Summary of Distributional Black-box Model Inversion Attack with Multi-agent Reinforcement Learning, by Huan Bao et al.
Distributional Black-Box Model Inversion Attack with Multi-Agent Reinforcement Learning
by Huan Bao, Kaimin Wei, Yongdong Wu, Jin Qian, Robert H. Deng
First submitted to arxiv on: 22 Apr 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary A novel Distributional Black-Box Model Inversion (DBB-MI) attack is proposed to recover private training data from complex deep learning models. Unlike existing methods that search deterministic latent spaces, DBB-MI constructs a probabilistic latent space using multi-agent reinforcement learning techniques and the target model’s output. This approach doesn’t require access to the target model’s parameters or GAN training, making it more practical for real-world scenarios. The paper demonstrates better performance than state-of-the-art methods in terms of attack accuracy, K-nearest neighbor feature distance, and Peak Signal-to-Noise Ratio on various datasets and networks. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary A new way is found to get private information from deep learning models. This method, called DBB-MI, creates a special space where it can search for the hidden patterns in the model’s output. Unlike other methods that just look at one specific place, DBB-MI looks at many possible places and picks the best one. This makes it harder to detect and more successful in finding the private information. The researchers tested this method on different datasets and showed that it works better than other methods. |
Keywords
» Artificial intelligence » Deep learning » Gan » Latent space » Nearest neighbor » Reinforcement learning
