Skip to content

Hide Navigation Hide TOC

Model Inversion (c77e4d32-875b-571f-abe3-de1b6cfc80a4)

  • In a model inversion attack, if attackers already have access to some personal data belonging to specific individuals included in the training data, they can infer further personal information about those same individuals by observing the inputs and outputs of the ML model.
  • In model inversion the private features used in machine learning models can be recovered. This includes reconstructing private training data that the attacker should not have access to. Example: an attacker recover private features used by the model through careful queries.

Threat-modeling question: Are we protected from model inversion attacks?

Cluster A Galaxy A Cluster B Galaxy B Level
Model Inversion (c77e4d32-875b-571f-abe3-de1b6cfc80a4) PLOT4ai Invert ML Model (e19c6f8a-f1e2-46cc-9387-03a3092f01ed) MITRE ATLAS Attack Pattern 1
Exfiltration via ML Inference API (b07d147f-51c8-4eb6-9a05-09c86762a9c1) MITRE ATLAS Attack Pattern Invert ML Model (e19c6f8a-f1e2-46cc-9387-03a3092f01ed) MITRE ATLAS Attack Pattern 2