Although federated learning avoids direct data sharing, it remains vulnerable to membership inference attacks (MIAs). This work evaluates the effectiveness of differential privacy (DP) as a defense against MIAs within the NIST Genomic Privacy Red Team Challenge framework and introduces a novel black-box attack method based on stacking seven estimators. The proposed approach trains a meta-classifier using model output probabilities and cross-entropy loss to achieve highly effective membership inference. It substantially outperforms existing baselines both in the absence of DP and under low-privacy settings (ε=200), overcoming the limitations of conventional single-signal attacks. Empirical results reveal a critical trade-off between the strength of DP protection and the efficacy of membership inference, highlighting the nuanced interplay between privacy guarantees and attack success rates.

While Federated Learning (FL) mitigates direct data exposure, the resulting trained models remain susceptible to membership inference attacks (MIAs). This paper presents an empirical evaluation of Differential Privacy (DP) as a defense mechanism against MIAs in FL, leveraging the environment of the 2025 NIST Genomics Privacy-Preserving Federated Learning (PPFL) Red Teaming Event. To improve inference accuracy, we propose a stacking attack strategy that ensembles seven black-box estimators to train a meta-classifier on prediction probabilities and cross-entropy losses. We evaluate this methodology against target models under three privacy configurations: an unprotected convolutional neural network (CNN, $ε=\infty$), a low-privacy DP model ($ε=200$), and a high-privacy DP model ($ε=10$). The attack outperforms all baselines in the No DP and Low Privacy settings and, critically, maintains measurable membership leakage at $ε=200$ where a single-signal LiRA baseline collapses. Evaluated on an independent third-party benchmark, these results provide an empirical characterisation of how stacking-based inference degrades across calibrated DP tiers in FL.