{"id":"https://openalex.org/W4385484671","doi":"https://doi.org/10.1109/ijcnn54540.2023.10191239","title":"Zero-Knowledge Attack for Replicating Protected Deep Neural Networks","display_name":"Zero-Knowledge Attack for Replicating Protected Deep Neural Networks","publication_year":2023,"publication_date":"2023-06-18","ids":{"openalex":"https://openalex.org/W4385484671","doi":"https://doi.org/10.1109/ijcnn54540.2023.10191239"},"language":"en","primary_location":{"id":"doi:10.1109/ijcnn54540.2023.10191239","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/ijcnn54540.2023.10191239","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018086675","display_name":"Itay Mosafi","orcid":"https://orcid.org/0000-0001-7772-1664"},"institutions":[{"id":"https://openalex.org/I13955877","display_name":"Bar-Ilan University","ror":"https://ror.org/03kgsv495","country_code":"IL","type":"education","lineage":["https://openalex.org/I13955877"]}],"countries":["IL"],"is_corresponding":true,"raw_author_name":"Itay Mosafi","raw_affiliation_strings":["Bar-Ilan University,Department of Computer Science,Ramat-Gan,Israel","Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel"],"affiliations":[{"raw_affiliation_string":"Bar-Ilan University,Department of Computer Science,Ramat-Gan,Israel","institution_ids":["https://openalex.org/I13955877"]},{"raw_affiliation_string":"Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel","institution_ids":["https://openalex.org/I13955877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025274307","display_name":"Eli David","orcid":"https://orcid.org/0000-0003-2904-4982"},"institutions":[{"id":"https://openalex.org/I13955877","display_name":"Bar-Ilan University","ror":"https://ror.org/03kgsv495","country_code":"IL","type":"education","lineage":["https://openalex.org/I13955877"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Eli David","raw_affiliation_strings":["Bar-Ilan University,Department of Computer Science,Ramat-Gan,Israel","Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel"],"affiliations":[{"raw_affiliation_string":"Bar-Ilan University,Department of Computer Science,Ramat-Gan,Israel","institution_ids":["https://openalex.org/I13955877"]},{"raw_affiliation_string":"Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel","institution_ids":["https://openalex.org/I13955877"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024299231","display_name":"Nathan S. Netanyahu","orcid":"https://orcid.org/0000-0001-6648-9441"},"institutions":[{"id":"https://openalex.org/I4210141944","display_name":"College of Law and Business","ror":"https://ror.org/04wymav61","country_code":"IL","type":"nonprofit","lineage":["https://openalex.org/I4210141944"]},{"id":"https://openalex.org/I13955877","display_name":"Bar-Ilan University","ror":"https://ror.org/03kgsv495","country_code":"IL","type":"education","lineage":["https://openalex.org/I13955877"]}],"countries":["IL"],"is_corresponding":false,"raw_author_name":"Nathan S. Netanyahu","raw_affiliation_strings":["Bar-Ilan University,Department of Computer Science,Ramat-Gan,Israel","College of Law and Business, Ramat-Gan, Israel","Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel"],"affiliations":[{"raw_affiliation_string":"Bar-Ilan University,Department of Computer Science,Ramat-Gan,Israel","institution_ids":["https://openalex.org/I13955877"]},{"raw_affiliation_string":"College of Law and Business, Ramat-Gan, Israel","institution_ids":["https://openalex.org/I4210141944"]},{"raw_affiliation_string":"Department of Computer Science, Bar-Ilan University, Ramat-Gan, Israel","institution_ids":["https://openalex.org/I13955877"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5018086675"],"corresponding_institution_ids":["https://openalex.org/I13955877"],"apc_list":null,"apc_paid":null,"fwci":0.1746,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.54410938,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"27","issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10036","display_name":"Advanced Neural Network Applications","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9911999702453613,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/softmax-function","display_name":"Softmax function","score":0.8302096128463745},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8131009340286255},{"id":"https://openalex.org/keywords/replicate","display_name":"Replicate","score":0.7591606974601746},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.7377126812934875},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6121124625205994},{"id":"https://openalex.org/keywords/deep-neural-networks","display_name":"Deep neural networks","score":0.5862834453582764},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5218897461891174},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4883410632610321},{"id":"https://openalex.org/keywords/replication","display_name":"Replication (statistics)","score":0.48468831181526184},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4775451123714447},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4247759282588959},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3604758679866791},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.09189736843109131}],"concepts":[{"id":"https://openalex.org/C188441871","wikidata":"https://www.wikidata.org/wiki/Q7554146","display_name":"Softmax function","level":3,"score":0.8302096128463745},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8131009340286255},{"id":"https://openalex.org/C2781162219","wikidata":"https://www.wikidata.org/wiki/Q26250693","display_name":"Replicate","level":2,"score":0.7591606974601746},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.7377126812934875},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6121124625205994},{"id":"https://openalex.org/C2984842247","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep neural networks","level":3,"score":0.5862834453582764},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5218897461891174},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4883410632610321},{"id":"https://openalex.org/C12590798","wikidata":"https://www.wikidata.org/wiki/Q3933199","display_name":"Replication (statistics)","level":2,"score":0.48468831181526184},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4775451123714447},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4247759282588959},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3604758679866791},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.09189736843109131},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ijcnn54540.2023.10191239","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/ijcnn54540.2023.10191239","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 International Joint Conference on Neural Networks (IJCNN)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6100000143051147}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":52,"referenced_works":["https://openalex.org/W639708223","https://openalex.org/W1686810756","https://openalex.org/W1821462560","https://openalex.org/W1902237438","https://openalex.org/W2051267297","https://openalex.org/W2119112357","https://openalex.org/W2134797427","https://openalex.org/W2194775991","https://openalex.org/W2294370754","https://openalex.org/W2461943168","https://openalex.org/W2547875792","https://openalex.org/W2748789698","https://openalex.org/W2753783305","https://openalex.org/W2803985397","https://openalex.org/W2805104469","https://openalex.org/W2806082141","https://openalex.org/W2808195004","https://openalex.org/W2963037989","https://openalex.org/W2964318098","https://openalex.org/W2972754878","https://openalex.org/W2978872500","https://openalex.org/W3025204993","https://openalex.org/W3034957837","https://openalex.org/W3096019139","https://openalex.org/W3103932910","https://openalex.org/W3106038055","https://openalex.org/W3118608800","https://openalex.org/W3122816624","https://openalex.org/W3124870505","https://openalex.org/W3157054062","https://openalex.org/W3187295906","https://openalex.org/W4214553824","https://openalex.org/W4287203292","https://openalex.org/W4307751735","https://openalex.org/W4308757808","https://openalex.org/W4313031019","https://openalex.org/W4313156349","https://openalex.org/W4394639701","https://openalex.org/W6620707391","https://openalex.org/W6637373629","https://openalex.org/W6638523607","https://openalex.org/W6679909955","https://openalex.org/W6729448088","https://openalex.org/W6732837357","https://openalex.org/W6743581629","https://openalex.org/W6751612189","https://openalex.org/W6751912496","https://openalex.org/W6755174528","https://openalex.org/W6787972765","https://openalex.org/W6788971340","https://openalex.org/W6794559225","https://openalex.org/W6846841711"],"related_works":["https://openalex.org/W3107204728","https://openalex.org/W4287591324","https://openalex.org/W2053915529","https://openalex.org/W2111659373","https://openalex.org/W4398395683","https://openalex.org/W4398298289","https://openalex.org/W4398690544","https://openalex.org/W4300326282","https://openalex.org/W2742395793","https://openalex.org/W2810018382"],"abstract_inverted_index":{"As":[0],"deep":[1,52],"neural":[2,53,120,129],"networks":[3,130],"constantly":[4],"improve":[5],"and":[6,20,48,60,103,138],"provide":[7],"state-of-the-art":[8],"solutions":[9],"to":[10,33,70,96,106,133,149],"various":[11],"problems,":[12],"deployment":[13],"of":[14,25,63,86,117],"these":[15,27,35,144],"models":[16,28,79,145],"becomes":[17],"more":[18],"common,":[19],"so":[21],"does":[22],"the":[23,61,64,76,83,89,101,107,114,134],"importance":[24],"protecting":[26],"against":[29],"malicious":[30],"attacks":[31],"attempting":[32],"replicate":[34,143],"models.":[36,122],"In":[37],"this":[38],"paper,":[39],"we":[40,67],"present":[41],"a":[42],"novel":[43],"zero-knowledge":[44],"method":[45,56,74,112],"for":[46],"attacking":[47,118],"stealing":[49],"knowledge":[50],"from":[51],"networks.":[54],"Our":[55],"utilizes":[57],"unlabeled":[58],"data":[59],"predictions":[62],"mentor":[65],"model":[66],"would":[68],"like":[69],"steal.":[71],"The":[72,110,123],"presented":[73,111,135],"targets":[75],"most":[77],"protected":[78,119],"which":[80],"reveal":[81],"only":[82],"minimal":[84],"amount":[85],"information,":[87],"i.e.,":[88],"predicted":[90],"label.":[91],"We":[92],"assume":[93],"no":[94,104],"access":[95,105,148],"any":[97,139],"internal":[98],"information":[99],"about":[100],"model,":[102],"training":[108,153],"data.":[109],"improves":[113],"SOTA":[115],"performance":[116],"network":[121],"results":[124],"show":[125],"that":[126],"all":[127],"classification":[128],"are":[131],"vulnerable":[132],"attack":[136],"method,":[137],"attacker":[140],"can":[141],"effectively":[142],"without":[146],"having":[147],"their":[150],"architecture,":[151],"parameters,":[152],"data,":[154],"or":[155],"softmax":[156],"outputs.":[157]},"counts_by_year":[{"year":2024,"cited_by_count":1}],"updated_date":"2025-12-24T23:09:58.560324","created_date":"2025-10-10T00:00:00"}