{"title":"mDARTS:针对成员推断攻击搜索基于 ML 的心电图分类器。","authors":"Eunbin Park, Youngjoo Lee","doi":"10.1109/JBHI.2024.3481505","DOIUrl":null,"url":null,"abstract":"<p><p>This paper addresses the critical need for elctrocardiogram (ECG) classifier architectures that balance high classification performance with robust privacy protection against membership inference attacks (MIA). We introduce a comprehensive approach that innovates in both machine learning efficacy and privacy preservation. Key contributions include the development of a privacy estimator to quantify and mitigate privacy leakage in neural network architectures used for ECG classification. Utilizing this privacy estimator, we propose mDARTS (searching MLbased ECG classifier against MIA), integrating MIA's attack loss into the architecture search process to identify architectures that are both accurate and resilient to MIA threats. Our method achieves significant improvements, with an ECG classification accuracy of 92.1% and a lower privacy score of 54.3%, indicating reduced potential for sensitive information leakage. Heuristic experiments refine architecture search parameters specifically for ECG classification, enhancing classifier performance and privacy scores by up to 3.0% and 1.0%, respectively. The framework's adaptability supports user customization, enabling the extraction of architectures that meet specific criteria such as optimal classification performance with minimal privacy risk. By focusing on the intersection of high-performance ECG classification and the mitigation of privacy risks associated with MIA, our study offers a pioneering solution addressing the limitations of previous approaches.</p>","PeriodicalId":13073,"journal":{"name":"IEEE Journal of Biomedical and Health Informatics","volume":"PP ","pages":""},"PeriodicalIF":6.7000,"publicationDate":"2024-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"mDARTS: Searching ML-Based ECG Classifiers against Membership Inference Attacks.\",\"authors\":\"Eunbin Park, Youngjoo Lee\",\"doi\":\"10.1109/JBHI.2024.3481505\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><p>This paper addresses the critical need for elctrocardiogram (ECG) classifier architectures that balance high classification performance with robust privacy protection against membership inference attacks (MIA). We introduce a comprehensive approach that innovates in both machine learning efficacy and privacy preservation. Key contributions include the development of a privacy estimator to quantify and mitigate privacy leakage in neural network architectures used for ECG classification. Utilizing this privacy estimator, we propose mDARTS (searching MLbased ECG classifier against MIA), integrating MIA's attack loss into the architecture search process to identify architectures that are both accurate and resilient to MIA threats. Our method achieves significant improvements, with an ECG classification accuracy of 92.1% and a lower privacy score of 54.3%, indicating reduced potential for sensitive information leakage. Heuristic experiments refine architecture search parameters specifically for ECG classification, enhancing classifier performance and privacy scores by up to 3.0% and 1.0%, respectively. The framework's adaptability supports user customization, enabling the extraction of architectures that meet specific criteria such as optimal classification performance with minimal privacy risk. By focusing on the intersection of high-performance ECG classification and the mitigation of privacy risks associated with MIA, our study offers a pioneering solution addressing the limitations of previous approaches.</p>\",\"PeriodicalId\":13073,\"journal\":{\"name\":\"IEEE Journal of Biomedical and Health Informatics\",\"volume\":\"PP \",\"pages\":\"\"},\"PeriodicalIF\":6.7000,\"publicationDate\":\"2024-10-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Journal of Biomedical and Health Informatics\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://doi.org/10.1109/JBHI.2024.3481505\",\"RegionNum\":2,\"RegionCategory\":\"医学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Journal of Biomedical and Health Informatics","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.1109/JBHI.2024.3481505","RegionNum":2,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
本文探讨了心电图(ECG)分类器架构的关键需求,这种架构既能兼顾高分类性能,又能保护隐私免受成员推理攻击(MIA)。我们介绍了一种在机器学习效率和隐私保护方面都有所创新的综合方法。主要贡献包括开发了一种隐私估算器,用于量化和减轻用于心电图分类的神经网络架构中的隐私泄露。利用这种隐私估算器,我们提出了 mDARTS(搜索基于 ML 的心电图分类器以对抗 MIA),将 MIA 的攻击损失整合到架构搜索过程中,以识别既准确又能抵御 MIA 威胁的架构。我们的方法取得了重大改进,心电图分类准确率达到 92.1%,隐私得分降低了 54.3%,这表明敏感信息泄漏的可能性降低了。启发式实验改进了专门针对心电图分类的架构搜索参数,使分类器性能和隐私得分分别提高了 3.0% 和 1.0%。该框架的适应性支持用户定制,能够提取符合特定标准的架构,如最佳分类性能和最小隐私风险。通过关注高性能心电图分类与降低与 MIA 相关的隐私风险的交叉点,我们的研究提供了一种开创性的解决方案,解决了以往方法的局限性。
mDARTS: Searching ML-Based ECG Classifiers against Membership Inference Attacks.
This paper addresses the critical need for elctrocardiogram (ECG) classifier architectures that balance high classification performance with robust privacy protection against membership inference attacks (MIA). We introduce a comprehensive approach that innovates in both machine learning efficacy and privacy preservation. Key contributions include the development of a privacy estimator to quantify and mitigate privacy leakage in neural network architectures used for ECG classification. Utilizing this privacy estimator, we propose mDARTS (searching MLbased ECG classifier against MIA), integrating MIA's attack loss into the architecture search process to identify architectures that are both accurate and resilient to MIA threats. Our method achieves significant improvements, with an ECG classification accuracy of 92.1% and a lower privacy score of 54.3%, indicating reduced potential for sensitive information leakage. Heuristic experiments refine architecture search parameters specifically for ECG classification, enhancing classifier performance and privacy scores by up to 3.0% and 1.0%, respectively. The framework's adaptability supports user customization, enabling the extraction of architectures that meet specific criteria such as optimal classification performance with minimal privacy risk. By focusing on the intersection of high-performance ECG classification and the mitigation of privacy risks associated with MIA, our study offers a pioneering solution addressing the limitations of previous approaches.
期刊介绍:
IEEE Journal of Biomedical and Health Informatics publishes original papers presenting recent advances where information and communication technologies intersect with health, healthcare, life sciences, and biomedicine. Topics include acquisition, transmission, storage, retrieval, management, and analysis of biomedical and health information. The journal covers applications of information technologies in healthcare, patient monitoring, preventive care, early disease diagnosis, therapy discovery, and personalized treatment protocols. It explores electronic medical and health records, clinical information systems, decision support systems, medical and biological imaging informatics, wearable systems, body area/sensor networks, and more. Integration-related topics like interoperability, evidence-based medicine, and secure patient data are also addressed.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
