From c5a664e41cfcb1ace18ad2afaf785aadf3539604 Mon Sep 17 00:00:00 2001
From: HongshengHu <51736088+HongshengHu@users.noreply.github.com>
Date: Wed, 17 Mar 2021 16:03:03 +1300
Subject: [PATCH 1/2] Add more papers

Add a survey paper of membership inference attacks on machine learning.
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 2ff5434..8197fd5 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ This repository contains a curated list of papers related to privacy attacks aga
 - [**Rethinking Privacy Preserving Deep Learning: How to Evaluate and Thwart Privacy Attacks**](https://arxiv.org/abs/2006.11601) (Fan et al., 2020)
 - [**Privacy and Security Issues in Deep Learning: A Survey**](https://ieeexplore.ieee.org/abstract/document/9294026) (Liu et al., 2021)
 - [**ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models**](https://arxiv.org/abs/2102.02551) (Liu et al., 2021)
+- [**Membership Inference Attacks on Machine Learning: A Survey**](https://arxiv.org/abs/2103.07853) (Hu et al., 2021)
 
 # Privacy Testing Tools
 - [**PrivacyRaven**](https://github.com/trailofbits/PrivacyRaven) (Trail of Bits)

From fab6260304aa66dc38bcd6d2a18fc205bff8f0de Mon Sep 17 00:00:00 2001
From: MariaRigaki <mrigaki@gmail.com>
Date: Fri, 26 Mar 2021 10:34:33 +0100
Subject: [PATCH 2/2] Added an extraction paper with code

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 8761fdc..690f6a9 100644
--- a/README.md
+++ b/README.md
@@ -185,6 +185,7 @@ Reconstruction attacks cover also attacks known as *model inversion* and *attrib
 - [**Model Extraction and Defenses on Generative Adversarial Networks**](https://arxiv.org/abs/2101.02069) (Hu and Pang, 2021)
 - [**Protecting Decision Boundary of Machine Learning Model With Differentially Private Perturbation**](https://ieeexplore.ieee.org/abstract/document/9286504) (Zheng et al., 2021)
 - [**Special-Purpose Model Extraction Attacks: Stealing Coarse Model with Fewer Queries**](https://ieeexplore.ieee.org/abstract/document/9343086?casa_token=Fn4CtwOZsbQAAAAA:4n3tZGcwFochwREqn4fRWcmA9YeLRxikwB1LN8t2ui1NbRPHSHjTuoqHrSfP1vxXfecw0kobBQ) (Okada et al., 2021)
+- [**Model Extraction and Adversarial Transferability, Your BERT is Vulnerable!**](https://arxiv.org/abs/2103.10013) (He et al., 2021) ([code](https://github.com/xlhex/extract_and_transfer))
 
 
 # Other