Reconstruction attack through classifier analysis

Sébastien Gambs 1, 2 Ahmed Gmati 1 Michel Hurfin 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
IRISA-D1 - SYSTÈMES LARGE ÉCHELLE, Inria Rennes – Bretagne Atlantique , CentraleSupélec
2 CIDER
IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : In this paper, we introduce a novel inference attack that we coin as the reconstruction attack whose objective is to reconstruct a probabilistic version of the original dataset on which a classifier was learnt from the description of this classifier and possibly some auxiliary information. In a nutshell, the reconstruction attack exploits the structure of the classifier in order to derive a probabilistic version of dataset on which this model has been trained. Moreover, we propose a general framework that can be used to assess the success of a reconstruction attack in terms of a novel distance between the reconstructed and original datasets. In case of multiple releases of classifiers, we also give a strategy that can be used to merge the different reconstructed datasets into a single coherent one that is closer to the original dataset than any of the simple reconstructed datasets. Finally, we give an instantiation of this reconstruction attack on a decision tree classifier that was learnt using the algorithm C4.5 and evaluate experimentally its efficiency. The results of this experimentation demonstrate that the proposed attack is able to reconstruct a significant part of the original dataset, thus highlighting the need to develop new learning algorithms whose output is specifically tailored to mitigate the success of this type of attack.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.274-281, 2012, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-31540-4_21〉
Liste complète des métadonnées

Littérature citée [14 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00736945
Contributeur : Sébastien Gambs <>
Soumis le : jeudi 8 juin 2017 - 11:24:19
Dernière modification le : mercredi 16 mai 2018 - 11:23:35
Document(s) archivé(s) le : samedi 9 septembre 2017 - 12:53:18

Fichier

978-3-642-31540-4_21_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Sébastien Gambs, Ahmed Gmati, Michel Hurfin. Reconstruction attack through classifier analysis. Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.274-281, 2012, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-31540-4_21〉. 〈hal-00736945〉

Partager

Métriques

Consultations de la notice

1565

Téléchargements de fichiers

37