{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,1]],"date-time":"2025-03-01T06:12:18Z","timestamp":1740809538591,"version":"3.38.0"},"reference-count":17,"publisher":"Institute of Electronics, Information and Communications Engineers (IEICE)","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEICE Trans. Fundamentals"],"published-print":{"date-parts":[[2025,3,1]]},"DOI":"10.1587\/transfun.2024cip0004","type":"journal-article","created":{"date-parts":[[2024,9,3]],"date-time":"2024-09-03T22:10:35Z","timestamp":1725401435000},"page":"267-279","source":"Crossref","is-referenced-by-count":0,"title":["Mitigation of Membership Inference Attack by Knowledge Distillation on Federated Learning"],"prefix":"10.1587","volume":"E108.A","author":[{"given":"Rei","family":"UEDA","sequence":"first","affiliation":[{"name":"Graduate School of Science and Engineering, Ritsumeikan University"}]},{"given":"Tsunato","family":"NAKAI","sequence":"additional","affiliation":[{"name":"Mitsubishi Electric Corporation"}]},{"given":"Kota","family":"YOSHIDA","sequence":"additional","affiliation":[{"name":"Department of Science and Engineering, Ritsumeikan University"}]},{"given":"Takeshi","family":"FUJINO","sequence":"additional","affiliation":[{"name":"Department of Science and Engineering, Ritsumeikan University"}]}],"member":"532","reference":[{"key":"1","doi-asserted-by":"publisher","unstructured":"[1] T. Li, A.K. Sahu, A. Talwalkar, and V. Smith, \u201cFederated learning: Challenges, methods, and future directions,\u201d IEEE Signal Process. Mag., vol.37, no.3, pp.50-60, 2020. 10.1109\/msp.2020.2975749","DOI":"10.1109\/MSP.2020.2975749"},{"key":"2","doi-asserted-by":"crossref","unstructured":"[2] M. Nasr, R. Shokri, and A. Houmansadr, \u201cComprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning,\u201d 2019 IEEE Symposium on Security and Privacy (SP), pp.739-753, IEEE, 2019. 10.1109\/sp.2019.00065","DOI":"10.1109\/SP.2019.00065"},{"key":"3","doi-asserted-by":"crossref","unstructured":"[3] R. Shokri, M. Stronati, C. Song, and V. Shmatikov, \u201cMembership inference attacks against machine learning models,\u201d 2017 IEEE Symposium on Security and Privacy (SP), pp.3-18, IEEE, 2017. 10.1109\/sp.2017.41","DOI":"10.1109\/SP.2017.41"},{"key":"4","unstructured":"[4] X. Tang, S. Mahloujifar, L. Song, V. Shejwalkar, M. Nasr, A. Houmansadr, and P. Mittal, \u201cMitigating membership inference attacks by self-distillation through a novel ensemble architecture,\u201d 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, Aug. 2022, K.R.B. Butler and K. Thomas, eds., pp.1433-1450, USENIX Association, 2022."},{"key":"5","unstructured":"[5] G.E. Hinton, O. Vinyals, and J. Dean, \u201cDistilling the knowledge in a neural network,\u201d CoRR, vol.abs\/1503.02531, 2015. 10.48550\/arXiv.1503.02531"},{"key":"6","doi-asserted-by":"publisher","unstructured":"[6] V. Shejwalkar and A. Houmansadr, \u201cMembership privacy for machine learning models through knowledge transfer,\u201d Proc. AAAI Conference on Artificial Intelligence, pp.9549-9557, 2021. 10.1609\/aaai.v35i11.17150","DOI":"10.1609\/aaai.v35i11.17150"},{"key":"7","doi-asserted-by":"publisher","unstructured":"[7] R. Chourasia, B. Enkhtaivan, K. Ito, J. Mori, I. Teranishi, and H. Tsuchida, \u201cKnowledge cross-distillation for membership privacy,\u201d Proc. Privacy Enhancing Technologies, vol.2022, no.2, pp.362-377, 2022. 10.2478\/popets-2022-0050","DOI":"10.2478\/popets-2022-0050"},{"key":"8","doi-asserted-by":"crossref","unstructured":"[8] M. Abadi, A. Chu, I. Goodfellow, H.B. McMahan, I. Mironov, K. Talwar, and L. Zhang, \u201cDeep learning with differential privacy,\u201d Proc. 2016 ACM SIGSAC Conference on Computer and Communications Security, pp.308-318, 2016. 10.1145\/2976749.2978318","DOI":"10.1145\/2976749.2978318"},{"key":"9","doi-asserted-by":"crossref","unstructured":"[9] M. Nasr, R. Shokri, and A. Houmansadr, \u201cMachine learning with membership privacy using adversarial regularization,\u201d Proc. 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, Oct. 2018, D. Lie, M. Mannan, M. Backes, and X. Wang, eds., pp.634-646, ACM, 2018. 10.1145\/3243734.3243855","DOI":"10.1145\/3243734.3243855"},{"key":"10","doi-asserted-by":"crossref","unstructured":"[10] J. Jia, A. Salem, M. Backes, Y. Zhang, and N.Z. Gong, \u201cMemGuard: Defending against black-box membership inference attacks via adversarial examples,\u201d Proc. 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, Nov. 2019, L. Cavallaro, J. Kinder, X. Wang, and J. Katz, eds., pp.259-274, ACM, 2019. 10.1145\/3319535.3363201","DOI":"10.1145\/3319535.3363201"},{"key":"11","unstructured":"[11] B. McMahan, E. Moore, D. Ramage, S. Hampson, and B.A. y Arcas, \u201cCommunication-efficient learning of deep networks from decentralized data,\u201d Artificial Intelligence and Statistics, pp.1273-1282, PMLR, 2017."},{"key":"12","doi-asserted-by":"publisher","unstructured":"[12] Y. Liu, J. Peng, J. Kang, A.M. Iliyasu, D. Niyato, and A.A.A. El-Latif, \u201cA secure federated learning framework for 5G networks,\u201d IEEE Wireless Commun., vol.27, no.4, pp.24-31, 2020. 10.1109\/mwc.01.1900525","DOI":"10.1109\/MWC.01.1900525"},{"key":"13","unstructured":"[13] M. Naseri, J. Hayes, and E. De Cristofaro, \u201cLocal and central differential privacy for robustness and privacy in federated learning,\u201d arXiv preprint arXiv:2009.03561, 2020. 10.48550\/arXiv.2009.03561"},{"key":"14","doi-asserted-by":"publisher","unstructured":"[14] S. Yeom, I. Giacomelli, A. Menaged, M. Fredrikson, and S. Jha, \u201cOverfitting, robustness, and malicious algorithms: A study of potential causes of privacy risk in machine learning,\u201d J. Comput. Secur., vol.28, no.1, pp.35-70, 2020. 10.3233\/jcs-191362","DOI":"10.3233\/JCS-191362"},{"key":"15","unstructured":"[15] C.A. Choquette-Choo, F. Tram\u00e8r, N. Carlini, and N. Papernot, \u201cLabel-only membership inference attacks,\u201d Proc. 38th International Conference on Machine Learning, ICML 2021, July 2021, Virtual Event, M. Meila and T. Zhang, eds., Proc. Learning Research, vol.139, pp.1964-1974, PMLR, 2021."},{"key":"16","doi-asserted-by":"crossref","unstructured":"[16] Z. Li and Y. Zhang, \u201cMembership leakage in label-only exposures,\u201d CCS\u201921: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, Nov. 2021,  Y. Kim, J. Kim, G. Vigna, and E. Shi, eds., pp.880-895, ACM, 2021. 10.1145\/3460120.3484575","DOI":"10.1145\/3460120.3484575"},{"key":"17","unstructured":"[17] A. Krizhevsky, G. Hinton, et al., \u201cLearning multiple layers of features from tiny images,\u201d 2009."}],"container-title":["IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E108.A\/3\/E108.A_2024CIP0004\/_pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,1]],"date-time":"2025-03-01T03:29:45Z","timestamp":1740799785000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.jstage.jst.go.jp\/article\/transfun\/E108.A\/3\/E108.A_2024CIP0004\/_article"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,1]]},"references-count":17,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2025]]}},"URL":"https:\/\/doi.org\/10.1587\/transfun.2024cip0004","relation":{},"ISSN":["0916-8508","1745-1337"],"issn-type":[{"type":"print","value":"0916-8508"},{"type":"electronic","value":"1745-1337"}],"subject":[],"published":{"date-parts":[[2025,3,1]]},"article-number":"2024CIP0004"}}