Reconstructing Network Inputs with Additive Perturbation Signatures
share
In this work, we present preliminary results demonstrating the ability to recover a significant amount of information about secret model inputs given only very limited access to model outputs and the ability evaluate the model on additive perturbations to the input.
READ FULL TEXT