Module mimir.attacks
Attack implementations.
Sub-modules
mimir.attacks.all_attacks-
Enum class for attacks. Also contains the base attack class.
mimir.attacks.attack_utils-
Utility functions for attacks
mimir.attacks.dc_pdd-
DC-PDD Attack: https://aclanthology.org/2024.emnlp-main.300/ Based on the official implementation: https://github.com/zhang-wei-chao/DC-PDD
mimir.attacks.gradnorm-
Gradient-norm attack. Proposed for MIA in multiple settings, and particularly experimented for pre-training data and LLMs in …
mimir.attacks.loss-
Straight-forward LOSS attack, as described in https://ieeexplore.ieee.org/abstract/document/8429311
mimir.attacks.min_k-
Min-k % Prob Attack: https://arxiv.org/pdf/2310.16789.pdf
mimir.attacks.min_k_plus_plus-
Min-K%++ Attack: https://github.com/zjysteven/mink-plus-plus
mimir.attacks.neighborhood-
Neighborhood-MIA attack https://arxiv.org/pdf/2305.18462.pdf
mimir.attacks.quantile-
Implementation of the attack proposed in 'Scalable Membership Inference Attacks via Quantile Regression' https://arxiv.org/pdf/2307.03694.pdf
mimir.attacks.recall-
ReCaLL Attack: https://github.com/ruoyuxie/recall/
mimir.attacks.reference-
Reference-based attacks.
mimir.attacks.utilsmimir.attacks.zlib-
zlib-normalization Attack: https://www.usenix.org/system/files/sec21-carlini-extracting.pdf