Guides on Attacks Implementation

Written on 03.06.2020 17:53 by Min Chen

Dear all,


As we mentioned in the seminar, you need to implement three attacks during the seminar, which are Membership Inference Attack, Model Inversion Attack, and Model Stealing Attack(a.k.a Model Extraction Attack).


In the first phase, to simplify your tasks and quickly build background knowledge, we have some guides as follows:

  1. You should use a simple convolutional neural network as the basic model for all the three attacks, please refer to the PyTorch tutorial
  2. We mainly focus on image data and we suggest using the following three datasets: CIFAR10, MNIST, and Fashion-MNIST. You could load the dataset with the python torchvision package, refer to
  3. As to the membership inference attack, you only need to implement the "attack one" in the paper titled "ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models".
  4. As to the model inversion attack, you only need to implement the basic model inversion attack in Algorithm 1, refer to the paper titled "Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures".
  5. We will give more information about implementing the model stealing attack next week. You could refer to the paper titled "Stealing Machine Learning Models via Prediction APIs" for some detail in advance.


Besides, here is the group information we received so far. I hope no one is missed. :)


Julian Augustin,

Mahmoud Fawzi,

Omar Mansour,

Gayathri Vijayan


Yu De Lin,

Vikram Vashisth,

David Ahmed,

Mejbah Uddin Shameem,


Dominik Sautter

Zubayr Khalid

Maximilian Zöllner

Jan Cloos


Dominik Kempter, 

Muhammad Hassan Rashid, 

Leonard Zitzmann,

Barno Kaharova,


Rui Wen,

Yugeng Liu,

Yongqing Wang,

Julian Jacques Maurer

Benjamin Hollinger

Hasan Md Tusfiqur Alam

Filip Josheski

Rayhanul Islam Rumel


Tajbeed Ahmed Chowdhury

Mohammed Raihan Hussain

Thomas Boisvert-Bilodeau

Niraj Premji Sorathiya




Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.