Privacy Leakage in Tabular Diffusion Models: Factors, Attacks, and Metrics
A recent study evaluates the privacy vulnerabilities associated with tabular diffusion models (TDMs), which are utilized for creating synthetic data in sensitive areas. By employing advanced membership inference attacks in both black- and white-box contexts, the researchers assessed the influence of training configurations, synthesis decisions, and the attacker’s information on privacy breaches. Findings indicate that attackers can achieve success without having complete knowledge of the training setup, matching data distributions, or extensive computational power. This research underscores the shortcomings of using current privacy metrics for TDMs.
Key facts
- Tabular diffusion models (TDMs) are used to generate synthetic data with privacy considerations.
- Membership inference attacks were applied in black- and white-box settings.
- Training setup, synthesis choices, and attacker knowledge impact privacy leakage.
- Attackers can succeed without perfect knowledge of training setup.
- Attackers do not need identical data distributions or massive compute resources.
- The study identifies pitfalls in applying privacy metrics to TDMs.
- The research is from arXiv:2605.06835.
- The paper is a cross-type announcement.
Entities
Institutions
- arXiv