<ul data-eligibleForWebStory="true"><li>Machine Unlearning (MU) is used to update machine learning models efficiently by removing training samples without retraining from scratch.</li><li>MU is employed to provide privacy protection and regulatory compliance but can also increase the model's vulnerability to attacks.</li><li>Existing privacy attacks on MU require access to both the unlearned model and the original model, limiting their practicality in real-life scenarios.</li><li>A novel privacy attack named Apollo is proposed, focusing on label-only membership inference towards MU.</li><li>Apollo operates under a strict threat model where the adversary only has access to the label outputs of the unlearned model.</li><li>The attack aims to determine if a data sample has been unlearned and shows high precision in identifying unlearned samples.</li></ul>

Apollo: A Posteriori Label-Only Membership Inference Attack Towards Machine Unlearning

Discover more