CREDIT: Certified Ownership Verification of Deep Neural Networks Against Model Extraction Attacks
Machine Learning as a Service (MLaaS) has emerged as a widely adopted paradigm for providing access to deep neural network (DNN) models, enabling users to conveniently leverage these models through standardized APIs. However, such services are highly vulnerable to model extraction attacks (MEAs), where an adversary repeatedly queries a target model to collect input-output pairs and uses them to train a surrogate model that closely replicates its functionality.
While numerous defense strategies have been proposed, verifying the ownership of a suspicious model with strict theoretical guarantees remains a challenging task. To address this gap, we introduce CREDIT, a certified ownership verification method against MEAs. Specifically, we employ mutual information to quantify the similarity between DNN models, propose a practical verification threshold, and provide rigorous theoretical guarantees for ownership verification based on this threshold.
We extensively evaluate our approach on several mainstream datasets across different domains and tasks, achieving state-of-the-art performance.
I am an assistant professor in the Department of Statistics and Operations Research (STOR) at UNC Chapel Hill. I received my PhD in Computer Science from the University of Virginia, advised by Haifeng Xu and Hongning Wang. Prior to obtaining my PhD, I spent two years at the University of Chicago and received both my BS and MS in Computational Mathematics from Peking University. My CV is available here.
My research interests include social and ethical aspects of AI, human-centered machine learning, strategic and multi-agent systems, recommender systems and digital platform economy. If you share similar interests, feel free to contact me via email. Prospective students are encouraged to review this before contacting me.
👈🏻 Find my email and working address by clicking the icons on the left.
Current status: 🏖 in China (☕️regular ✈️traveling 🏖vacation ⏳deadline mode)