Skip to main content

Settings: Membership inference attack

Overview

H2O Model Security offers several settings for a membership inference attack. Below, each setting is described in turn.

Column sampling rate

Defines the row (X-axis) sampling rate (without replacement) that H2O Model Security utilizes when creating the second-level surrogate model (Gradient Boosting Machine (GBM)).

Note

Defaults to 1 and acceptable values range from 0.0 to 1.0.

Tip

Column sampling rate and Row sampling rate can improve generalization and lead to lower validation and test set errors. Good general values for large datasets are around 0.7 to 0.8 (sampling 70-80 percent of the data) for both parameters, as higher values generally improve training accuracy.

Row sampling rate

Defines the column (Y-axis) sampling rate (without replacement) that H2O Model Security utilizes when creating the second-level surrogate model (Gradient Boosting Machine (GBM)).

note
  • Defaults to 1 and acceptable values range from 0.0 to 1.0.
Tip

Row sampling rate and Column sampling rate can improve generalization and lead to lower validation and test set errors. Good general values for large datasets are around 0.7 to 0.8 (sampling 70-80 percent of the data) for both parameters, as higher values generally improve training accuracy.

Number of trees (Inference model)

Defines the number of trees the second-level surrogate model will create during the membership inference attack. This option specifies the number of trees to build in the model for tree-based algorithms. In tree-based models, each node in the tree corresponds to a feature field from the training dataset; except for the top node, each node has an incoming branch.

Maximum depth (Inference model)

Defines the maximum depth of the trees in the second-level surrogate model that H2O Model Security creates during the membership inference attack.

Learning rate (Inference model)

Defines the learning rate H2O Model Security utilizes for the second-level surrogate model (Gradient Boosting Machine (GBM)).

Feedback