learning model.en_US
dcterms.accessRightsopen accessen_US
dcterms.bibliographicCitationIEEE transactions on dependable and secure computing, Sept-Oct. 2025, v. 22, no. 5, p. 4699-4710en_US
dcterms.isPartOfIEEE transactions on dependable and secure computingen_US
dcterms.issued2025-09-
dc.identifier.scopus2-s2.0-105000291176-
dc.identifier.eissn1941-0018en_US
dc.description.validate202606 bcjzen_US
dc.description.oaAccepted Manuscripten_US
dc.identifier.SubFormIDG001728/2026-04-
dc.description.fundingSourceRGCen_US
dc.description.fundingSourceOthersen_US
dc.description.fundingTextThis work was supported in part by the National Natural Science Foundation of China under Grant 92270123 and Grant 62372122, in part by Joint Funding Special Project for Guangdong-Hong Kong Science and Technology Innovation under Grant 2024A0505040027, and in part by the Research Grants Council, Hong Kong SAR, China, under Grant 15209922, Grant 15210023, and Grant C2004-21GF.en_US
dc.description.pubStatusPublisheden_US
dc.description.oaCategoryGreen (AAM)en_US
Appears in Collections:Journal/Magazine Article
Files in This Item:
File Description SizeFormat 
Bai_RMR_Relative_Membership.pdfPre-Published version3.34 MBAdobe PDFView/Open
Open Access Information
Status open access
File Version Final Accepted Manuscript
Access
View full-text via PolyU eLinks SFX Query
Show simple item record

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.