Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor | Department of Electrical and Electronic Engineering | en_US |
| dc.contributor.advisor | Hu, Haibo (EEE) | en_US |
| dc.creator | Wu, Ming | - |
| dc.identifier.uri | https://theses.lib.polyu.edu.hk/handle/200/13916 | - |
| dc.language | English | en_US |
| dc.publisher | Hong Kong Polytechnic University | en_US |
| dc.rights | All rights reserved | en_US |
| dc.title | Image restoration attack and defense based StyleGAN | en_US |
| dcterms.abstract | Model Inversion Attack (MIA) is a privacy-invasion technique against some machine learning models where the data used in training the model can be reversed by reading the output of the model. By using MIA, the data leakage during the model training process can be a huge problem. The Image Restoration Attack (IRA) is a subclass of the MIA that focuses on image recovery. Among the high-resolution inversion attacks that currently exist, Model InveRsion for deep leaRning NetwORk (MIRROR) is the state-of-the-art. This paper proposes three different approaches based on MIRROR in order to optimize its effectiveness: 1. Guiding the mutation process of genetic algorithm using gradient estimation to optimize its searching efficiency. 2. Using Gaussian Mixture Models (GMM) to improve the quality of input samples during distribution clipping. 3. Using ensemble attack to optimize the output of the target model and multiple proxy models simultaneously to ensure its attack effect on different models. In addition to this, this paper proposes two possible defenses against MIA: 1. Limit the frequency of user queries to limit the rate at which an attacker can collect model information. 2. Analyze user query patterns and eliminate attacks by disabling abnormal access. | en_US |
| dcterms.extent | 1 volume (unpaged) : color illustrations | en_US |
| dcterms.isPartOf | PolyU Electronic Theses | en_US |
| dcterms.issued | 2025 | en_US |
| dcterms.educationalLevel | M.Sc. | en_US |
| dcterms.educationalLevel | All Master | en_US |
| dcterms.accessRights | restricted access | en_US |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 8324.pdf | For All Users (off-campus access for PolyU Staff & Students only) | 1.84 MB | Adobe PDF | View/Open |
Copyright Undertaking
As a bona fide Library user, I declare that:
- I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
- I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
- I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.
By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.
Please use this identifier to cite or link to this item:
https://theses.lib.polyu.edu.hk/handle/200/13916