SemOpenAlex |

SemOpenAlex

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4288023009> ?p ?o ?g. }

Showing items 1 to 55 of 55 with 100 items per page.

W4288023009 abstract "Deep Neural Networks (DNNs) are susceptible to model stealing attacks, which allows a data-limited adversary with no knowledge of the training dataset to clone the functionality of a target model, just by using black-box query access. Such attacks are typically carried out by querying the target model using inputs that are synthetically generated or sampled from a surrogate dataset to construct a labeled dataset. The adversary can use this labeled dataset to train a clone model, which achieves a classification accuracy comparable to that of the target model. We propose Adaptive Misinformation to defend against such model stealing attacks. We identify that all existing model stealing attacks invariably query the target model with Out-Of-Distribution (OOD) inputs. By selectively sending incorrect predictions for OOD queries, our defense substantially degrades the accuracy of the attacker's clone model (by up to 40%), while minimally impacting the accuracy (<0.5%) for benign users. Compared to existing defenses, our defense has a significantly better security vs accuracy trade-off and incurs minimal computational overhead." @default.
W4288023009 created "2022-07-26" @default.
W4288023009 creator A5060352379 @default.
W4288023009 creator A5082772077 @default.
W4288023009 date "2019-11-16" @default.
W4288023009 modified "2023-09-29" @default.
W4288023009 title "Defending Against Model Stealing Attacks with Adaptive Misinformation" @default.
W4288023009 doi "https://doi.org/10.48550/arxiv.1911.07100" @default.
W4288023009 hasPublicationYear "2019" @default.
W4288023009 type Work @default.
W4288023009 citedByCount "0" @default.
W4288023009 crossrefType "posted-content" @default.
W4288023009 hasAuthorship W4288023009A5060352379 @default.
W4288023009 hasAuthorship W4288023009A5082772077 @default.
W4288023009 hasBestOaLocation W42880230091 @default.
W4288023009 hasConcept C111919701 @default.
W4288023009 hasConcept C119857082 @default.
W4288023009 hasConcept C124101348 @default.
W4288023009 hasConcept C140547941 @default.
W4288023009 hasConcept C154945302 @default.
W4288023009 hasConcept C2779960059 @default.
W4288023009 hasConcept C2780801425 @default.
W4288023009 hasConcept C31258907 @default.
W4288023009 hasConcept C38652104 @default.
W4288023009 hasConcept C41008148 @default.
W4288023009 hasConcept C41065033 @default.
W4288023009 hasConcept C7606001 @default.
W4288023009 hasConceptScore W4288023009C111919701 @default.
W4288023009 hasConceptScore W4288023009C119857082 @default.
W4288023009 hasConceptScore W4288023009C124101348 @default.
W4288023009 hasConceptScore W4288023009C140547941 @default.
W4288023009 hasConceptScore W4288023009C154945302 @default.
W4288023009 hasConceptScore W4288023009C2779960059 @default.
W4288023009 hasConceptScore W4288023009C2780801425 @default.
W4288023009 hasConceptScore W4288023009C31258907 @default.
W4288023009 hasConceptScore W4288023009C38652104 @default.
W4288023009 hasConceptScore W4288023009C41008148 @default.
W4288023009 hasConceptScore W4288023009C41065033 @default.
W4288023009 hasConceptScore W4288023009C7606001 @default.
W4288023009 hasLocation W42880230091 @default.
W4288023009 hasOpenAccess W4288023009 @default.
W4288023009 hasPrimaryLocation W42880230091 @default.
W4288023009 hasRelatedWork W1957771183 @default.
W4288023009 hasRelatedWork W2034199088 @default.
W4288023009 hasRelatedWork W2085319386 @default.
W4288023009 hasRelatedWork W2111145992 @default.
W4288023009 hasRelatedWork W2212585693 @default.
W4288023009 hasRelatedWork W2906998334 @default.
W4288023009 hasRelatedWork W3110049015 @default.
W4288023009 hasRelatedWork W3177758108 @default.
W4288023009 hasRelatedWork W4287667467 @default.
W4288023009 hasRelatedWork W4298144666 @default.
W4288023009 isParatext "false" @default.
W4288023009 isRetracted "false" @default.
W4288023009 workType "article" @default.