Pseudo Label-Guided Model Inversion Attack via Conditional Generative Adversarial Network
Paper β’ 2302.09814 β’ Published
Model Inversion Attack on Tabular Data (Adult Census)
This repository contains artifacts from a white-box gradient-based model inversion attack on the Adult Census Income dataset.
Method
The attack uses a VAE-learned data manifold prior to ensure reconstructed tabular records stay realistic:
- Train MLP classifier on Adult Census (target model)
- Train VAE on same training data (data prior)
- Optimize latent codes to maximize target model confidence
- Decode through VAE to reconstruct feature vectors
Results Summary
| Metric | Class 0 (<=50K) | Class 1 (>50K) |
|---|---|---|
| Mean NN Distance | 1.63 | 1.57 |
| Feature Range Compliance | 94.5% | 76.1% |
| Membership Proxy | 63.0% | 98.5% |
| Mean Confidence | 99.4% | 99.96% |
Key Finding: The minority class (>50K) is significantly more vulnerable β 98.5% of reconstructed samples fall closer to training data than the typical training sample distance, indicating strong membership leakage.
Files
reconstructions/class_0_reconstructed.npyβ 200 reconstructed samples (class 0)reconstructions/class_1_reconstructed.npyβ 200 reconstructed samples (class 1)reconstructions/class_0_sample.csvβ 20 human-readable samplesreconstructions/class_1_sample.csvβ 20 human-readable samplesmetrics.jsonβ Full evaluation metricstarget_mlp.ptβ Trained target model weightsvae_prior.ptβ Trained VAE prior weights
Requirements
- torch, numpy, pandas, scikit-learn, scipy, matplotlib, datasets
References
- Fredrikson et al. (2015). Model Inversion Attacks. ACM CCS.
- PLG-MI (2023). arXiv:2302.09814.
Generated by ML Intern
This model repository was generated by ML Intern, an agent for machine learning research and development on the Hugging Face Hub.
- Try ML Intern: https://smolagents-ml-intern.hf.space
- Source code: https://github.com/huggingface/ml-intern
Usage
from transformers import AutoModelForCausalLM, AutoTokenizer
model_id = 'shumaket/adult-census-model-inversion'
tokenizer = AutoTokenizer.from_pretrained(model_id)
model = AutoModelForCausalLM.from_pretrained(model_id)
For non-causal architectures, replace AutoModelForCausalLM with the appropriate AutoModel class.
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support