6 缓解推理攻击的措施 ...................................................................................................................................... 19 6.1 简介 .......................................................................................................................................................... 19 6.2 缓解逃避攻击 ............................................................................................................................................ 20 6.2.1 概述 ...................................................................................................................................................... 20 6.2.2 模型增强缓解逃避攻击的措施 ............................................................................................................. 20 6.2.3 与模型无关的缓解逃避攻击的措施 ............................................................................................. 23 6.3 缓解模型窃取 ............................................................................................................................................. 24 6.3.1 概述 ...................................................................................................................................................... 24 6.3.2 模型增强缓解模型窃取的措施 ............................................................................................................. 25 6.3.3 与模型无关的缓解模型窃取的措施 ................................................................................................ 26 6.4缓解数据提取 ................................................................................................................................................ 27 6.4.1 概述 .................................................................................................................................................... 27 6.4.2 针对数据提取的模型增强缓解措施 ................................................................................................ 27 6.4.3 与模型无关的数据提取缓解措施 ................................................................................................ 28