English
Related papers

Related papers: Stateful Detection of Model Extraction Attacks

200 papers

Compared to traditional neural networks with a single output channel, a multi-exit network has multiple exits that allow for early outputs from the model's intermediate layers, thus significantly improving computational efficiency while…

Cryptography and Security · Computer Science 2025-03-18 Li Pan , Lv Peizhuo , Chen Kai , Zhang Shengzhi , Cai Yuling , Xiang Fan

Large language models (LLMs) can be misused to reveal sensitive information, such as weapon-making instructions or writing malware. LLM providers rely on $\emph{monitoring}$ to detect and flag unsafe behavior during inference. An open…

Cryptography and Security · Computer Science 2026-04-01 Toluwani Aremu , Daniil Ognev , Samuele Poppi , Nils Lukas

Natural language processing (NLP) tasks, ranging from text classification to text generation, have been revolutionised by the pre-trained language models, such as BERT. This allows corporations to easily build powerful APIs by encapsulating…

Computation and Language · Computer Science 2021-03-19 Xuanli He , Lingjuan Lyu , Qiongkai Xu , Lichao Sun

Security concerns about a machine learning model used in a prediction-as-a-service include the privacy of the model, the query and the result. Secure inference solutions based on homomorphic encryption (HE) and/or multiparty computation…

Cryptography and Security · Computer Science 2022-09-15 Si Chen , Junfeng Fan

The incremental diffusion of machine learning algorithms in supporting cybersecurity is creating novel defensive opportunities but also new types of risks. Multiple researches have shown that machine learning methods are vulnerable to…

Cryptography and Security · Computer Science 2021-06-18 Giovanni Apruzzese , Mauro Andreolini , Luca Ferretti , Mirco Marchetti , Michele Colajanni

On-device machine learning (ML) is quickly gaining popularity among mobile apps. It allows offline model inference while preserving user privacy. However, ML models, considered as core intellectual properties of model owners, are now stored…

Cryptography and Security · Computer Science 2021-06-16 Zhichuang Sun , Ruimin Sun , Long Lu , Alan Mislove

The accelerated development of social media websites has posed intricate security issues in cyberspace, where these sites have increasingly become victims of criminal activities including attempts to intrude into them, abnormal traffic…

Machine Learning · Computer Science 2026-01-07 Aditi Sanjay Agrawal

Many works have studied the efficacy of state machines for detecting anomalies within NetFlows. These works typically learn a model from unlabeled data and compute anomaly scores for arbitrary traces based on their likelihood of occurrence…

Machine Learning · Computer Science 2025-03-11 Clinton Cao , Agathe Blaise , Annibale Panichella , Sicco Verwer

Recently, machine learning (ML) has introduced advanced solutions to many domains. Since ML models provide business advantage to model owners, protecting intellectual property of ML models has emerged as an important consideration.…

Machine Learning · Computer Science 2020-05-28 Buse Gul Atli , Sebastian Szyller , Mika Juuti , Samuel Marchal , N. Asokan

Accessing machine learning models through remote APIs has been gaining prevalence following the recent trend of scaling up model parameters for increased performance. Even though these models exhibit remarkable ability, detecting…

Machine Learning · Computer Science 2024-08-20 Heeyoung Lee , Hoyoon Byun , Changdae Oh , JinYeong Bak , Kyungwoo Song

In this paper, we consider the problem of attack-resilient state estimation, that is to reliably estimate the true system states despite two classes of attacks: (i) attacks on the switching mechanisms and (ii) false data injection attacks…

Optimization and Control · Mathematics 2017-07-25 Sze Zheng Yong , Minghui Zhu , Emilio Frazzoli

Model-based attacks can infer training data information from deep neural network models. These attacks heavily depend on the attacker's knowledge of the application domain, e.g., using it to determine the auxiliary data for model-inversion…

Machine Learning · Computer Science 2022-12-23 Yuechun Gu , Keke Chen

In modern smart grids, the proliferation of communication-enabled distributed energy resource (DER) systems has increased the surface of possible cyber-physical attacks. Attacks originating from the distributed edge devices of DER system,…

Cryptography and Security · Computer Science 2022-10-12 Suman Sourav , Partha P. Biswas , Binbin Chen , Daisuke Mashima

Public and commercial organizations extensively share cyberthreat intelligence (CTI) to prepare systems to defend against existing and emerging cyberattacks. However, traditional CTI has primarily focused on tracking known threat indicators…

Cryptography and Security · Computer Science 2023-07-13 Md Tanvirul Alam , Dipkamal Bhusal , Youngja Park , Nidhi Rastogi

Model inversion (MI) attacks allow to reconstruct average per-class representations of a machine learning (ML) model's training data. It has been shown that in scenarios where each class corresponds to a different individual, such as face…

Sound · Computer Science 2023-01-10 Karla Pizzi , Franziska Boenisch , Ugur Sahin , Konstantin Böttinger

A large body of research has shown that machine learning models are vulnerable to membership inference (MI) attacks that violate the privacy of the participants in the training data. Most MI research focuses on the case of a single…

Machine Learning · Computer Science 2022-05-16 Matthew Jagielski , Stanley Wu , Alina Oprea , Jonathan Ullman , Roxana Geambasu

It is well established that neural networks are vulnerable to adversarial examples, which are almost imperceptible on human vision and can cause the deep models misbehave. Such phenomenon may lead to severely inestimable consequences in the…

Machine Learning · Computer Science 2020-09-09 Dengpan Ye , Chuanxi Chen , Changrui Liu , Hao Wang , Shunzhi Jiang

The emerging wide area monitoring systems (WAMS) have brought significant improvements in electric grids' situational awareness. However, the newly introduced system can potentially increase the risk of cyber-attacks, which may be disguised…

Cryptography and Security · Computer Science 2021-08-26 Gabriel Intriago , Yu Zhang

Although the security of automatic speaker verification (ASV) is seriously threatened by recently emerged adversarial attacks, there have been some countermeasures to alleviate the threat. However, many defense approaches not only require…

Audio and Speech Processing · Electrical Eng. & Systems 2025-05-08 Xing Chen , Jie Wang , Xiao-Lei Zhang , Wei-Qiang Zhang , Kunde Yang

Model stealing attacks endanger the confidentiality of machine learning models offered as a service. Although these models are kept secret, a malicious party can query a model to label data samples and train their own substitute model,…

Cryptography and Security · Computer Science 2025-09-01 Daryna Oliynyk , Rudolf Mayer , Kathrin Grosse , Andreas Rauber