Giters

yunyuntsai / DNN-Model-Stealing

Code for "CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples" (NDSS 2020)

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

ndss-2020adversarial-machine-learningmodel-stealingadversarial-learningsecuritytransfer-attack

DNN Models Extraction

This is the repo for CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples, Honggang Yu, Kaichen Yang, Teng Zhang, Yun-Yun Tsai, Tsung-Yi Ho, Yier Jin, in Proceeding of Network and Distributed System Security Symposium (NDSS), 2020. Our code is implemented in Python 3.6 and Caffe.

The following figure illustrates the transfer framework for our proposed model extraction method:
Alt text

(a) generate unlabeled adversarial examples as synthetic dataset.
(b) query victim model using the generated synthetic dataset.
(c) label adversarial examples according to the output of the victim model.
(d) train the local substitute model using the synthetic dataset.
(e) use the local substitute model for predictions. The local substitute model is expected to match the performance of the victim model.

For more detail, please refer to our slides, and video.

About

Code for "CloudLeak: Large-Scale Deep Learning Models Stealing Through Adversarial Examples" (NDSS 2020)

ndss-2020adversarial-machine-learningmodel-stealingadversarial-learningsecuritytransfer-attack

Languages

Language:Jupyter Notebook 95.4%Language:Python 4.5%Language:Shell 0.1%