avnacé aia, remerciement notations, notes

3 files changed, 79 insertions, 0 deletions

diff --git a/ACSAC/tables/tab_attack.tex b/ACSAC/tables/tab_attack.tex
new file mode 100644
index 0000000..51974df
--- /dev/null
+++ b/ACSAC/tables/tab_attack.tex
@@ -0,0 +1,30 @@
+\begin{table}[!htb]
+%\vspace{-3mm}
+\caption{\adaptiveAIAHard and \adaptiveAIASoft outperform their respective baselines. We report attack accuracy over ten runs.}
+\begin{center}
+%\footnotesize
+\scriptsize
+\begin{tabular}{ l | c | c  }
+\hline
+\rowcolor{LightCyan}  & \multicolumn{2}{c}{\ref{tm:hard}}\\
+\rowcolor{LightCyan}  \textbf{Dataset} & \textbf{Baseline ($\upsilon$=0.50)} & \textbf{\adaptiveAIAHard}\\ 
+\rowcolor{LightCyan}  & \textbf{\race} | \textbf{\sex}& \textbf{\race} | \textbf{\sex}\\
+\textbf{\census} & 0.50 $\pm$ 0.00 | 0.50 $\pm$ 0.00& \textbf{0.56 $\pm$ 0.01} | \textbf{0.58 $\pm$ 0.01} \\
+\textbf{\compas}& \textbf{0.62 $\pm$  0.03} | 0.50 $\pm$ 0.00& \textbf{0.62 $\pm$ 0.03} | \textbf{0.57 $\pm$ 0.03} \\ 
+\textbf{\meps} & 0.51 $\pm$ 0.01 | \textbf{0.55 $\pm$ 0.02} & \textbf{0.53 $\pm$ 0.01} | \textbf{0.55 $\pm$ 0.01} \\
+\textbf{\lfw} & 0.59 $\pm$ 0.00  | 0.64 $\pm$ 0.15& \textbf{0.61 $\pm$ 0.11} | \textbf{0.78 $\pm$ 0.05}  \\
+\hline
+\rowcolor{LightCyan} & \multicolumn{2}{c}{\ref{tm:soft}} \\
+\rowcolor{LightCyan}  \textbf{Dataset} & \textbf{Baseline ($\upsilon$=0.50)} & \textbf{\adaptiveAIASoft} \\ 
+ \rowcolor{LightCyan} & \textbf{\race} | \textbf{\sex} & \textbf{\race} | \textbf{\sex}\\
+\hline
+\textbf{\census}&  0.50 $\pm$ 0.02 | 0.56 $\pm$ 0.04 & \textbf{0.61 $\pm$ 0.02} | \textbf{0.68 $\pm$ 0.01}  \\
+\textbf{\compas}& \textbf{0.62 $\pm$ 0.03} | 0.50 $\pm$ 0.00 & \textbf{0.62 $\pm$ 0.03} | \textbf{0.57 $\pm$ 0.03} \\ 
+\textbf{\meps} & 0.52 $\pm$ 0.02 | 0.55 $\pm$ 0.02 & \textbf{0.60 $\pm$ 0.02} | \textbf{0.62 $\pm$ 0.02}\\
+\textbf{\lfw} & 0.50 $\pm$ 0.10 | \textbf{0.77 $\pm$ 0.07} & \textbf{0.61 $\pm$ 0.10} | \textbf{0.79 $\pm$ 0.05}\\
+\hline
+\end{tabular}
+\end{center}
+\label{tab:global_threshold_withoutsattr}
+%\vspace{-5mm}
+\end{table}
\ No newline at end of file
diff --git a/ACSAC/tables/tab_datasets.tex b/ACSAC/tables/tab_datasets.tex
new file mode 100644
index 0000000..3dfe024
--- /dev/null
+++ b/ACSAC/tables/tab_datasets.tex
@@ -0,0 +1,17 @@
+\begin{table}[htb]
+\caption{Summary of dataset splits: $\traindata$ to train $\targetmodel$, $\testdata$ to evaluate $\targetmodel$, $\auxtraindata$ to train $\attackmodel$, and $\auxtestdata$ to evaluate $\attackmodel$.}
+\footnotesize
+\begin{center}
+\begin{tabular}{ l | c | c | c | c}
+\hline
+ \textbf{Dataset} & $\traindata$ & $\testdata$ & $\auxtraindata$ &  $\auxtestdata$\\ 
+ \hline
+ \textbf{\census} & 24,752 & 6,188 & 4,950 & 1,238 \\  
+ \textbf{\compas} & 4,937 & 1,235 & 988 & 247\\ 
+ \textbf{\meps} & 12,664 & 3,166 & 2,532 & 634\\ 
+ \textbf{\lfw} & 10514 & 2629 & 2103 & 526\\ 
+ \hline
+\end{tabular}
+\end{center}
+\label{tab:summary}
+\end{table}
\ No newline at end of file
diff --git a/ACSAC/tables/tab_summary.tex b/ACSAC/tables/tab_summary.tex
new file mode 100644
index 0000000..f9598a4
--- /dev/null
+++ b/ACSAC/tables/tab_summary.tex
@@ -0,0 +1,32 @@
+\setlength\tabcolsep{3pt}
+\begin{table*}[!htb]
+\caption{Comparison of prior \aia{s}: attack vector exploited (e.g., $\targetmodel(X(\omega))$, $X(\omega)$, $Y(\omega)$, distribution over $S$ ($P_S$) and confusion matrix $C(Y,\targetmodel\circ X)$), whether $S$ is censored, i.e., included in $\traindata$ and inputs, whether \aia{s} account for class imbalance in $S$, whether \adv is active or passive and whether the threat model is blackbox or whitebox.}
+\begin{center}
+\footnotesize
+% \resizebox{\textwidth}{!}{%
+\begin{tabular}{ |c|c|c|c|c|c| }
+ \hline
+ \rowcolor{LightCyan} 
+ \textbf{Literature} & \textbf{Attack Vector} & \textbf{Is $S$ censored?} & \textbf{Imbalance in $S$?} & \textbf{\adv} & \textbf{Threat Model} \\
+ \hline
+ \rowcolor{LightCyan} 
+ \multicolumn{6}{|c|}{\textbf{Imputation-based Attacks}}\\
+ \hline
+ \textbf{Fredrikson et al.}~\cite{fredrikson2} & $X$, $Y$, $\targetmodel\circ X$, \textbf{$P_S$}, $C(Y,\targetmodel\circ X$) & $\checkmark$ & $\times$ &  Passive & Blackbox\\
+ \textbf{Yeom et al.}~\cite{yeom} & $X$, $Y$, $\targetmodel$, \textbf{$P_S$} & $\checkmark$  & $\times$ &  Passive & Blackbox\\
+  \textbf{Mehnaz et al.}~\cite{MehnazAttInf} & $X$, $Y$, $\targetmodel$, \textbf{$P_S$}, $C(Y,\targetmodel\circ X)$ & $\checkmark$ & $\times$ &  Passive & Blackbox\\
+  \textbf{Jayaraman and Evans}~\cite{jayaraman2022attribute} & $X$, $Y$, $\targetmodel$, $P_S$, $C(Y,\targetmodel\circ X)$ & $\times$, $\checkmark$ & $\times$ &  Passive & Whitebox\\
+  \hline
+  \rowcolor{LightCyan} 
+   \multicolumn{6}{|c|}{\textbf{Representation-based Attacks}}\\
+  \hline
+ \textbf{Song et al.}~\cite{Song2020Overlearning} & $\targetmodel\circ X$ & $\times$ & $\times$ &  Passive & Both\\
+ \textbf{Mahajan et al.}~\cite{Mahajan2020DoesLS} & $\targetmodel\circ X$ & $\checkmark$ & $\times$ &  Passive & Blackbox\\
+ \textbf{Malekzadeh et al.}~\cite{malekzadeh2021honestbutcurious} & $\targetmodel\circ X$ & $\times$ & $\times$ &  Active & Blackbox\\
+ % \textbf{Our Work} & $\targetmodel\circ X$ & $\times$, $\checkmark$ & $\checkmark$ &  Passive & Blackbox \\
+ \hline
+\end{tabular}
+% }
+\end{center}
+\label{tab:summary}
+\end{table*}
\ No newline at end of file