Invert and Defend: Model-based Approximate Inversion of Generative Adversarial Networks for Secure Inference

11/23/2019
by   Wei-An Lin, et al.
33

Inferring the latent variable generating a given test sample is a challenging problem in Generative Adversarial Networks (GANs). In this paper, we propose InvGAN - a novel framework for solving the inference problem in GANs, which involves training an encoder network capable of inverting a pre-trained generator network without access to any training data. Under mild assumptions, we theoretically show that using InvGAN, we can approximately invert the generations of any latent code of a trained GAN model. Furthermore, we empirically demonstrate the superiority of our inference scheme by quantitative and qualitative comparisons with other methods that perform a similar task. We also show the effectiveness of our framework in the problem of adversarial defenses where InvGAN can successfully be used as a projection-based defense mechanism. Additionally, we show how InvGAN can be used to implement reparameterization white-box attacks on projection-based defense mechanisms. Experimental validation on several benchmark datasets demonstrate the efficacy of our method in achieving improved performance on several white-box and black-box attacks. Our code is available at https://github.com/yogeshbalaji/InvGAN.

READ FULL TEXT

page 7

page 12

page 13

research
02/15/2018

Inverting The Generator Of A Generative Adversarial Network (II)

Generative adversarial networks (GANs) learn a deep generative model tha...
research
01/06/2021

Adversarial Robustness by Design through Analog Computing and Synthetic Gradients

We propose a new defense mechanism against adversarial attacks inspired ...
research
04/10/2023

Reinforcement Learning-Based Black-Box Model Inversion Attacks

Model inversion attacks are a type of privacy attack that reconstructs p...
research
06/06/2020

A Generic and Model-Agnostic Exemplar Synthetization Framework for Explainable AI

With the growing complexity of deep learning methods adopted in practica...
research
06/14/2023

On the Robustness of Latent Diffusion Models

Latent diffusion models achieve state-of-the-art performance on a variet...
research
07/01/2021

Reparameterized Sampling for Generative Adversarial Networks

Recently, sampling methods have been successfully applied to enhance the...
research
11/28/2020

Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs

While Generative Adversarial Networks (GANs) show increasing performance...

Please sign up or login with your details

Forgot password? Click here to reset