Understanding Privacy and Quality Tradeoffs in Synthetic Network Data

Authors: Andrew Chu (University of Chicago), Kyle MacMillan (University of Chicago), Paul Schmitt (California Polytechnic State University), Nick Feamster (University of Chicago)

Volume: 2026
Issue: 3
Pages: 341–359
DOI: https://doi.org/10.56553/popets-2026-0085

Download PDF

Abstract: The limited availability of high-quality computer networking data, and the privacy risks of sharing what does exist, has prompted development of ML-based methods for generating synthetic network data that mimics real communication between networked devices. The viability of these models hinges on both the quality of their output and how well they preserve private information encoded in their training data. Prior work has sought to address this by training models with differential privacy (DP). However, how this choice affects the actual privacy of the training data, and subsequently the quality of the generated output, is not well understood. In this work, we analyze the relationship between privacy and quality in generative network data models. Using the success of membership inference attacks (MIAs) as the metric for privacy, we observe that whether DP mitigates MIAs depends heavily on model architecture and representation of network data used for training. In particular, we empirically find that some approaches to generating synthetic network data train models that heavily skew towards either overgeneralizing or undergeneralizing to their training data, resulting in poor or inconsistent MIA performance. In these cases, using DP does not yield substantive improvements in vulnerability to MIAs. As for the quality of generated data, we find that DP synthetic network data can retain statistical similarity to real data even under strict privacy budgets, and that downstream models (e.g., classifiers, regressors) trained on this data tend to achieve at least as good accuracy as models trained on non-DP data. These results suggest that DP, depending on the model, offers protection against MIAs without degrading the utility of the generated output, and in some cases, improves utility.

Keywords: Membership inference attack, Machine learning for networking

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.