Defending Against Membership Inference Attacks on Iteratively Pruned Deep Neural Networks
Jing Shang
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Membership Inference
In an era defined by the escalating scale of deep neural networks (DNNs) and the concurrent demand for their deployment on resource-constrained devices, model compression techniques have become indispensable. This talk, presented by Jing Shang from Beijing University of Technology, delves into the critical security implications of one such technique: neural network pruning. Specifically, the research focuses on **iterative pruning**, a method known for achieving superior trade-offs between model utility and sparsity, and its unexpected vulnerability to **Membership Inference Attacks (MIA)**.
AI review
Legitimate academic security research on a real and underexplored problem — MIA amplification in iteratively pruned DNNs — with a concrete defense framework (WeMine) that beats existing baselines on privacy-utility tradeoff. Solid contribution to ML privacy literature, but it's a conference paper presentation, not a practitioner talk, and the technical delivery is thin enough that it reads better as a PDF than a session.