|
|
|
|
|
|
by croddin
1525 days ago
|
|
|
To what extent could the differences in weights between training runs/ architectures be bounded to a certain epsilon? This type of attack might still be possible with small changes to weights but that might at least make it harder. |
|
|