Model Extraction Attack

Model extraction attacks aim to steal the functionality of machine learning models by querying their predictions, effectively replicating the model without access to its training data or internal parameters. Current research focuses on developing more efficient attack methods, particularly for large language models and object detectors, often employing techniques like knowledge distillation, active learning, and exploiting counterfactual explanations. This area is crucial for securing machine learning as a service platforms and protecting intellectual property, driving ongoing efforts to develop robust defenses such as watermarking and query unlearning.

Papers

September 4, 2024

Alignment-Aware Model Extraction Attacks on Large Language Models
Zi Liang, Qingqing Ye, Yanyun Wang, Sen Zhang, Yaxin Xiao, Ronghua Li, Jianliang Xu, Haibo Hu
Domain Knowledge Model Extraction Attack

July 1, 2024

QUEEN: Query Unlearning against Model Extraction
Huajie Chen, Tianqing Zhu, Lefeng Zhang, Bo Liu, Derui Wang, Wanlei Zhou, Minhui Xue
Query Information Sensitive Data Model Extraction Attack Model Watermarking Model Extraction Query Enhanced Network

June 14, 2024

Beyond Slow Signs in High-fidelity Model Extraction
Hanna Foerster, Robert Mullins, Ilia Shumailov, Jamie Hayes
Hidden Layer Model Extraction Attack Reverse Engineering Model Extraction Early Stage Parameter Space Reconstruction

May 29, 2024

Watermarking Counterfactual Explanations
Hangzhi Guo, Firdaus Ahmed Choudhury, Tinghua Chen, Amulya Yadav
Agnostic Watermarking Model Extraction Attack

May 8, 2024

Model Reconstruction Using Counterfactual Explanations: A Perspective From Polytope Theory
Pasan Dissanayake, Sanghamitra Dutta
Counterfactual Explanation High Quality Counterfactuals Model Extraction Attack Boundary Attack

April 28, 2024

Learnable Linguistic Watermarks for Tracing Model Extraction Attacks on Large Language Models
Minhao Bai, Kaiyi Pang, Yongfeng Huang
Watermarking Method Model Extraction Attack

April 4, 2024

Knowledge Distillation-Based Model Extraction Attack using GAN-based Private Counterfactual Explanations
Fatima Ezzeddine, Omran Ayoub, Silvia Giordano
Differential Privacy Explainable AI Knowledge Based XAI Method Model Explanation Model Extraction Attack

March 15, 2024

Not Just Change the Labels, Learn the Features: Watermarking Deep Neural Networks with Multi-View Data
Yuxuan Li, Sarthak Kumar Maharana, Yunhui Guo
Neural Network Multi View Feature Wise Watermarking Method Label Information Model Extraction Attack Novel Watermarking

March 5, 2024

Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices
Younghan Lee, Sohee Jun, Yungi Cho, Woorim Han, Hyungon Moon, Yunheung Paek
Deep Learning Model Extreme Edge Side Channel Model Extraction Attack Attack Vector Victim Model Efficient Extraction Endpoint Detection

March 3, 2024

WARDEN: Multi-Directional Backdoor Watermarks for Embedding-as-a-Service Copyright Protection
Anudeex Shetty, Yue Teng, Ke He, Qiongkai Xu
Model Extraction Attack Copyright Protection Air Guardian System Backdoor Watermark Web Attack

January 26, 2024

MEA-Defender: A Robust Watermark against Model Extraction Attack
Peizhuo Lv, Hualong Ma, Kai Chen, Jiachen Zhou, Shengzhi Zhang, Ruigang Liang, Shenchen Zhu, Pan Li, Yingjun Zhang
Model Extraction Attack Robust Watermark Backdoor Watermark Multiple Defender Watermarking Loss

December 22, 2023

MEAOD: Model Extraction Attack against Object Detectors
Zeyu Li, Chenghui Shi, Yuwen Pu, Xuhong Zhang, Yu Li, Jinbao Li, Shouling Ji
Object Detector Object Detection Model Detection Model Model Extraction Attack Attack Dataset

December 17, 2023

SAME: Sample Reconstruction against Model Extraction Attacks
Yi Xie, Jie Zhang, Shiqian Zhao, Tianwei Zhang, Xiaofeng Chen
Machine Learning Deep Learning Model White Box Model Extraction Attack Active Defense Sample Reconstruction

December 8, 2023

Model Extraction Attacks Revisited
Jiacheng Liang, Ren Pang, Changjiang Li, Ting Wang
Attack Strategy Model Extraction Attack Model Extraction Machine Learning a a Service Attack Robustness Confidential Machine Learning

November 23, 2023

Security and Privacy Challenges in Deep Learning Models
Gopichandh Golla
Adversarial Attack Deep Learning Model Security Related Model Inversion Attack Model Extraction Attack Privacy Issue

November 10, 2023

Watermarking Vision-Language Pre-trained Models for Multi-modal Embedding as a Service
Yuanmin Tang, Jing Yu, Keke Gai, Xiangyan Qu, Yue Hu, Gang Xiong, Qi Wu
Full Model Watermarking Method Service Provider Vision Language Representation Model Extraction Attack Robust Watermark Modal Embeddings Verifiable Learning

October 25, 2023

Defense Against Model Extraction Attacks on Recommender Systems
Sixiao Zhang, Hongzhi Yin, Hongxu Chen, Cheng Long
Adversarial Attack Recommender System White Box Model Extraction Attack Optimal Ranking

October 21, 2023

MeaeQ: Mount Model Extraction Attacks with Efficient Queries
Chengwei Dai, Minxuan Lv, Kun Li, Wei Zhou
Natural Language Processing Zero Shot Model Extraction Attack Efficient Query

October 15, 2023

SCME: A Self-Contrastive Method for Data-free and Query-Limited Model Extraction Attack
Renyang Liu, Jinhong Zhang, Kwok-Yan Lam, Jun Zhao, Wei Zhou
Adversarial Attack Adversarial Example Model Extraction Attack Model Extraction

October 3, 2023

Beyond Labeling Oracles: What does it mean to steal ML models?
Avital Shafran, Ilia Shumailov, Murat A. Erdogdu, Nicolas Papernot
Machine Learning Model Model Extraction Attack Adversarial Objective Confidence Oracle Model Extraction Machine Learning a a Service Victim Model