Research Article
Towards Stealing Deep Neural Networks on Mobile Devices
@INPROCEEDINGS{10.1007/978-3-030-90022-9_27, author={Shashank Reddy Danda and Xiaoyong Yuan and Bo Chen}, title={Towards Stealing Deep Neural Networks on Mobile Devices}, proceedings={Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6--9, 2021, Proceedings, Part II}, proceedings_a={SECURECOMM PART 2}, year={2021}, month={11}, keywords={Deep neural network Model stealing Privacy Mobile devices}, doi={10.1007/978-3-030-90022-9_27} }- Shashank Reddy Danda
Xiaoyong Yuan
Bo Chen
Year: 2021
Towards Stealing Deep Neural Networks on Mobile Devices
SECURECOMM PART 2
Springer
DOI: 10.1007/978-3-030-90022-9_27
Abstract
Recently, deep neural networks (DNN) are increasingly deployed on mobile computing devices. Compared to the traditional cloud-based DNN services, the on-device DNN provides immediate responses without relying on network availability or bandwidth and can boost security and privacy by preventing users’ data from transferring over the untrusted communication channels or cloud servers. However, deploying DNN models on the mobile devices introduces new attack vectors on the models. Previous studies have shown that the DNN models are prone to model stealing attacks in the cloud setting, by which the attackers can steal the DNN models accurately. In this work, for the first time, we study the model stealing attacks on the deep neural networks running in the mobile devices, by interacting with mobile applications. Our experimental results on various datasets confirm the feasibility of stealing DNN models in mobile devices with high accuracy and small overhead.
