Conditional Matching GAN Guided Reconstruction Attack in Machine Unlearning

Zhang, Kaiyue1,2; Wang, Weiqi1; Fan, Zipei3; Song, Xuan2; Yu, Shui1

10.1109/GLOBECOM54140.2023.10437231

2023

IEEE Conference on Global Communications (IEEE GLOBECOM) - Intelligent Communications for Shared Prosperity

2334-0983

2576-6813

IEEE CONFERENCE ON GLOBAL COMMUNICATIONS, GLOBECOM

DEC 04-08, 2023

null,Kuala Lumpur,MALAYSIA

345 E 47TH ST, NEW YORK, NY 10017 USA

IEEE

Machine unlearning allows data owners to erase certain data and its impact from learning models for the right to be forgotten. However, privacy risks during the unlearning process have been identified. Earlier studies have used differences in model outputs before and after unlearning to conduct membership inference attacks. Nevertheless, the current attacks on machine unlearning are limited to inference and cannot reconstruct data without access to the victim's dataset. In this paper, we propose a reconstruction attack towards machine unlearning (RAU), which can reconstruct the unlearned data by exploiting the privacy leakage from the two models. To improve reconstruction quality, we propose a Conditional Matching Generative Adversarial Network (CMGAN), a novel variant of generative adversarial networks which introduces a reconstructive loss. Our work demonstrates the possible privacy leakage of current machine unlearning scenarios. Experimental results on MNIST and Fashion-MNIST show that the proposed attack achieves high label recovery accuracy and good data recovery performance.

machine unlearning reconstruction attacks machine learning security and privacy

通讯

英语

CPCI-S

National Key Research and Development Program of China[2021YFB1714400] ; Guangdong Provincial Key Laboratory["2020B121201001","22H03573"]

Engineering ; Telecommunications

Engineering, Electrical & Electronic ; Telecommunications

WOS:001178562000008

Web of Science

1.Univ Technol Sydney, Sydney, Australia
2.Southern Univ Sci & Technol, Shenzhen, Peoples R China
3.Univ Tokyo, Kashiwa, Japan

Zhang, Kaiyue,Wang, Weiqi,Fan, Zipei,et al. Conditional Matching GAN Guided Reconstruction Attack in Machine Unlearning[C]. 345 E 47TH ST, NEW YORK, NY 10017 USA:IEEE,2023.