Which term describes the act of inferring sensitive attributes from a model's output?

• A. Model extraction
• B. Model inversion
• C. Model drift
• D. Model evaluation

Answer: (B)

The act of inferring sensitive attributes from a model's output is known as model inversion. This process involves an adversary utilizing the outputs of a machine learning model to infer private or sensitive information about the training data used to develop that model. For example, if a model is trained on data that includes personal attributes, an attacker might query the model and analyze its responses to reconstruct information about individual data points, revealing sensitive characteristics.

Model inversion poses a significant privacy risk, especially in situations where the model has been trained on sensitive data, such as healthcare records or financial information. It highlights the importance of implementing robust privacy-preserving techniques to safeguard the information embedded within machine learning models.

Other terms, such as model extraction, refer to the process of replicating a model's behavior or architecture without necessarily revealing sensitive data about its training set. Model drift pertains to the changes in a model's performance or accuracy over time due to underlying changes in the data it processes. Model evaluation is the assessment of a model's performance through various metrics, rather than inferring sensitive attributes.