{"id":"https://openalex.org/W4383221422","doi":"https://doi.org/10.1145/3579856.3596441","title":"Model Stealing Attacks and Defenses: Where Are We Now?","display_name":"Model Stealing Attacks and Defenses: Where Are We Now?","publication_year":2023,"publication_date":"2023-07-05","ids":{"openalex":"https://openalex.org/W4383221422","doi":"https://doi.org/10.1145/3579856.3596441"},"language":"en","primary_location":{"id":"doi:10.1145/3579856.3596441","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3579856.3596441","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5016685507","display_name":"N. Asokan","orcid":"https://orcid.org/0000-0002-5093-9871"},"institutions":[{"id":"https://openalex.org/I151746483","display_name":"University of Waterloo","ror":"https://ror.org/01aff2v68","country_code":"CA","type":"education","lineage":["https://openalex.org/I151746483"]},{"id":"https://openalex.org/I9927081","display_name":"Aalto University","ror":"https://ror.org/020hwjq30","country_code":"FI","type":"education","lineage":["https://openalex.org/I9927081"]}],"countries":["CA","FI"],"is_corresponding":true,"raw_author_name":"N. Asokan","raw_affiliation_strings":["University of Waterloo, Canada and Aalto University, Finland"],"raw_orcid":"https://orcid.org/0000-0002-5093-9871","affiliations":[{"raw_affiliation_string":"University of Waterloo, Canada and Aalto University, Finland","institution_ids":["https://openalex.org/I9927081","https://openalex.org/I151746483"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5016685507"],"corresponding_institution_ids":["https://openalex.org/I151746483","https://openalex.org/I9927081"],"apc_list":null,"apc_paid":null,"fwci":0.3408,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.64423415,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"327","last_page":"327"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9898999929428101,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9851999878883362,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7877497673034668},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7631322741508484},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.6887639164924622},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.688042402267456},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.48960214853286743},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.48571687936782837},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4609667956829071},{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.45173367857933044},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.296810507774353}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7877497673034668},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7631322741508484},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.6887639164924622},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.688042402267456},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.48960214853286743},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.48571687936782837},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4609667956829071},{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.45173367857933044},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.296810507774353},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0},{"id":"https://openalex.org/C104317684","wikidata":"https://www.wikidata.org/wiki/Q7187","display_name":"Gene","level":2,"score":0.0},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3579856.3596441","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3579856.3596441","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7900000214576721,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2085319386","https://openalex.org/W1551379303","https://openalex.org/W2034199088","https://openalex.org/W2157301192","https://openalex.org/W2076205949","https://openalex.org/W3110049015","https://openalex.org/W2181883319","https://openalex.org/W2105136957","https://openalex.org/W2901933342","https://openalex.org/W2904814116"],"abstract_inverted_index":{"The":[0],"success":[1],"of":[2,13,35,46,53,119,128],"deep":[3],"learning":[4,27],"in":[5,50],"many":[6],"application":[7],"domains":[8],"has":[9,16],"been":[10],"nothing":[11],"short":[12],"dramatic.":[14],"This":[15],"brought":[17],"the":[18,33,44,51,82,117,126],"spotlight":[19],"onto":[20],"security":[21],"and":[22,80],"privacy":[23],"concerns":[24],"with":[25],"machine":[26],"(ML).":[28],"One":[29],"such":[30],"concern":[31],"is":[32,61],"threat":[34,45],"model":[36,47,60,103],"theft.":[37],"I":[38,90,114,122],"will":[39,91,115,123],"discuss":[40,93,116],"work":[41],"on":[42,97,108,125],"exploring":[43],"theft,":[48],"especially":[49],"form":[52],"\u201cmodel":[54],"extraction":[55],"attacks\u201d":[56],"\u2014":[57],"when":[58,132],"a":[59,70,87,145,153],"made":[62],"available":[63],"to":[64,77,85,140,144],"customers":[65],"via":[66],"an":[67],"inference":[68],"interface,":[69],"malicious":[71],"customer":[72],"can":[73],"use":[74,81],"repeated":[75],"queries":[76],"this":[78],"interface":[79],"information":[83],"gained":[84],"construct":[86],"surrogate":[88],"model.":[89],"also":[92],"possible":[94],"countermeasures,":[95],"focusing":[96],"deterrence":[98],"mechanisms":[99,134],"that":[100,130],"allow":[101],"for":[102,135],"ownership":[104],"resolution":[105],"(MOR)":[106],"based":[107],"watermarking":[109],"or":[110],"fingerprinting.":[111],"In":[112],"particular,":[113],"robustness":[118],"MOR":[120,150],"schemes.":[121],"touch":[124],"issue":[127],"conflicts":[129],"arise":[131],"protection":[133],"multiple":[136],"different":[137],"threats":[138],"need":[139],"be":[141],"applied":[142],"simultaneously":[143],"given":[146],"ML":[147],"model,":[148],"using":[149],"techniques":[151],"as":[152],"case":[154],"study.":[155]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}