English
Related papers

Related papers: MAZE: Data-Free Model Stealing Attack Using Zeroth…

200 papers

The advance of explainable artificial intelligence, which provides reasons for its predictions, is expected to accelerate the use of deep neural networks in the real world like Machine Learning as a Service (MLaaS) that returns predictions…

Cryptography and Security · Computer Science 2021-07-20 Takayuki Miura , Satoshi Hasegawa , Toshiki Shibahara

Deep machine learning models are increasingly deployedin the wild for providing services to users. Adversaries maysteal the knowledge of these valuable models by trainingsubstitute models according to the inference results of thetargeted…

Cryptography and Security · Computer Science 2022-02-02 Chi Hong , Jiyue Huang , Lydia Y. Chen

A significant number of machine learning models are vulnerable to model extraction attacks, which focus on stealing the models by using specially curated queries against the target model. This task is well accomplished by using part of the…

Cryptography and Security · Computer Science 2023-08-11 Harshit Shah , Aravindhan G , Pavan Kulkarni , Yuvaraj Govidarajulu , Manojkumar Parmar

Model stealing attack is increasingly threatening the confidentiality of machine learning models deployed in the cloud. Recent studies reveal that adversaries can exploit data synthesis techniques to steal machine learning models even in…

Cryptography and Security · Computer Science 2025-03-25 Yunfei Yang , Xiaojun Chen , Yuexin Xuan , Zhendong Zhao

The success of deep learning in medical imaging applications has led several companies to deploy proprietary models in diagnostic workflows, offering monetized services. Even though model weights are hidden to protect the intellectual…

Image and Video Processing · Electrical Eng. & Systems 2025-06-25 Ankita Raj , Harsh Swaika , Deepankar Varma , Chetan Arora

Data-free model stealing involves replicating the functionality of a target model into a substitute model without accessing the target model's structure, parameters, or training data. The adversary can only access the target model's…

Cryptography and Security · Computer Science 2024-12-23 Gaozheng Pei , Shaojie lyu , Ke Ma , Pinci Yang , Qianqian Xu , Yingfei Sun

Previous studies have revealed that artificial intelligence (AI) systems are vulnerable to adversarial attacks. Among them, model extraction attacks fool the target model by generating adversarial examples on a substitute model. The core of…

Computer Vision and Pattern Recognition · Computer Science 2023-10-17 Renyang Liu , Jinhong Zhang , Kwok-Yan Lam , Jun Zhao , Wei Zhou

Machine Learning (ML) models become vulnerable to Model Stealing Attacks (MSA) when they are deployed as a service. In such attacks, the deployed model is queried repeatedly to build a labelled dataset. This dataset allows the attacker to…

Machine Learning · Computer Science 2023-11-09 Akshit Jindal , Vikram Goyal , Saket Anand , Chetan Arora

Machine learning models deployed as a service (MLaaS) are susceptible to model stealing attacks, where an adversary attempts to steal the model within a restricted access framework. While existing attacks demonstrate near-perfect…

Cryptography and Security · Computer Science 2022-04-26 Sunandini Sanyal , Sravanti Addepalli , R. Venkatesh Babu

Model stealing (MS) involves querying and observing the output of a machine learning model to steal its capabilities. The quality of queried data is crucial, yet obtaining a large amount of real data for MS is often challenging. Recent…

Computer Vision and Pattern Recognition · Computer Science 2024-06-28 Yunlong Zhao , Xiaoheng Deng , Yijing Liu , Xinjun Pei , Jiazhi Xia , Wei Chen

Deep Neural Networks (DNNs) are susceptible to model stealing attacks, which allows a data-limited adversary with no knowledge of the training dataset to clone the functionality of a target model, just by using black-box query access. Such…

Machine Learning · Statistics 2019-11-19 Sanjay Kariyappa , Moinuddin K Qureshi

Model inversion attacks involve reconstructing the training data of a target model, which raises serious privacy concerns for machine learning models. However, these attacks, especially learning-based methods, are likely to suffer from low…

Cryptography and Security · Computer Science 2023-06-27 Shuai Zhou , Tianqing Zhu , Dayong Ye , Xin Yu , Wanlei Zhou

Deep models have shown their vulnerability when processing adversarial samples. As for the black-box attack, without access to the architecture and weights of the attacked model, training a substitute model for adversarial attacks has…

Computer Vision and Pattern Recognition · Computer Science 2021-04-27 Wenxuan Wang , Bangjie Yin , Taiping Yao , Li Zhang , Yanwei Fu , Shouhong Ding , Jilin Li , Feiyue Huang , Xiangyang Xue

Machine learning models are vulnerable to adversarial examples. For the black-box setting, current substitute attacks need pre-trained models to generate adversarial examples. However, pre-trained models are hard to obtain in real-world…

Cryptography and Security · Computer Science 2020-04-01 Mingyi Zhou , Jing Wu , Yipeng Liu , Shuaicheng Liu , Ce Zhu

Recent research demonstrates that GNNs are vulnerable to the model stealing attack, a nefarious endeavor geared towards duplicating the target model via query permissions. However, they mainly focus on node classification tasks, neglecting…

Machine Learning · Computer Science 2024-08-21 Zhihao Zhu , Chenwang Wu , Rui Fan , Yi Yang , Zhen Wang , Defu Lian , Enhong Chen

The rise of Machine Learning as a Service (MLaaS) has led to the widespread deployment of machine learning models trained on diverse datasets. These models are employed for predictive services through APIs, raising concerns about the…

Cryptography and Security · Computer Science 2024-03-28 Mahendra Gurve , Sankar Behera , Satyadev Ahlawat , Yamuna Prasad

Model extraction is a severe threat to Machine Learning-as-a-Service systems, especially through data-free approaches, where dishonest users can replicate the functionality of a black-box target model without access to realistic data.…

Machine Learning · Computer Science 2025-09-16 Dat-Thinh Nguyen , Kim-Hung Le , Nhien-An Le-Khac

Machine Learning as a Service (MLaaS) is often provided as a pay-per-query, black-box system to clients. Such a black-box approach not only hinders open replication, validation, and interpretation of model results, but also makes it harder…

Cryptography and Security · Computer Science 2024-09-18 Jonathan Rosenthal , Shanchao Liang , Kevin Zhang , Lin Tan

This paper introduces a novel data-free model extraction attack that significantly advances the current state-of-the-art in terms of efficiency, accuracy, and effectiveness. Traditional black-box methods rely on using the victim's model as…

Cryptography and Security · Computer Science 2024-10-22 Maor Biton Dor , Yisroel Mirsky

The lack of adversarial robustness has been recognized as an important issue for state-of-the-art machine learning (ML) models, e.g., deep neural networks (DNNs). Thereby, robustifying ML models against adversarial attacks is now a major…

Machine Learning · Computer Science 2022-03-29 Yimeng Zhang , Yuguang Yao , Jinghan Jia , Jinfeng Yi , Mingyi Hong , Shiyu Chang , Sijia Liu
‹ Prev 1 2 3 10 Next ›