`art.attacks.inference.reconstruction`¶

Module providing model inversion attacks.

Database Reconstruction¶

class art.attacks.inference.reconstruction.DatabaseReconstruction(estimator)¶

Implementation of a database reconstruction attack. In this case, the adversary is assumed to have in his/her possession a model trained on a dataset, and all but one row of that training dataset. This attack attempts to reconstruct the missing row.

__init__(estimator)¶

Create a DatabaseReconstruction instance.

Parameters: estimator – Trained target estimator.

static objective(x, y, x_train, y_train, private_estimator, parent_model, params)¶: Objective function which we seek to minimise

reconstruct(x: ndarray, y: Optional[ndarray] = None, **kwargs) → Tuple[ndarray, ndarray]¶

Infer the missing row from x, y with which estimator was trained with.

Return type

Tuple

Parameters

x (ndarray) – Known records of the training set of estimator.
y – Known labels of the training set of estimator.

art.attacks.inference.reconstruction¶

Database Reconstruction¶

`art.attacks.inference.reconstruction`¶