Evaluating the privacy of synthetic data with an adversarial toolbox. This code extends the TAPAS toolbox presented in the associated paper with additional attacks, threat models and metrics, including attacks provided in Synth-MIA which are specific for the No-Box scenario. To ensure interoperability and align the evaluation frameworks, we implemented a custom integration wrapper and expanded the available threat models.
If you use this toolbox for a scientific publication, we kindly ask you to reference the paper:
Houssiau, F., Jordon, J., Cohen, S.N., Daniel, O., Elliott, A., Geddes, J., Mole, C., Rangel-Smith, C. and Szpruch, L., 2022. _TAPAS: a toolbox for adversarial privacy auditing of synthetic data.
This extension also incorporates components from the following software:
Ward, J. et al., 2025. Synth-MIA: A Privacy Leakage Auditing Tool for Synthetic Data. Source code available at https://github.com/joshward96/Synth-MIA.
In BibTex:
@article{houssiau2022tapas,
title={TAPAS: a toolbox for adversarial privacy auditing of synthetic data},
author={Houssiau, F and Jordon, J and Cohen, SN and Daniel, O and Elliott, A and Geddes, J and Mole, C and Rangel-Smith, C and Szpruch, L},
year={2022},
publisher={Neural Information Processing Systems Foundation}
}
The framework and its building blocks have been developed and tested under Python 3.11.
To mimic our environment exactly, we recommend using poetry. To install poetry (system-wide), follow the instructions here.
Then run
poetry install
from inside the project directory. This will create a virtual environment (default .venv), that can be accessed by running poetry shell, or in the usual way (with source .venv/bin/activate).
It is also possible to install from pip:
pip install git+https://github.com/alan-turing-institute/privacy-sdg-toolbox
Doing so installs a command-line tool, tapas, somewhere in your path. (Eg, on
a MacOS system with pip installed via homebrew, the tool ends up in a homebrew
bin director.)