Model Inversion Attack: Difference between revisions
Created page with "== '''Model Inversion Attack ''' == '''Short Description:''' Attacker uses model responses to recontruct training dataset. <br> '''CAT ID:''' CAT-2023-014 <br> '''Layer:''' 7 <br> '''Operational Scale:''' Operational <br> '''Level of Maturity:''' Proof of Concept <br> '''Category:''' Exploit <br> '''Subcategory:''' <br> '''Also Known As:''' <br> == '''Description:''' == '''Brief Description:''' <br> '''Closely Related Concepts:''' <br> '''Mechanism:'..." |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 27: | Line 27: | ||
'''Multipliers:''' <br> | '''Multipliers:''' <br> | ||
'''Detailed Description:''' | '''Detailed Description:''' Model Inversion Attacks utilize a model’s outputs as a means to reconstruct original training data sets or samples, potentially revealing sensitive information. A Model Inversion Attack requires awareness of model structure and outputs which the attacker uses to associate inputs and outputs. Through an iterative process, the attacker cumulatively reconstructs original input data. These attacks have the potential to reveal to sensitive training data<ref>https://saturncloud.io/glossary/model-inversion-attacks/</ref>. | ||
<br> | |||
'''INTERACTIONS''' [VETs]: <br> | '''INTERACTIONS''' [VETs]: <br> | ||
Line 34: | Line 35: | ||
'''Use Case Example(s):''' <br> | '''Use Case Example(s):''' <br> | ||
Fredrikson et al<ref>Fredrikson, M., Jha, S., & Ristenpart, T. (2015, October). Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 1322-1333). https://dl.acm.org/doi/abs/10.1145/2810103.2813677</ref> had adversarial access to an ML model, which they abused to reveal sensitive individual genomic information. This research team developed a new class of model inversion attack that both exploited confidence values and revealed predictions. | |||
'''Example(s) From The Wild:''' <br> | '''Example(s) From The Wild:''' <br> |
Latest revision as of 03:11, 7 October 2024
Model Inversion Attack
Short Description: Attacker uses model responses to recontruct training dataset.
CAT ID: CAT-2023-014
Layer: 7
Operational Scale: Operational
Level of Maturity: Proof of Concept
Category: Exploit
Subcategory:
Also Known As:
Description:
Brief Description:
Closely Related Concepts:
Mechanism:
Multipliers:
Detailed Description: Model Inversion Attacks utilize a model’s outputs as a means to reconstruct original training data sets or samples, potentially revealing sensitive information. A Model Inversion Attack requires awareness of model structure and outputs which the attacker uses to associate inputs and outputs. Through an iterative process, the attacker cumulatively reconstructs original input data. These attacks have the potential to reveal to sensitive training data[1].
INTERACTIONS [VETs]:
Examples:
Use Case Example(s):
Fredrikson et al[2] had adversarial access to an ML model, which they abused to reveal sensitive individual genomic information. This research team developed a new class of model inversion attack that both exploited confidence values and revealed predictions.
Example(s) From The Wild:
Comments:
References:
- ↑ https://saturncloud.io/glossary/model-inversion-attacks/
- ↑ Fredrikson, M., Jha, S., & Ristenpart, T. (2015, October). Model inversion attacks that exploit confidence information and basic countermeasures. In Proceedings of the 22nd ACM SIGSAC conference on computer and communications security (pp. 1322-1333). https://dl.acm.org/doi/abs/10.1145/2810103.2813677