art.attacks.inference.reconstruction¶
Module providing model inversion attacks.
Database Reconstruction¶
-
class
art.attacks.inference.reconstruction.DatabaseReconstruction(estimator)¶ Implementation of a database reconstruction attack. In this case, the adversary is assumed to have in his/her possession a model trained on a dataset, and all but one row of that training dataset. This attack attempts to reconstruct the missing row.
-
__init__(estimator)¶ Create a DatabaseReconstruction instance.
- Parameters
estimator – Trained target estimator.
-
static
objective(x, y, x_train, y_train, private_estimator, parent_model, params)¶ Objective function which we seek to minimise
-
reconstruct(x: numpy.ndarray, y: Optional[numpy.ndarray] = None, **kwargs) → Tuple[numpy.ndarray, numpy.ndarray]¶ Infer the missing row from x, y with which estimator was trained with.
- Return type
Tuple- Parameters
x (
ndarray) – Known records of the training set of estimator.y – Known labels of the training set of estimator.
-