• machine learning
• explainable AI
• differential privacy
• membership inference
• privacy exposure
• black box

The usage of machine learning models is spreading at incredibly fast rates over all fields of human endeavour. The decisions taken by these systems however are not always easily understandable by humans, which prompted the development of the field of explainable AI (XAI) to ensure transparency and trustworthiness of such systems. Growing concerns are also rising for the level of privacy protection these models are able to ensure when they are faced by malicious attackers.
This thesis assesses the privacy risk of both opaque black box models as well as more transparent XAI models when threatened by the class of membership inference attacks. Subsequently, it employs and tests the effectiveness of differential privacy, a widespread framework for privacy risk mitigation, when defending against such attacks. The empirical results provide insights for future developments of privacy-preserving techniques, highlighting strengths and weaknesses of differential privacy.