Model Stealing Attack

Model stealing attacks aim to replicate the functionality of a machine learning model by querying its outputs, thereby compromising intellectual property and potentially revealing sensitive training data. Current research focuses on developing and evaluating these attacks against various model architectures, including convolutional neural networks (CNNs), graph neural networks (GNNs), and quantum neural networks (QNNs), employing techniques like knowledge distillation and active learning to improve efficiency. This area is significant due to the increasing prevalence of machine learning as a service (MLaaS), highlighting the need for robust defenses to protect valuable models and prevent unauthorized replication.

Papers

May 20, 2024

Efficient Model-Stealing Attacks Against Inductive Graph Neural Networks
Marcin Podhajski, Jan Dubiński, Franziska Boenisch, Adam Dziedzic, Agnieszka Pregowska And Tomasz Michalak
Graph Neural Network High Efficiency New Attack Model Stealing Attack

March 8, 2024

Adversarial Sparse Teacher: Defense Against Distillation-Based Model Stealing Attacks Using Adversarial Examples
Eda Yilmaz, Hacer Yalim Keles
Knowledge Distillation Adversarial Example Adversarial Training Discriminative Power Model Stealing Attack

February 18, 2024

Evaluating Efficacy of Model Stealing Attacks and Defenses on Quantum Neural Networks
Satwik Kundu, Debarshi Kundu, Swaroop Ghosh
Quantum Machine Learning Quantum Computing Quantum Neural Network Obfuscation Technique Model Stealing Attack Data Obfuscation

January 29, 2024

Stolen Subwords: Importance of Vocabularies for Machine Translation Model Stealing
Vilém Zouhar
Knowledge Distillation Importance Aware NLP Model Gray Box Sub Word Model Stealing Attack Large Vocabulary

December 18, 2023

December 10, 2023

Data-Free Hard-Label Robustness Stealing Attack
Xiaojian Yuan, Kejiang Chen, Wen Huang, Jie Zhang, Weiming Zhang, Nenghai Yu
Native Robustness Adversarial Training Model Robustness Model Stealing Attack Hard Label Attack

November 8, 2023

Army of Thieves: Enhancing Black-Box Model Extraction via Ensemble based sample selection
Akshit Jindal, Vikram Goyal, Saket Anand, Chetan Arora
Diverse Ensemble Attack Strategy Sample Selection Military Application Model Stealing Attack Model Stealing

September 29, 2023

Towards Few-Call Model Stealing via Active Self-Paced Knowledge Distillation and Diffusion-Based Image Generation
Vlad Hondru, Radu Tudor Ionescu
Diffusion Model Synthetic Data Image Generation Black Box Model Model Stealing Attack Model Stealing

September 4, 2023

Efficient Defense Against Model Stealing Attacks on Convolutional Neural Networks
Kacem Khaled, Mouna Dhaouadi, Felipe Gohring de Magalhães, Gabriela Nicolescu
Convolutional Neural Network Deep Learning Model State of the Art Defense Defense Method Model Stealing Attack

August 2, 2023

Isolation and Induction: Training Robust Deep Neural Networks against Model Stealing Attacks
Jun Guo, Aishan Liu, Xingyu Zheng, Siyuan Liang, Yisong Xiao, Yichao Wu, Xianglong Liu
Robust Deep Inference Time Model Stealing Attack Social Isolation Automatic Induction Defense Model

May 23, 2023

Model Stealing Attack against Multi-Exit Networks
Li Pan, Lv Peizhuo, Chen Kai, Cai Yuling, Xiang Fan, Zhang Shengzhi
Model Stealing Attack Multi Exit

April 23, 2023

QuMoS: A Framework for Preserving Security of Quantum Machine Learning Model
Zhepeng Wang, Jinyang Li, Zhirui Hu, Blake Gage, Elizabeth Iwasawa, Weiwen Jiang
New Framework Quantum Machine Learning Quantum Computing Quantum Computer Quantum Machine Learning Model Model Stealing Attack

February 23, 2023

A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots
Boyang Zhang, Xinlei He, Yun Shen, Tianhao Wang, Yang Zhang
Adversarial Example Word List Adaptive Attack Story Plot Model Stealing Attack Attack Model Shadow Model Target Model

November 24, 2022

DeepTaster: Adversarial Perturbation-Based Fingerprinting to Identify Proprietary Dataset Use in Deep Neural Networks
Seonhye Park, Alsharif Abuadbba, Shuo Wang, Kristen Moore, Yansong Gao, Hyoungshick Kim, Surya Nepal
Deep Neural Network Adversarial Image Model Stealing Attack DNN Fingerprint Removal Attack

June 28, 2022

How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection
Mantas Mazeika, Bo Li, David Forsyth
Adversary Agent Model Stealing Attack Surrogate Neural Network Computational Overhead Prior Defense

June 16, 2022

I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences
Daryna Oliynyk, Rudolf Mayer, Andreas Rauber
Timely Survey Attack Strategy Model Stealing Attack Complex Machine Learning Model Stealing Machine Learning a a Service

May 30, 2022

White-box Membership Attack Against Machine Learning Based Retinopathy Classification
Mounia Hamidouche, Reda Bellafqira, Gwenolé Quellec, Gouenou Coatrieux
Machine Learning Machine Learning Model Membership Inference Attack Diabetic Retinopathy Model Stealing Attack Box Membership Inference Attack

March 21, 2022

PublicCheck: Public Integrity Verification for Services of Run-time Deep Models
Shuo Wang, Sharif Abuadbba, Sidharth Agarwal, Kristen Moore, Ruoxi Sun, Minhui Xue, Surya Nepal, Seyit Camtepe, Salil Kanhere
Model Compression Service Provider Model Stealing Attack Integrity Verification

January 31, 2022

MEGA: Model Stealing via Collaborative Generator-Substitute Networks
Chi Hong, Jiyue Huang, Lydia Y. Chen
Adversarial Attack Model Stealing Attack Model Stealing Alignment Distillation Data Free Black Box Attack

Model Stealing Attack

Papers

Efficient Model-Stealing Attacks Against Inductive Graph Neural Networks

Adversarial Sparse Teacher: Defense Against Distillation-Based Model Stealing Attacks Using Adversarial Examples

Evaluating Efficacy of Model Stealing Attacks and Defenses on Quantum Neural Networks

Stolen Subwords: Importance of Vocabularies for Machine Translation Model Stealing

Model Stealing Attack against Graph Classification with Authenticity, Uncertainty and Diversity

Model Stealing Attack against Recommender System

Data-Free Hard-Label Robustness Stealing Attack

Army of Thieves: Enhancing Black-Box Model Extraction via Ensemble based sample selection

Towards Few-Call Model Stealing via Active Self-Paced Knowledge Distillation and Diffusion-Based Image Generation

Efficient Defense Against Model Stealing Attacks on Convolutional Neural Networks

Isolation and Induction: Training Robust Deep Neural Networks against Model Stealing Attacks

Model Stealing Attack against Multi-Exit Networks

QuMoS: A Framework for Preserving Security of Quantum Machine Learning Model

A Plot is Worth a Thousand Words: Model Information Stealing Attacks via Scientific Plots

DeepTaster: Adversarial Perturbation-Based Fingerprinting to Identify Proprietary Dataset Use in Deep Neural Networks

How to Steer Your Adversary: Targeted and Efficient Model Stealing Defenses with Gradient Redirection

I Know What You Trained Last Summer: A Survey on Stealing Machine Learning Models and Defences

White-box Membership Attack Against Machine Learning Based Retinopathy Classification

PublicCheck: Public Integrity Verification for Services of Run-time Deep Models

MEGA: Model Stealing via Collaborative Generator-Substitute Networks