arXiv:2005.12782 Abstract | arXiv Analytics

arXiv:2005.12782 [cs.LG]Abstract References Reviews Resources

A Protection against the Extraction of Neural Network Models

Published 2020-05-26Version 1

Given oracle access to a Neural Network (NN), it is possible to extract its underlying model. We here introduce a protection by adding parasitic layers which mostly keep unchanged the underlying NN while complexifying the task of reverse-engineering. Our countermeasure relies on approximating the identity mapping with a Convolutional NN. We explain why the introduction of new parasitic layers complexifies the attacks. We report experiments regarding the performance and the accuracy of the protected NN.

Categories: cs.LG, cs.CR, stat.ML

Keywords: neural network models, protection, extraction, parasitic layers complexifies, oracle access

Related articles: Most relevant | Search more

arXiv:1909.01838 [cs.LG] (Published 2019-09-03)

High-Fidelity Extraction of Neural Network Models

Matthew Jagielski, Nicholas Carlini, David Berthelot, Alex Kurakin, Nicolas Papernot

arXiv:1901.08276 [cs.LG] (Published 2019-01-24)

Traditional and Heavy-Tailed Self Regularization in Neural Network Models

Charles H. Martin, Michael W. Mahoney

arXiv:2009.10835 [cs.LG] (Published 2020-09-22)

Model-Centric and Data-Centric Aspects of Active Learning for Neural Network Models

John Daniel Bossér, Erik Sörstadius, Morteza Haghir Chehreghani