检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Wenbin YANG Xueluan GONG Yanjiao CHEN Qian WANG Jianshuo DONG
机构地区:[1]School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China [2]School of Computer Science,Wuhan University,Wuhan 430072,China [3]College of Electrical Engineering,Zhejiang University,Hangzhou 310058,China
出 处:《Chinese Journal of Electronics》2024年第1期90-100,共11页电子学报(英文版)
基 金:partially supported by the National Key R&D Program of China(Grant No.2020AAA0107701);the NSFC(Grant No.U20B2049 and U21B2018)。
摘 要:With the rise of artificial intelligence and cloud computing,machine-learning-as-a-service platforms,such as Google,Amazon,and IBM,have emerged to provide sophisticated tasks for cloud applications.These proprietary models are vulnerable to model extraction attacks due to their commercial value.In this paper,we propose a time-efficient model extraction attack framework called Swift Theft that aims to steal the functionality of cloud-based deep neural network models.We distinguish Swift Theft from the existing works with a novel distribution estimation algorithm and reference model settings,finding the most informative query samples without querying the victim model.The selected query samples can be applied to various cloud models with a one-time selection.We evaluate our proposed method through extensive experiments on three victim models and six datasets,with up to 16 models for each dataset.Compared to the existing attacks,Swift Theft increases agreement(i.e.,similarity)by 8%while consuming 98%less selecting time.
关 键 词:Artificial intelligence security Model extraction attacks Deep neural networks
分 类 号:TP183[自动化与计算机技术—控制理论与控制工程] TP391.41[自动化与计算机技术—控制科学与工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.170