摘要
While(虽然) Deep Neural Networks (DNNs) have demonstrated remarkable performance in tasks related to perception(感知) and control(控制), there are still several unresolved concerns(未解决的问题) regarding the privacy of their training data(训练数据的隐私性), particularly in the context of(在……背景下) vulnerability(容易受到) to Membership Inference Attacks(成员推理攻击) (MIAs). In this paper, we explore a connection between the susceptibility to membership inference attacks(成员推理攻击的易感性) and the vulnerability to distillation-based functionality stealing attacks(基于蒸馏的功能窃取攻击的易感性). In particular, we propose GLiRA, a distillation-guided approach(蒸馏引导方法) to membership inference attack(成员推理攻击) on the black-box neural network(黑盒神经网络). We observe(观察) that the knowledge distillation(知识蒸馏) signi
)
