On Reconstructing Training Data From Bayesian Posteriors and Trained Models

Jul-25-2025–arXiv.org Machine Learning

Publicly releasing the specification of a model with its trained parameters means an adversary can attempt to reconstruct information about the training data via training data reconstruction attacks, a major vulnerability of modern machine learning methods. This paper makes three primary contributions: establishing a mathematical framework to express the problem, characterising the features of the training data that are vulnerable via a maximum mean discrepancy equivalance and outlining a score matching framework for reconstructing data in both Bayesian and non-Bayesian models, the former is a first in the literature.

artificial intelligence, machine learning, training data, (17 more...)

arXiv.org Machine Learning

Jul-25-2025

arXiv.org PDF

Add feedback

Country:
- Asia > Middle East
  - Israel (0.04)
- Europe > United Kingdom
  - England > Cambridgeshire > Cambridge (0.04)
- North America > United States (0.04)

Genre:
- Research Report (0.64)

Industry:
- Information Technology > Security & Privacy (0.67)

Technology:
- Information Technology > Artificial Intelligence
  - Machine Learning > Learning Graphical Models
    - Directed Networks > Bayesian Learning (0.35)
  - Representation & Reasoning > Uncertainty
    - Bayesian Inference (0.49)