Reconstructing Network Inputs with Additive Perturbation Signatures
arXiv:1904.05712v1
Originality Synthesis-oriented
AI Analysis
This addresses a security and privacy problem for machine learning model users, but it appears incremental as it builds on existing perturbation-based methods.
The paper tackles the problem of reconstructing secret model inputs from limited access to model outputs and the ability to evaluate additive perturbations, achieving preliminary results that recover a significant amount of information.
In this work, we present preliminary results demonstrating the ability to recover a significant amount of information about secret model inputs given only very limited access to model outputs and the ability evaluate the model on additive perturbations to the input.