This paper analyzes the reliability of efficient membership inference attack (MIA) evaluation methods, demonstrating that standard aggregation techniques introduce biases that compromise accurate vuln…

The paper introduces Bayesian Membership Privacy (BMP), a sampling-aware framework that accurately quantifies node-level membership privacy in Graph Neural Networks by treating graph sampling probabil…

The paper proposes a new evaluation framework showing that, under realistic conditions, Membership Inference Attacks (MIAs) are weak privacy threats, suggesting that relying on them as a primary priva…

This paper provides the first comprehensive review of threats and defenses specifically targeting on-device AI inference, revealing a significant imbalance where certain attack types, like adversarial…

The paper proposes a novel two-stage framework to differentially privatize tables of counts by focusing on preserving the accuracy of the underlying count distribution, introducing the specialized cyc…

The paper introduces a lightweight, sampling-based cryptographic protocol for verifiable AI inference that drastically reduces proving overhead from minutes to milliseconds by leveraging statistical p…

The paper proposes FERMI, a method that significantly improves membership inference attacks against tabular diffusion models by leveraging auxiliary relational information available during training, e…

The paper introduces AutoMIA, a novel framework that uses LLM agents to automate the discovery and implementation of Membership Inference Attacks (MIAs), achieving state-of-the-art performance by syst…

This paper conducts a structured ablation study using a unified threat model to evaluate how various system factors (like model architecture and retrieval configuration) influence different types of p…

The paper proposes Fair Fine-tuning (FFt), a method that fine-tunes a model using an Equalized Odds constraint on a complementary distribution, and theoretically proves that this approach significantl…

The paper proposes Fair Fine-tuning (FFt), a method that fine-tunes a model using an Equalized Odds constraint on a complementary distribution, and provides a formal theoretical bound linking this fai…

The paper introduces Metric-Normalized Posterior Leakage (mPL), an attacker-aligned measure that provides a practical, certifiable privacy guarantee for machine learning systems consumed under joint o…

The paper introduces ARCANE, a Bayesian network framework for cross-campaign cyber attribution, finding that while aggregating telemetry improves identification, structural feature limitations prevent…

This paper introduces CoLA, a framework demonstrating that subset training, while efficient, introduces new and potentially greater privacy risks by leaking information about both data membership and…

This paper empirically evaluates the effectiveness of Differential Privacy (DP) against Membership Inference Attacks (MIAs) in Federated Learning, demonstrating that a stacking attack strategy can det…

The paper proposes a unified closed-loop threat taxonomy to systematically analyze and defend foundation models by explicitly framing the bidirectional security interactions between data and models.

This paper presents the first systematic study of membership inference attacks (MIAs) against Vision-Language-Action (VLA) models, demonstrating that these models are highly vulnerable to privacy brea…

The paper demonstrates that autonomous web agents are highly susceptible to social-engineering attacks, leaking critical PII even when they internally flag a site as suspicious, necessitating output-l…

The paper demonstrates that autonomous web agents are highly susceptible to social-engineering attacks, leaking critical PII even when they internally flag a site as suspicious, necessitating output-l…

This paper demonstrates that retrieval-augmented in-context learning systems for document QA are vulnerable to membership inference attacks, proposing novel black-box methods that exploit query prefix…