https://spylab.ai/blog/side-channels-machine-learning/
Privacy side channels in machine learning systems
Edoardo Debenedetti, Florian Tramèr
Sep 12, 2023
“An additional application of our membership inference attack is to test whether specific data sources were part of a model’s training set. To illustrate, we use our attack to reverse-engineer the training data cut-off date for GitHub’s Copilot model.”