Protection of Computational Machine Learning Models against Extraction Threat

Protection of Computational Machine Learning Models against Extraction Threat

연구 분야: Safety

학회: Automatic Control and Computer Sciences

The extraction threat to machine learning models is considered. Most contemporary methods of defense against the extraction of computational machine learning models are based on the use of a protective noise mechanism. The main disadvantage inherent in the noise mechanism is that it reduces the precision of the model’s output. The requirements for the efficient methods of protecting the machine learning models from extraction are formulated, and a new method of defense against this threat, supplementing the noise with a distillation mechanism, is presented. It is experimentally shown that the developed method provides the resistance of machine learning models to extraction threat while maintaining the quality their operating results due to the transformation of protected models into the other simplified models equivalent to the original ones.