Paper Info
Title
PAR-GAN: Improving the Generalization of Generative Adversarial Networks Against Membership Inference Attacks
Abstract
ABSTRACTRecent works have shown that Generative Adversarial Networks (GANs) may generalize poorly and thus are vulnerable to privacy attacks. In this paper, we seek to improve the generalization of GANs from a perspective of privacy protection, specifically in terms of defending against the membership inference attack (MIA) which aims to infer whether a particular sample was used for model training. We design a GAN framework, partition GAN (PAR-GAN), which consists of one generator and multiple discriminators trained over disjoint partitions of the training data. The key idea of PAR-GAN is to reduce the generalization gap by approximating a mixture distribution of all partitions of the training data. Our theoretical analysis shows that PAR-GAN can achieve global optimality just like the original GAN. Our experimental results on simulated data and multiple popular datasets demonstrate that PAR-GAN can improve the generalization of GANs while mitigating information leakage induced by MIA.
Year
DOI
Venue
2021
10.1145/3447548.3467445
Knowledge Discovery and Data Mining
Keywords
DocType
Citations 
Generative Adversarial Networks, Membership Inference Attack, Generalization Gap
Conference
0
PageRank 
References 
Authors
0.34
0
4
Name
Order
Citations
PageRank
Junjie Chen16817.18
Wendy Hui Wang213313.82
Hongchang Gao3548.32
Xinghua Shi420919.00