Model Inversion Attack

Short Description: Attacker uses model responses to recontruct training dataset.

CAT ID: CAT-2023-014

Layer: 7

Operational Scale: Operational

Level of Maturity: Proof of Concept

Category: Exploit

Subcategory:

Also Known As:

Description:

Brief Description:

Closely Related Concepts:

Mechanism:

Multipliers:

Detailed Description: Model Inversion Attacks utilize a model’s outputs as a means to reconstruct original training data sets or samples, potentially revealing sensitive information. A Model Inversion Attack requires awareness of model structure and outputs which the attacker uses to associate inputs and outputs. Through an iterative process, the attacker cumulatively reconstructs original input data. These attacks have the potential to reveal to sensitive training data^[1].

INTERACTIONS [VETs]:

Examples:

Use Case Example(s):
Fredrikson et al^[2] had adversarial access to an ML model, which they abused to reveal sensitive individual genomic information. This research team developed a new class of model inversion attack that both exploited confidence values and revealed predictions.

Example(s) From The Wild:

Comments:

References:

↑ https://saturncloud.io/glossary/model-inversion-attacks/
↑ Fredrikson, M., Jha, S., & Ristenpart, T. (2015, October). Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 1322-1333). https://dl.acm.org/doi/abs/10.1145/2810103.2813677

[1] ttps://saturncloud.io/glossary/model-inversion-attacks/

[2] Fredrikson, M., Jha, S., & Ristenpart, T. (2015, October). Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 1322-1333). https://dl.acm.org/doi/abs/10.1145/2810103.2813677

[1]

[2]

Anonymous

Search

Model Inversion Attack

Namespaces

More

Page actions

Contents