{"id":"https://openalex.org/W2989885118","doi":"https://doi.org/10.1145/3359789.3359824","title":"Model inversion attacks against collaborative inference","display_name":"Model inversion attacks against collaborative inference","publication_year":2019,"publication_date":"2019-11-22","ids":{"openalex":"https://openalex.org/W2989885118","doi":"https://doi.org/10.1145/3359789.3359824","mag":"2989885118"},"language":"en","primary_location":{"id":"doi:10.1145/3359789.3359824","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3359789.3359824","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th Annual Computer Security Applications Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5052001217","display_name":"Zecheng He","orcid":"https://orcid.org/0000-0003-2639-2826"},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Zecheng He","raw_affiliation_strings":["Princeton University"],"affiliations":[{"raw_affiliation_string":"Princeton University","institution_ids":["https://openalex.org/I20089843"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101591101","display_name":"Tianwei Zhang","orcid":"https://orcid.org/0000-0001-6595-6650"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Tianwei Zhang","raw_affiliation_strings":["Nanyang Technological University"],"affiliations":[{"raw_affiliation_string":"Nanyang Technological University","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035657440","display_name":"Ruby B. Lee","orcid":"https://orcid.org/0000-0001-9497-0777"},"institutions":[{"id":"https://openalex.org/I20089843","display_name":"Princeton University","ror":"https://ror.org/00hx57361","country_code":"US","type":"education","lineage":["https://openalex.org/I20089843"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ruby B. Lee","raw_affiliation_strings":["Princeton University"],"affiliations":[{"raw_affiliation_string":"Princeton University","institution_ids":["https://openalex.org/I20089843"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5052001217"],"corresponding_institution_ids":["https://openalex.org/I20089843"],"apc_list":null,"apc_paid":null,"fwci":13.8738,"has_fulltext":false,"cited_by_count":287,"citation_normalized_percentile":{"value":0.99063666,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"148","last_page":"162"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9682000279426575,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.8431639671325684},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7821048498153687},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.7175121903419495},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.5980194807052612},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5713095664978027},{"id":"https://openalex.org/keywords/privacy-protection","display_name":"Privacy protection","score":0.5082768797874451},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5031222701072693},{"id":"https://openalex.org/keywords/inversion","display_name":"Inversion (geology)","score":0.49410107731819153},{"id":"https://openalex.org/keywords/data-modeling","display_name":"Data modeling","score":0.467457115650177},{"id":"https://openalex.org/keywords/adversarial-system","display_name":"Adversarial system","score":0.4590439200401306},{"id":"https://openalex.org/keywords/differential-privacy","display_name":"Differential privacy","score":0.4473450183868408},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4256429970264435},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3340231776237488},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.2539379596710205}],"concepts":[{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.8431639671325684},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7821048498153687},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.7175121903419495},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.5980194807052612},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5713095664978027},{"id":"https://openalex.org/C3017597292","wikidata":"https://www.wikidata.org/wiki/Q25052250","display_name":"Privacy protection","level":2,"score":0.5082768797874451},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5031222701072693},{"id":"https://openalex.org/C1893757","wikidata":"https://www.wikidata.org/wiki/Q3653001","display_name":"Inversion (geology)","level":3,"score":0.49410107731819153},{"id":"https://openalex.org/C67186912","wikidata":"https://www.wikidata.org/wiki/Q367664","display_name":"Data modeling","level":2,"score":0.467457115650177},{"id":"https://openalex.org/C37736160","wikidata":"https://www.wikidata.org/wiki/Q1801315","display_name":"Adversarial system","level":2,"score":0.4590439200401306},{"id":"https://openalex.org/C23130292","wikidata":"https://www.wikidata.org/wiki/Q5275358","display_name":"Differential privacy","level":2,"score":0.4473450183868408},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4256429970264435},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3340231776237488},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.2539379596710205},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0},{"id":"https://openalex.org/C109007969","wikidata":"https://www.wikidata.org/wiki/Q749565","display_name":"Structural basin","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3359789.3359824","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3359789.3359824","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th Annual Computer Security Applications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":48,"referenced_works":["https://openalex.org/W1442374986","https://openalex.org/W1473189865","https://openalex.org/W1488996941","https://openalex.org/W1498436455","https://openalex.org/W1533861849","https://openalex.org/W1922655562","https://openalex.org/W1994616650","https://openalex.org/W2001996312","https://openalex.org/W2031738616","https://openalex.org/W2040870580","https://openalex.org/W2051267297","https://openalex.org/W2053637704","https://openalex.org/W2103559027","https://openalex.org/W2133665775","https://openalex.org/W2141504882","https://openalex.org/W2168231600","https://openalex.org/W2461943168","https://openalex.org/W2473418344","https://openalex.org/W2535690855","https://openalex.org/W2557283755","https://openalex.org/W2591882872","https://openalex.org/W2605258629","https://openalex.org/W2757528734","https://openalex.org/W2785025328","https://openalex.org/W2789993878","https://openalex.org/W2793398195","https://openalex.org/W2794511224","https://openalex.org/W2794664194","https://openalex.org/W2795435272","https://openalex.org/W2805375573","https://openalex.org/W2809523935","https://openalex.org/W2810278044","https://openalex.org/W2897830718","https://openalex.org/W2948833786","https://openalex.org/W2949335953","https://openalex.org/W2949650786","https://openalex.org/W2951055356","https://openalex.org/W2962835266","https://openalex.org/W2962859574","https://openalex.org/W2962883027","https://openalex.org/W2963378725","https://openalex.org/W2963456518","https://openalex.org/W2964223234","https://openalex.org/W2982379618","https://openalex.org/W3104216513","https://openalex.org/W4235435541","https://openalex.org/W4289146347","https://openalex.org/W4299301436"],"related_works":["https://openalex.org/W3010781909","https://openalex.org/W4200233390","https://openalex.org/W4315705624","https://openalex.org/W3116386889","https://openalex.org/W2605443953","https://openalex.org/W4313218046","https://openalex.org/W3127289135","https://openalex.org/W4387119940","https://openalex.org/W3022534164","https://openalex.org/W3046095319"],"abstract_inverted_index":{"The":[0],"prevalence":[1],"of":[2,12],"deep":[3,39],"learning":[4],"has":[5],"drawn":[6],"attention":[7],"to":[8,36],"the":[9],"privacy":[10,16,48,53],"protection":[11],"sensitive":[13],"data.":[14,29],"Various":[15],"threats":[17],"have":[18,32],"been":[19,34],"presented,":[20],"where":[21],"an":[22],"adversary":[23],"can":[24],"steal":[25],"model":[26],"owners'":[27],"private":[28],"Meanwhile,":[30],"countermeasures":[31],"also":[33],"introduced":[35],"achieve":[37],"privacy-preserving":[38],"learning.":[40],"However,":[41],"most":[42],"studies":[43],"only":[44],"focused":[45],"on":[46],"data":[47],"during":[49,54],"training,":[50],"and":[51],"ignored":[52],"inference.":[55]},"counts_by_year":[{"year":2026,"cited_by_count":7},{"year":2025,"cited_by_count":79},{"year":2024,"cited_by_count":58},{"year":2023,"cited_by_count":47},{"year":2022,"cited_by_count":37},{"year":2021,"cited_by_count":40},{"year":2020,"cited_by_count":17},{"year":2019,"cited_by_count":2}],"updated_date":"2026-04-18T07:56:08.524223","created_date":"2025-10-10T00:00:00"}