Model Extraction Attack

Model extraction attacks aim to steal the functionality of machine learning models by querying their predictions, effectively replicating the model without access to its training data or internal parameters. Current research focuses on developing more efficient attack methods, particularly for large language models and object detectors, often employing techniques like knowledge distillation, active learning, and exploiting counterfactual explanations. This area is crucial for securing machine learning as a service platforms and protecting intellectual property, driving ongoing efforts to develop robust defenses such as watermarking and query unlearning.

Papers

May 13, 2022

DualCF: Efficient Model Extraction Attack from Counterfactual Explanations
Yongjie Wang, Hangwei Qian, Chunyan Miao
Counterfactual Explanation Model Extraction Attack Cloud Detection

February 27, 2022

Split HE: Fast Secure Inference Combining Split Learning and Homomorphic Encryption
George-Liviu Pereteanu, Amir Alansary, Jonathan Passerat-Palmbach
Neural Network Homomorphic Encryption Split Learning Membership Inference Model Extraction Attack Learning Benchmark Secure Inference

February 25, 2022

On the Effectiveness of Dataset Watermarking in Adversarial Settings
Buse Gul Atli Tekgul, N. Asokan
Model Extraction Attack Adversarial Setting Model Watermarking Dataset Watermarking

February 17, 2022

Fingerprinting Deep Neural Networks Globally via Universal Adversarial Perturbations
Zirui Peng, Shaofeng Li, Guoxing Chen, Cheng Zhang, Haojin Zhu, Minhui Xue
DNN Model Model Extraction Attack Intellectual Property Protection Suspect Model DNN Fingerprint Removal Attack

January 23, 2022

Increasing the Cost of Model Extraction with Calibrated Proof of Work
Adam Dziedzic, Muhammad Ahmad Kaleem, Yu Shen Lu, Nicolas Papernot
Differential Privacy Hidden CoST Model Extraction Attack Model Extraction Model Stealing Proof Checker Malicious Query

November 8, 2021