From 49c23211871b65a31e0de7e91877de4507cda8fc Mon Sep 17 00:00:00 2001
From: Naruse Shiroha <zcysky@126.com>
Date: Mon, 25 Jul 2022 01:32:08 +0800
Subject: [PATCH] update readme

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index 162e9ab..bc98c7a 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,9 @@ CVPR 2020 - The Secret Revealer: Generative Model-Inversion Attacks Against Deep
 APSIPA ASC 2020 - Deep Face Recognizer Privacy Attack: Model Inversion Initialization by a Deep Generative Adversarial Data Space Discriminator.
 [[paper]](https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=9306253&casa_token=AWugOvIe0I0AAAAA:9wICCkMcfoljMqooM-lgl8m-6F6-cEl-ClHgNkE1SV8mZwqvBIaJ1HDjT1RWLyBz_P7tdB51jQVL&tag=1)
 
+CVPE 2021 - See through gradients: Image batch recovery via gradinversion
+[[paper]](http://openaccess.thecvf.com/content/CVPR2021/papers/Yin_See_Through_Gradients_Image_Batch_Recovery_via_GradInversion_CVPR_2021_paper.pdf)
+
 NeurIPS 2021 - Variational Model Inversion Attacks.
 [[paper]](https://proceedings.neurips.cc/paper/2021/file/50a074e6a8da4662ae0a29edde722179-Paper.pdf)
 [[code]](https://github.com/wangkua1/vmi)
@@ -129,6 +132,11 @@ Arxiv 2022 - Degree-Preserving Randomized Response for Graph Neural Networks und
 Arxiv 2022 - Private Graph Extraction via Feature Explanations.
 [[paper]](https://arxiv.org/pdf/2206.14724.pdf)
 
+### NLP domain
+
+USENIX Security 2021 - Extracting training data from large language models.
+[[paper]](https://www.usenix.org/system/files/sec21-carlini-extracting.pdf)
+
 ### Tools
 [AIJack](https://github.com/Koukyosyumei/AIJack): Implementation of algorithms for AI security.