BODAME: Bilevel optimization for defense against model extraction
Y Mori, A Nitanda, A Takeda - arXiv preprint arXiv:2103.06797, 2021 - arxiv.org
Model extraction attacks have become serious issues for service providers using machine
learning. We consider an adversarial setting to prevent model extraction under the …
learning. We consider an adversarial setting to prevent model extraction under the …
A framework for understanding model extraction attack and defense
The privacy of machine learning models has become a significant concern in many
emerging Machine-Learning-as-a-Service applications, where prediction services based on …
emerging Machine-Learning-as-a-Service applications, where prediction services based on …
Thief, beware of what get you there: Towards understanding model extraction attack
Model extraction increasingly attracts research attentions as keeping commercial AI models
private can retain a competitive advantage. In some scenarios, AI models are trained …
private can retain a competitive advantage. In some scenarios, AI models are trained …
Dnn model extraction attacks using prediction interfaces
A Dmitrenko - 2018 - aaltodoc.aalto.fi
Machine learning (ML) and deep learning methods have become common and publicly
available, while ML security to date struggles to cope with rising threats. One rising threat is …
available, while ML security to date struggles to cope with rising threats. One rising threat is …
Defending against machine learning model stealing attacks using deceptive perturbations
Machine learning models are vulnerable to simple model stealing attacks if the adversary
can obtain output labels for chosen inputs. To protect against these attacks, it has been …
can obtain output labels for chosen inputs. To protect against these attacks, it has been …
PRADA: protecting against DNN model stealing attacks
Machine learning (ML) applications are increasingly prevalent. Protecting the confidentiality
of ML models becomes paramount for two reasons:(a) a model can be a business …
of ML models becomes paramount for two reasons:(a) a model can be a business …
The best defense is a good offense: Countering black box attacks by predicting slightly wrong labels
Y Kilcher, T Hofmann - arXiv preprint arXiv:1711.05475, 2017 - arxiv.org
Black-Box attacks on machine learning models occur when an attacker, despite having no
access to the inner workings of a model, can successfully craft an attack by means of model …
access to the inner workings of a model, can successfully craft an attack by means of model …
Data-free model extraction
Current model extraction attacks assume that the adversary has access to a surrogate
dataset with characteristics similar to the proprietary data used to train the victim model. This …
dataset with characteristics similar to the proprietary data used to train the victim model. This …
Boosting model inversion attacks with adversarial examples
Model inversion attacks involve reconstructing the training data of a target model, which
raises serious privacy concerns for machine learning models. However, these attacks …
raises serious privacy concerns for machine learning models. However, these attacks …
[PDF][PDF] Protecting model confidentiality for machine learning as a service
JB Truong - Ph. D. dissertation, 2021 - digital.wpi.edu
Current model extraction attacks assume that the adversary has access to a surrogate
dataset with characteristics similar to the proprietary data used to train the victim model. This …
dataset with characteristics similar to the proprietary data used to train the victim model. This …