Support feature scaling in membership black-box attack
abigailgold opened this issue · 0 comments
abigailgold commented
Membership inference black-box attack trains an attack model on both true labels and predictions or losses. At least for the rf and gb attack model types, these are simply concatenated and fed into the model. Scaling these features can help the attack model to be more accurate.
Requested solution:
Apply scaling (using different options of standard sklearn scalers) on the input features to the attack before training and inferring.