tapas.threat_models.attacker_knowledge
This file implements common examples of attacker knowledge of both the private dataset and the generator. This specifies elements (2.) and (3.) of threat models (see .base_classes.py).
Knowledge of the data is represented by AttackerKnowledgeOnData objects, which defines methods to sample training and testing datasets.
Knowledge of the generator is represented by AttackerKnowledgeOnGenerator objects, which is primarily a wrapper of generator.__call__ with a given number of synthetic records, but can be extended to more.
Classes
Abstract base class that represents the knowledge that attackers have on real datasets, in the form of a prior from which they can sample training datasets for the attack. |
|
Abstract base class that represents the knowledge that attachers have on the generator used to produce the synthetic datasets. |
|
Abstract base class that builds on AttackerKnowledgeOnData that adds the functionality of labeling the datasets. |
|
|
This attacker knowledge assumes access to some auxiliary dataset from which training datasets are sampled, as random subset of this auxiliary data. |
|
The attacker has access to the generator method with access to the generator has an exact black-box. |
|
Also called worst-case attack, this assumes that the attacker knows the exact dataset used to generate |
|
Label-inference Threat Model. |
|
The attacker does not have access to the generator. |
|
SilentIterator implements the interface expected of iteration trackers, but does nothing. |
|
The attacker has uncertain knowledge of the generator: they have access to the code, but not to some "parameters" of the code. |