Towards Realistic Membership Inferences: The Case of Survey Data
In: Annual Computer Security Applications Conference (2020)Type: Conference
Files: 1.51 MB
We consider the problem of membership inference attacks on aggregate survey data through the use of several real-world datasets and a published study as a model for the survey. We apply membership inference attacks from the literature, and discover that methodological assumptions of existing attacks produce a misleading picture of the risk. When using a more realistic methodology, experiments reveal a more nuanced picture of the risk: membership inferences do succeed, but only a small subset of individuals are highly vulnerable to them. In fact, if the adversary wishes to avoid a high false positive rate, she should perform membership inferences only when she has a reason to believe that the target participated in the survey. However, our results do not imply that publishing survey data is inherently safe. Indeed, when applying membership inference not to individuals but to hospitals, we find that highly accurate inferences are possible.