{"id":"https:\/\/openalex.org\/W4416252025","doi":"https:\/\/doi.org\/10.1109\/ijcnn64981.2025.11227775","title":"GuidedLatent: Defending VAEs against Membership Inference Attacks via Distribution-Guided Privacy","display_name":"GuidedLatent: Defending VAEs against Membership Inference Attacks via Distribution-Guided Privacy","publication_year":2025,"publication_date":"2025-06-30","ids":{"openalex":"https:\/\/openalex.org\/W4416252025","doi":"https:\/\/doi.org\/10.1109\/ijcnn64981.2025.11227775"},"language":null,"primary_location":{"id":"doi:10.1109\/ijcnn64981.2025.11227775","is_oa":false,"landing_page_url":"https:\/\/doi.org\/10.1109\/ijcnn64981.2025.11227775","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https:\/\/openalex.org\/A5100735338","display_name":"Chenyu Du","orcid":"https:\/\/orcid.org\/0000-0002-8216-0504"},"institutions":[{"id":"https:\/\/openalex.org\/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https:\/\/ror.org\/04w9fbh59","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I139759216"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Chengze Du","raw_affiliation_strings":["Beijing University of Posts and Telecommunications,School of Cyberspace Security,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Beijing University of Posts and Telecommunications,School of Cyberspace Security,Beijing,China","institution_ids":["https:\/\/openalex.org\/I139759216"]}]},{"author_position":"middle","author":{"id":"https:\/\/openalex.org\/A5065454900","display_name":"Guangzhen Yao","orcid":"https:\/\/orcid.org\/0009-0002-1323-6998"},"institutions":[{"id":"https:\/\/openalex.org\/I170215575","display_name":"National University of Defense Technology","ror":"https:\/\/ror.org\/05d2yfz11","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I170215575"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Guangzhen Yao","raw_affiliation_strings":["National University of Defense Technology,College of Science,Changsha,China"],"affiliations":[{"raw_affiliation_string":"National University of Defense Technology,College of Science,Changsha,China","institution_ids":["https:\/\/openalex.org\/I170215575"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Jibin Shi","orcid":null},"institutions":[{"id":"https:\/\/openalex.org\/I149594827","display_name":"Xidian University","ror":"https:\/\/ror.org\/05s92vm98","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jibin Shi","raw_affiliation_strings":["Xidian University,School of Artificial Intelligence,Xi&#x2019;an,China"],"affiliations":[{"raw_affiliation_string":"Xidian University,School of Artificial Intelligence,Xi&#x2019;an,China","institution_ids":["https:\/\/openalex.org\/I149594827"]}]},{"author_position":"middle","author":{"id":"https:\/\/openalex.org\/A5004874287","display_name":"Ying\u2013Jun Angela Zhang","orcid":"https:\/\/orcid.org\/0000-0002-7304-6849"},"institutions":[{"id":"https:\/\/openalex.org\/I82880672","display_name":"Beihang University","ror":"https:\/\/ror.org\/00wk2mp56","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I82880672"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ying Zhang","raw_affiliation_strings":["Zhipu Huazhang Technology,AI Department,Beijing,China"],"affiliations":[{"raw_affiliation_string":"Zhipu Huazhang Technology,AI Department,Beijing,China","institution_ids":["https:\/\/openalex.org\/I82880672"]}]},{"author_position":"last","author":{"id":"https:\/\/openalex.org\/A5116585415","display_name":"Renda Han","orcid":"https:\/\/orcid.org\/0009-0009-8568-2285"},"institutions":[{"id":"https:\/\/openalex.org\/I20942203","display_name":"Hainan University","ror":"https:\/\/ror.org\/03q648j11","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I20942203"]},{"id":"https:\/\/openalex.org\/I4210145393","display_name":"Hainan Agricultural School","ror":"https:\/\/ror.org\/04p8ncq94","country_code":"CN","type":"education","lineage":["https:\/\/openalex.org\/I4210145393"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Renda Han","raw_affiliation_strings":["Hainan University,School of Computer Science and Technology,Hainan,China"],"affiliations":[{"raw_affiliation_string":"Hainan University,School of Computer Science and Technology,Hainan,China","institution_ids":["https:\/\/openalex.org\/I4210145393","https:\/\/openalex.org\/I20942203"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https:\/\/openalex.org\/A5100735338"],"corresponding_institution_ids":["https:\/\/openalex.org\/I139759216"],"apc_list":null,"apc_paid":null,"fwci":0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.17986564,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https:\/\/openalex.org\/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.37290000915527344,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1702","display_name":"Artificial Intelligence"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}},"topics":[{"id":"https:\/\/openalex.org\/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.37290000915527344,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1702","display_name":"Artificial Intelligence"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}},{"id":"https:\/\/openalex.org\/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.27799999713897705,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1702","display_name":"Artificial Intelligence"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}},{"id":"https:\/\/openalex.org\/T10775","display_name":"Generative Adversarial Networks and Image Synthesis","score":0.04690000042319298,"subfield":{"id":"https:\/\/openalex.org\/subfields\/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https:\/\/openalex.org\/fields\/17","display_name":"Computer Science"},"domain":{"id":"https:\/\/openalex.org\/domains\/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https:\/\/openalex.org\/keywords\/inference","display_name":"Inference","score":0.7472000122070312},{"id":"https:\/\/openalex.org\/keywords\/generative-grammar","display_name":"Generative grammar","score":0.6279000043869019},{"id":"https:\/\/openalex.org\/keywords\/generative-model","display_name":"Generative model","score":0.6187000274658203},{"id":"https:\/\/openalex.org\/keywords\/vulnerability","display_name":"Vulnerability (computing)","score":0.5540000200271606},{"id":"https:\/\/openalex.org\/keywords\/differential-privacy","display_name":"Differential privacy","score":0.5077000260353088},{"id":"https:\/\/openalex.org\/keywords\/mechanism","display_name":"Mechanism (biology)","score":0.4462999999523163},{"id":"https:\/\/openalex.org\/keywords\/information-privacy","display_name":"Information privacy","score":0.4165000021457672},{"id":"https:\/\/openalex.org\/keywords\/privacy-protection","display_name":"Privacy protection","score":0.41449999809265137}],"concepts":[{"id":"https:\/\/openalex.org\/C41008148","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q21198","display_name":"Computer science","level":0,"score":0.763700008392334},{"id":"https:\/\/openalex.org\/C2776214188","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q408386","display_name":"Inference","level":2,"score":0.7472000122070312},{"id":"https:\/\/openalex.org\/C39890363","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q36108","display_name":"Generative grammar","level":2,"score":0.6279000043869019},{"id":"https:\/\/openalex.org\/C167966045","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q5532625","display_name":"Generative model","level":3,"score":0.6187000274658203},{"id":"https:\/\/openalex.org\/C95713431","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5540000200271606},{"id":"https:\/\/openalex.org\/C23130292","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q5275358","display_name":"Differential privacy","level":2,"score":0.5077000260353088},{"id":"https:\/\/openalex.org\/C154945302","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q11660","display_name":"Artificial intelligence","level":1,"score":0.47749999165534973},{"id":"https:\/\/openalex.org\/C89611455","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q6804646","display_name":"Mechanism (biology)","level":2,"score":0.4462999999523163},{"id":"https:\/\/openalex.org\/C38652104","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q3510521","display_name":"Computer security","level":1,"score":0.4262000024318695},{"id":"https:\/\/openalex.org\/C123201435","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q456632","display_name":"Information privacy","level":2,"score":0.4165000021457672},{"id":"https:\/\/openalex.org\/C3017597292","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q25052250","display_name":"Privacy protection","level":2,"score":0.41449999809265137},{"id":"https:\/\/openalex.org\/C2779530757","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.4113999903202057},{"id":"https:\/\/openalex.org\/C119857082","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q2539","display_name":"Machine learning","level":1,"score":0.40380001068115234},{"id":"https:\/\/openalex.org\/C124101348","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q172491","display_name":"Data mining","level":1,"score":0.3885999917984009},{"id":"https:\/\/openalex.org\/C46355384","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q726686","display_name":"Compromise","level":2,"score":0.32109999656677246},{"id":"https:\/\/openalex.org\/C12725497","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q810247","display_name":"Baseline (sea)","level":2,"score":0.310699999332428},{"id":"https:\/\/openalex.org\/C51632099","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q3985153","display_name":"Training set","level":2,"score":0.29980000853538513},{"id":"https:\/\/openalex.org\/C77618280","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.2985999882221222},{"id":"https:\/\/openalex.org\/C65856478","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q3991682","display_name":"Attack model","level":2,"score":0.2678000032901764},{"id":"https:\/\/openalex.org\/C137822555","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q2587068","display_name":"Information sensitivity","level":2,"score":0.2678000032901764},{"id":"https:\/\/openalex.org\/C67186912","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q367664","display_name":"Data modeling","level":2,"score":0.2605000138282776},{"id":"https:\/\/openalex.org\/C167063184","wikidata":"https:\/\/www.wikidata.org\/wiki\/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.25619998574256897}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109\/ijcnn64981.2025.11227775","is_oa":false,"landing_page_url":"https:\/\/doi.org\/10.1109\/ijcnn64981.2025.11227775","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https:\/\/openalex.org\/F4320321470","display_name":"Beijing University of Posts and Telecommunications","ror":"https:\/\/ror.org\/04w9fbh59"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":20,"referenced_works":["https:\/\/openalex.org\/W2171766961","https:\/\/openalex.org\/W2535690855","https:\/\/openalex.org\/W2730106296","https:\/\/openalex.org\/W2884943453","https:\/\/openalex.org\/W2887995258","https:\/\/openalex.org\/W2912023992","https:\/\/openalex.org\/W2930926105","https:\/\/openalex.org\/W2963378725","https:\/\/openalex.org\/W2965527189","https:\/\/openalex.org\/W2983140679","https:\/\/openalex.org\/W3071470454","https:\/\/openalex.org\/W4214817174","https:\/\/openalex.org\/W4308410483","https:\/\/openalex.org\/W4388805555","https:\/\/openalex.org\/W4392594066","https:\/\/openalex.org\/W4394625755","https:\/\/openalex.org\/W4394625871","https:\/\/openalex.org\/W4402667890","https:\/\/openalex.org\/W4402774574","https:\/\/openalex.org\/W4405021351"],"related_works":[],"abstract_inverted_index":{"Variational":[0],"autoencoders":[1],"(VAEs)":[2],"have":[3],"been":[4],"deployed":[5],"in":[6,113],"many":[7],"privacy-sensitive":[8],"domains,":[9],"and":[10,46,84,124],"their":[11,48],"vulnerability":[12],"to":[13,55,96],"membership":[14,44,92],"inference":[15,93],"attacks":[16,94],"(MIAs)":[17],"poses":[18],"giant":[19],"privacy":[20,25,30,45,73],"risks.":[21],"While":[22],"some":[23],"existing":[24],"protection":[26],"methods":[27],"like":[28],"differential":[29],"often":[31],"compromise":[32],"generative":[33,49,132],"models\u2019":[34],"utility,":[35],"we":[36],"present":[37],"GuidedLatent,":[38],"a":[39,66,127],"novel":[40],"mechanism":[41,87],"that":[42,70,103],"enhances":[43],"preserves":[47],"performance.":[50],"GuidedLatent":[51],"allows":[52],"the":[53,80,89],"model":[54],"adjust":[56],"latent":[57],"representations":[58],"dynamically":[59],"based":[60],"on":[61,79],"distribution":[62],"similarities,":[63],"coupled":[64],"with":[65],"two-phase":[67],"training":[68],"strategy":[69],"gradually":[71],"incorporates":[72],"constraints.":[74],"We":[75],"also":[76],"establish":[77],"bounds":[78],"privacy-utility":[81],"trade-off":[82],"theoretically":[83],"prove":[85],"our":[86,104],"reduces":[88],"performance":[90],"of":[91],"compared":[95],"other":[97],"baseline":[98],"approaches.":[99],"Extensive":[100],"experiments":[101],"demonstrate":[102],"method":[105,117],"maintains":[106],"high-quality":[107],"generation":[108],"capabilities":[109],"while":[110],"minimizing":[111],"degradation":[112],"quality":[114],"metrics.":[115],"Our":[116],"performs":[118],"effectively":[119],"across":[120],"various":[121],"VAE":[122],"variants":[123],"architectures,":[125],"providing":[126],"practical":[128],"solution":[129],"for":[130],"privacy-preserving":[131],"models.":[133],"<sup":[134],"xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\"":[135],"xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\">1<\/sup>":[136]},"counts_by_year":[],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-11-14T00:00:00"}