Code for the paper: Label-Only Membership Inference Attacks.
First, run training.py or your own local scripts to generated trained target and source models. Then, run attacks.py to attack the target model. These are setup as an example in pipelines.py