Research Report RR-22-349, 16 June 2022
      
  This paper studies the performance of membership inference attacks against principal component analysis (PCA). In this attack, we assume that the adversary has access to the principal components, and her main goal is to infer whether a given data sample was used to compute these principal components. We show that our attack is successful and achieves high performance when the number of samples used to compute the principal components is small. As a defense strategy, we investigate the use of various differentially private mechanisms. Accordingly, we present experimental results on the performance of Gaussian and Laplace mechanisms under naive and advanced compositions against MIA as well as the utility of these differentially-private PCA solutions.
Type:
        Report
      Date:
        2022-06-16
      Department:
        Digital Security
      Eurecom Ref:
        6913
      Copyright:
        © EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research Report RR-22-349, 16 June 2022 and is available at : 
      See also:
        
       
 
 
     
                       
                      