{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T15:47:31Z","timestamp":1780328851520,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":15,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,26]],"date-time":"2023-11-26T00:00:00Z","timestamp":1700956800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Department of Electrical and Electronic Engineering (EEE) and School of Computing and Information Systems (CIS) at the University of Melbourne"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,30]]},"DOI":"10.1145\/3605764.3623905","type":"proceedings-article","created":{"date-parts":[[2023,11,21]],"date-time":"2023-11-21T12:12:17Z","timestamp":1700568737000},"page":"35-41","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Information Leakage from Data Updates in Machine Learning Models"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-6549-9314","authenticated-orcid":false,"given":"Tian","family":"Hui","sequence":"first","affiliation":[{"name":"The University of Melbourne, Parkville, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5102-7073","authenticated-orcid":false,"given":"Farhad","family":"Farokhi","sequence":"additional","affiliation":[{"name":"The University of Melbourne, Parkville, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9735-0538","authenticated-orcid":false,"given":"Olga","family":"Ohrimenko","sequence":"additional","affiliation":[{"name":"The University of Melbourne, Parkville, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2023,11,26]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.35"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833649"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484756"},{"key":"e_1_3_2_2_4_1","unstructured":"Victor Chen Danielle Crumley Mohamed Elsalmi and Hoon Kang. 2020. LendingClub. https:\/\/github.com\/elsalmi\/LendingClub."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/11681878_14"},{"key":"e_1_3_2_2_6_1","unstructured":"European Commission. 2016. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation) (Text with EEA relevance). https:\/\/eur-lex.europa.eu\/eli\/reg\/2016\/679\/oj"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813677"},{"key":"e_1_3_2_2_8_1","unstructured":"Stephanie L Hyland and Shruti Tople. 2019. An empirical study on the intrinsic privacy of SGD."},{"key":"e_1_3_2_2_9_1","volume-title":"Proceedings on Privacy Enhancing Technologies. De Gruyter Open","author":"Jagielski Matthew","year":"2023","unstructured":"Matthew Jagielski, Stanley Wu, Alina Oprea, Jonathan Ullman, and Roxana Geambasu. 2023. How to combine membership-inference attacks on multiple updated models. In Proceedings on Privacy Enhancing Technologies. De Gruyter Open, Lausanne, Switzerland, 211--232."},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560663"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2021-0031"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2022-0023"},{"key":"e_1_3_2_2_13_1","volume-title":"Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Salem Ahmed","year":"2020","unstructured":"Ahmed Salem, Apratim Bhattacharya, Michael Backes, Mario Fritz, and Yang Zhang. 2020. Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning. In 29th USENIX Security Symposium (USENIX Security 20). USENIX Association, USA, 1291--1308. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/salem"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417880"}],"event":{"name":"CCS '23: ACM SIGSAC Conference on Computer and Communications Security","location":"Copenhagen Denmark","acronym":"CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605764.3623905","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3605764.3623905","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T01:36:13Z","timestamp":1755912973000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3605764.3623905"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,26]]},"references-count":15,"alternative-id":["10.1145\/3605764.3623905","10.1145\/3605764"],"URL":"https:\/\/doi.org\/10.1145\/3605764.3623905","relation":{},"subject":[],"published":{"date-parts":[[2023,11,26]]},"assertion":[{"value":"2023-11-26","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}