Autoencoder defence #10
Description
Assuming the hypothesis that a smaller intermediate tensor makes the attack more difficult, develop a PoC for using an autoencoder to generate a small intermediate tensor. The training process would be:
- Train an autoencoder (should be performed by data holder, otherwise server still can invert the autoencoder as well)
- Train the encoder + server model on the proper task