[1802.08232] The Secret Sharer: Measuring Unintended Neural Network Memorization & Extracting Secrets

Abstract: Machine learning models based on neural networks and deep learning are being rapidly adopted for many purposes. What those models learn, and what they may share, is a significant concern when the training data may contain secrets and the models are public -- e.g., when a model helps users compose text messages using models trained on all users' messages.