English
Related papers

Related papers: SCME: A Self-Contrastive Method for Data-free and …

200 papers

Deep machine learning models are increasingly deployedin the wild for providing services to users. Adversaries maysteal the knowledge of these valuable models by trainingsubstitute models according to the inference results of thetargeted…

Cryptography and Security · Computer Science 2022-02-02 Chi Hong , Jiyue Huang , Lydia Y. Chen

Model extraction is a severe threat to Machine Learning-as-a-Service systems, especially through data-free approaches, where dishonest users can replicate the functionality of a black-box target model without access to realistic data.…

Machine Learning · Computer Science 2025-09-16 Dat-Thinh Nguyen , Kim-Hung Le , Nhien-An Le-Khac

This paper introduces a novel data-free model extraction attack that significantly advances the current state-of-the-art in terms of efficiency, accuracy, and effectiveness. Traditional black-box methods rely on using the victim's model as…

Cryptography and Security · Computer Science 2024-10-22 Maor Biton Dor , Yisroel Mirsky

Model extraction attacks are a kind of attacks where an adversary obtains a machine learning model whose performance is comparable with one of the victim model through queries and their results. This paper presents a novel model extraction…

Cryptography and Security · Computer Science 2021-10-01 Masataka Tasumi , Kazuki Iwahana , Naoto Yanai , Katsunari Shishido , Toshiya Shimizu , Yuji Higuchi , Ikuya Morikawa , Jun Yajima

A significant number of machine learning models are vulnerable to model extraction attacks, which focus on stealing the models by using specially curated queries against the target model. This task is well accomplished by using part of the…

Cryptography and Security · Computer Science 2023-08-11 Harshit Shah , Aravindhan G , Pavan Kulkarni , Yuvaraj Govidarajulu , Manojkumar Parmar

Model Stealing (MS) attacks allow an adversary with black-box access to a Machine Learning model to replicate its functionality, compromising the confidentiality of the model. Such attacks train a clone model by using the predictions of the…

Machine Learning · Statistics 2022-11-02 Sanjay Kariyappa , Atul Prakash , Moinuddin Qureshi

Deep models have shown their vulnerability when processing adversarial samples. As for the black-box attack, without access to the architecture and weights of the attacked model, training a substitute model for adversarial attacks has…

Computer Vision and Pattern Recognition · Computer Science 2021-04-27 Wenxuan Wang , Bangjie Yin , Taiping Yao , Li Zhang , Yanwei Fu , Shouhong Ding , Jilin Li , Feiyue Huang , Xiangyang Xue

Data-free model stealing involves replicating the functionality of a target model into a substitute model without accessing the target model's structure, parameters, or training data. The adversary can only access the target model's…

Cryptography and Security · Computer Science 2024-12-23 Gaozheng Pei , Shaojie lyu , Ke Ma , Pinci Yang , Qianqian Xu , Yingfei Sun

While deep learning models have shown significant performance across various domains, their deployment needs extensive resources and advanced computing infrastructure. As a solution, Machine Learning as a Service (MLaaS) has emerged,…

Cryptography and Security · Computer Science 2024-01-09 Yi Xie , Jie Zhang , Shiqian Zhao , Tianwei Zhang , Xiaofeng Chen

Model extraction emerges as a critical security threat with attack vectors exploiting both algorithmic and implementation-based approaches. The main goal of an attacker is to steal as much information as possible about a protected victim…

Cryptography and Security · Computer Science 2024-11-18 Kevin Hector , Pierre-Alain Moellic , Mathieu Dumont , Jean-Max Dutertre

Machine learning models are vulnerable to adversarial examples. For the black-box setting, current substitute attacks need pre-trained models to generate adversarial examples. However, pre-trained models are hard to obtain in real-world…

Cryptography and Security · Computer Science 2020-04-01 Mingyi Zhou , Jing Wu , Yipeng Liu , Shuaicheng Liu , Ce Zhu

Model extraction attacks have become serious issues for service providers using machine learning. We consider an adversarial setting to prevent model extraction under the assumption that attackers will make their best guess on the service…

Machine Learning · Computer Science 2021-03-12 Yuto Mori , Atsushi Nitanda , Akiko Takeda

Current model extraction attacks assume that the adversary has access to a surrogate dataset with characteristics similar to the proprietary data used to train the victim model. This requirement precludes the use of existing model…

Machine Learning · Computer Science 2021-04-01 Jean-Baptiste Truong , Pratyush Maini , Robert J. Walls , Nicolas Papernot

The advance of explainable artificial intelligence, which provides reasons for its predictions, is expected to accelerate the use of deep neural networks in the real world like Machine Learning as a Service (MLaaS) that returns predictions…

Cryptography and Security · Computer Science 2021-07-20 Takayuki Miura , Satoshi Hasegawa , Toshiki Shibahara

Model-based deep reinforcement learning has achieved success in various domains that require high sample efficiencies, such as Go and robotics. However, there are some remaining issues, such as planning efficient explorations to learn more…

Machine Learning · Computer Science 2021-07-06 Yao Yao , Li Xiao , Zhicheng An , Wanpeng Zhang , Dijun Luo

Generative AI technology has become increasingly integrated into our daily lives, offering powerful capabilities to enhance productivity. However, these same capabilities can be exploited by adversaries for malicious purposes. While…

Cryptography and Security · Computer Science 2025-07-17 Dayong Ye , Tianqing Zhu , Shang Wang , Bo Liu , Leo Yu Zhang , Wanlei Zhou , Yang Zhang

We investigate whether model extraction can be used to "steal" the weights of sequential recommender systems, and the potential threats posed to victims of such attacks. This type of risk has attracted attention in image and text…

Cryptography and Security · Computer Science 2021-09-06 Zhenrui Yue , Zhankui He , Huimin Zeng , Julian McAuley

Since machine learning model is often trained on a limited data set, the model is trained multiple times on the same data sample, which causes the model to memorize most of the training set data. Membership Inference Attacks (MIAs) exploit…

Machine Learning · Computer Science 2024-11-19 Depeng Chen , Xiao Liu , Jie Cui , Hong Zhong

With growing popularity, deep learning (DL) models are becoming larger-scale, and only the companies with vast training datasets and immense computing power can manage their business serving such large models. Most of those DL models are…

Artificial Intelligence · Computer Science 2024-03-06 Younghan Lee , Sohee Jun , Yungi Cho , Woorim Han , Hyungon Moon , Yunheung Paek

Due to the proliferation of malware, defenders are increasingly turning to automation and machine learning as part of the malware detection tool-chain. However, machine learning models are susceptible to adversarial attacks, requiring the…

Cryptography and Security · Computer Science 2024-01-17 Maria Rigaki , Sebastian Garcia
‹ Prev 1 2 3 10 Next ›