{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2018:UNSVXC75BHFNG4TGGZLLOO3OKG","short_pith_number":"pith:UNSVXC75","schema_version":"1.0","canonical_sha256":"a3655b8bfd09cad372663656b73b6e51933bed6d37a2bb7213dea9e586dbe2a0","source":{"kind":"arxiv","id":"1805.04049","version":3},"attestation_state":"computed","paper":{"title":"Exploiting Unintended Feature Leakage in Collaborative Learning","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Congzheng Song, Emiliano De Cristofaro, Luca Melis, Vitaly Shmatikov","submitted_at":"2018-05-10T16:28:44Z","abstract_excerpt":"Collaborative machine learning and related techniques such as federated learning allow multiple participants, each with his own training dataset, to build a joint model by training locally and periodically exchanging model updates. We demonstrate that these updates leak unintended information about participants' training data and develop passive and active inference attacks to exploit this leakage. First, we show that an adversarial participant can infer the presence of exact data points -- for example, specific locations -- in others' training data (i.e., membership inference). Then, we show "},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1805.04049","kind":"arxiv","version":3},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2018-05-10T16:28:44Z","cross_cats_sorted":["cs.AI"],"title_canon_sha256":"81101cdaffdd2f63af314f2d3fb27a3a3b77656bf0e79aeac392369fc564ec73","abstract_canon_sha256":"ca657c677200fe964286ddc4f148a044f49790f173ef31dd91f5bfaea22aa639"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:01:47.227201Z","signature_b64":"dAUM2Er+lmJL7cFoB8BuMBSFR/KwiTZWf9m/NHIi1D7dq/DtpRk0UG+OPiAkv7V8mU7xVQumgJlzR5dc7UFxCA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"a3655b8bfd09cad372663656b73b6e51933bed6d37a2bb7213dea9e586dbe2a0","last_reissued_at":"2026-05-18T00:01:47.226457Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:01:47.226457Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"Exploiting Unintended Feature Leakage in Collaborative Learning","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.AI"],"primary_cat":"cs.CR","authors_text":"Congzheng Song, Emiliano De Cristofaro, Luca Melis, Vitaly Shmatikov","submitted_at":"2018-05-10T16:28:44Z","abstract_excerpt":"Collaborative machine learning and related techniques such as federated learning allow multiple participants, each with his own training dataset, to build a joint model by training locally and periodically exchanging model updates. We demonstrate that these updates leak unintended information about participants' training data and develop passive and active inference attacks to exploit this leakage. First, we show that an adversarial participant can infer the presence of exact data points -- for example, specific locations -- in others' training data (i.e., membership inference). Then, we show "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1805.04049","kind":"arxiv","version":3},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1805.04049","created_at":"2026-05-18T00:01:47.226561+00:00"},{"alias_kind":"arxiv_version","alias_value":"1805.04049v3","created_at":"2026-05-18T00:01:47.226561+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1805.04049","created_at":"2026-05-18T00:01:47.226561+00:00"},{"alias_kind":"pith_short_12","alias_value":"UNSVXC75BHFN","created_at":"2026-05-18T12:32:56.356000+00:00"},{"alias_kind":"pith_short_16","alias_value":"UNSVXC75BHFNG4TG","created_at":"2026-05-18T12:32:56.356000+00:00"},{"alias_kind":"pith_short_8","alias_value":"UNSVXC75","created_at":"2026-05-18T12:32:56.356000+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":1,"internal_anchor_count":0,"sample":[{"citing_arxiv_id":"2605.11386","citing_title":"Revisiting Privacy Preservation in Brain-Computer Interfaces: Conceptual Boundaries, Risk Pathways, and a Protection-Strength Grading Framework","ref_index":12,"is_internal_anchor":false}]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG","json":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG.json","graph_json":"https://pith.science/api/pith-number/UNSVXC75BHFNG4TGGZLLOO3OKG/graph.json","events_json":"https://pith.science/api/pith-number/UNSVXC75BHFNG4TGGZLLOO3OKG/events.json","paper":"https://pith.science/paper/UNSVXC75"},"agent_actions":{"view_html":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG","download_json":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG.json","view_paper":"https://pith.science/paper/UNSVXC75","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1805.04049&json=true","fetch_graph":"https://pith.science/api/pith-number/UNSVXC75BHFNG4TGGZLLOO3OKG/graph.json","fetch_events":"https://pith.science/api/pith-number/UNSVXC75BHFNG4TGGZLLOO3OKG/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG/action/timestamp_anchor","attest_storage":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG/action/storage_attestation","attest_author":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG/action/author_attestation","sign_citation":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG/action/citation_signature","submit_replication":"https://pith.science/pith/UNSVXC75BHFNG4TGGZLLOO3OKG/action/replication_record"}},"created_at":"2026-05-18T00:01:47.226561+00:00","updated_at":"2026-05-18T00:01:47.226561+00:00"}