This repository was archived by the owner on Sep 5, 2025. It is now read-only.
Add proof of concept for model inversion attack#71
Merged
suhacker1 merged 84 commits intotrailofbits:masterfrom Nov 26, 2021
Merged
Add proof of concept for model inversion attack#71suhacker1 merged 84 commits intotrailofbits:masterfrom
suhacker1 merged 84 commits intotrailofbits:masterfrom
Conversation
…nt for input validation
suhacker1
approved these changes
Nov 26, 2021
diegom4riano
pushed a commit
to diegom4riano/PrivacyRaven
that referenced
this pull request
May 20, 2025
* Add barebones examples * Update examples * Keep fork up to date * Bump PL version for more metric functions * Create example with new model and enable custom Trainer args * Comment more * Replace examples with new classifier * Update documentation * Update tests with new MNIST model * Replace classifier in synthesis tests * Remove redundant space * Resolve linting issues * Attempt to fix copycat test errors * Remove test deadlines and failing assertion * Resolve linting errors * Update examples * Keep fork up to date * Update examples * Update examples * Final examples * Remove create_model.py * Remove create_model.py from README.md * Update all examples * Test support for python3.6 * Updated PrivacyRaven tests and added docker support * Update Dockerfile to reflect directory changes * Update directory structure * Update directory structure * Remove backups * Update noxfile * Remove noxfile backup * Update README.md * Add Dockerfile and build script * Update examples and requirements * Update examples to resolve GPU issues on colab * Update comments * Update example code * Change default arg for gpus * Update formatting to pass linting * Update README.md * Update PoC for Model Inversion * Update inversion files * Update core inversion * Update rest of files * Fix typo * Update core files * Update inversion * Add inversion model * Update core inversion * Update inversion files * Update inversion * Update core inversion * Further update inversion * Update inversion * Update inversion * Add inversion model * Update inversion files * Temp fix cuda errors * add current inversion changes * Finally fix GPU bug * Allow inversion model to be customized * Fix syntax error * Remove unnecessary params * Remove duplicate argument * Update inversion files, add better plotting * Improve proof of concept * Improve proof of concept * Further update PoC * Add more inversion results * Fix failing examples * Clean up debug info * Fix merge conflicts, add softmax to four_layer_classifier.py to account for input validation * Fix merge conflicts Co-authored-by: Suha S. Hussain <suhashussain1@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This proof of concept represents a minimally working model inversion attack on a classifier trained on the MNIST dataset. Work needs to be done to convert this PoC into a generalize API.