Search papers, labs, and topics across Lattice.
This paper introduces AutoMIA, an agentic framework for membership inference attacks (MIAs) that automates the discovery of effective attack strategies. AutoMIA uses self-exploration to generate and refine logits-level attack strategies based on feedback, decoupling strategy reasoning from execution. Experiments show AutoMIA matches or exceeds state-of-the-art MIA baselines without manual feature engineering, demonstrating improved adaptability across different large models.
Forget hand-crafted membership inference attacks - AutoMIA learns better strategies automatically, adapting to different models and eliminating the need for manual feature engineering.
Membership Inference Attacks (MIAs) serve as a fundamental auditing tool for evaluating training data leakage in machine learning models. However, existing methodologies predominantly rely on static, handcrafted heuristics that lack adaptability, often leading to suboptimal performance when transferred across different large models. In this work, we propose AutoMIA, an agentic framework that reformulates membership inference as an automated process of self-exploration and strategy evolution. Given high-level scenario specifications, AutoMIA self-explores the attack space by generating executable logits-level strategies and progressively refining them through closed-loop evaluation feedback. By decoupling abstract strategy reasoning from low-level execution, our framework enables a systematic, model-agnostic traversal of the attack search space. Extensive experiments demonstrate that AutoMIA consistently matches or outperforms state-of-the-art baselines while eliminating the need for manual feature engineering.
