Reconstructing Network Inputs with Additive Perturbation Signatures

no code implementations • 11 Apr 2019 • Nick Moran, Chiraag Juvekar

In this work, we present preliminary results demonstrating the ability to recover a significant amount of information about secret model inputs given only very limited access to model outputs and the ability evaluate the model on additive perturbations to the input.