Research Article
A Defense Framework for Privacy Risks in Remote Machine Learning Service
Table 3
Comparing our method with existing mitigation.
| | Defenses | Train acc. (epoch = 50) (%) | Test acc. (epoch = 50) (%) | Inference acc. (epoch = 50) (%) |
| | Min-max (CIFAR 10) | 68.6 | 62.7 | 52.9 | | Differential privacy (epsilon = 50 CIFAR 10) | 1.2 | 1 | 50.00 | | Framework-AdvGAN (distance = 23 CIFAR 10) | 78.3 | 69.7 | 51.94 |
|
|
