AutoMIA: Improved Baselines for Membership Inference Attack via Agentic Self-Exploration
Abstract
AutoMIA is an agentic framework that automates membership inference attacks by dynamically generating and refining logits-level strategies through self-exploration and closed-loop evaluation.
Membership Inference Attacks (MIAs) serve as a fundamental auditing tool for evaluating training data leakage in machine learning models. However, existing methodologies predominantly rely on static, handcrafted heuristics that lack adaptability, often leading to suboptimal performance when transferred across different large models. In this work, we propose AutoMIA, an agentic framework that reformulates membership inference as an automated process of self-exploration and strategy evolution. Given high-level scenario specifications, AutoMIA self-explores the attack space by generating executable logits-level strategies and progressively refining them through closed-loop evaluation feedback. By decoupling abstract strategy reasoning from low-level execution, our framework enables a systematic, model-agnostic traversal of the attack search space. Extensive experiments demonstrate that AutoMIA consistently matches or outperforms state-of-the-art baselines while eliminating the need for manual feature engineering.
Community
This is an automated message from the Librarian Bot. I found the following papers similar to this paper.
The following papers were recommended by the Semantic Scholar API
- Automated Membership Inference Attacks: Discovering MIA Signal Computations using LLM Agents (2026)
- Stop Tracking Me! Proactive Defense Against Attribute Inference Attack in LLMs (2026)
- G-Drift MIA: Membership Inference via Gradient-Induced Feature Drift in LLMs (2026)
- Learning to Inject: Automated Prompt Injection via Reinforcement Learning (2026)
- REBEL: Hidden Knowledge Recovery via Evolutionary-Based Evaluation Loop (2026)
- PISmith: Reinforcement Learning-based Red Teaming for Prompt Injection Defenses (2026)
- Recycling Failures: Salvaging Exploration in RLVR via Fine-Grained Off-Policy Guidance (2026)
Please give a thumbs up to this comment if you found it helpful!
If you want recommendations for any Paper on Hugging Face checkout this Space
You can directly ask Librarian Bot for paper recommendations by tagging it in a comment: @librarian-bot recommend
Get this paper in your agent:
hf papers read 2604.01014 Don't have the latest CLI?
curl -LsSf https://hf.co/cli/install.sh | bash Models citing this paper 0
No model linking this paper
Datasets citing this paper 0
No dataset linking this paper
Spaces citing this paper 0
No Space linking this paper
Collections including this paper 0
No Collection including this paper