{"id":"https://openalex.org/W4386768566","doi":"https://doi.org/10.14778/3611540.3611591","title":"Sniffer: A Novel Model Type Detection System against Machine-Learning-as-a-Service Platforms","display_name":"Sniffer: A Novel Model Type Detection System against Machine-Learning-as-a-Service Platforms","publication_year":2023,"publication_date":"2023-08-01","ids":{"openalex":"https://openalex.org/W4386768566","doi":"https://doi.org/10.14778/3611540.3611591"},"language":"en","primary_location":{"id":"doi:10.14778/3611540.3611591","is_oa":false,"landing_page_url":"https://doi.org/10.14778/3611540.3611591","pdf_url":null,"source":{"id":"https://openalex.org/S4210226185","display_name":"Proceedings of the VLDB Endowment","issn_l":"2150-8097","issn":["2150-8097"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the VLDB Endowment","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101788269","display_name":"Zhuo Ma","orcid":"https://orcid.org/0000-0002-3424-0139"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zhuo Ma","raw_affiliation_strings":["Xidian University"],"affiliations":[{"raw_affiliation_string":"Xidian University","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041981472","display_name":"Yilong Yang","orcid":"https://orcid.org/0000-0002-2811-2667"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yilong Yang","raw_affiliation_strings":["Xidian University"],"affiliations":[{"raw_affiliation_string":"Xidian University","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064113420","display_name":"Bin Xiao","orcid":"https://orcid.org/0000-0001-8469-5302"},"institutions":[{"id":"https://openalex.org/I10535382","display_name":"Chongqing University of Posts and Telecommunications","ror":"https://ror.org/03dgaqz26","country_code":"CN","type":"education","lineage":["https://openalex.org/I10535382"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Bin Xiao","raw_affiliation_strings":["Chongqing University of Posts and Telecommunications"],"affiliations":[{"raw_affiliation_string":"Chongqing University of Posts and Telecommunications","institution_ids":["https://openalex.org/I10535382"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100355692","display_name":"Yang Liu","orcid":"https://orcid.org/0000-0001-7300-9215"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yang Liu","raw_affiliation_strings":["Xidian University"],"affiliations":[{"raw_affiliation_string":"Xidian University","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010848802","display_name":"Xinjing Liu","orcid":"https://orcid.org/0000-0003-0159-0594"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xinjing Liu","raw_affiliation_strings":["Xidian University"],"affiliations":[{"raw_affiliation_string":"Xidian University","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056761518","display_name":"Zhuoran Ma","orcid":"https://orcid.org/0000-0002-9476-6386"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhuoran Ma","raw_affiliation_strings":["Xidian University"],"affiliations":[{"raw_affiliation_string":"Xidian University","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5069277955","display_name":"Tong Yang","orcid":"https://orcid.org/0000-0003-2402-5854"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tong Yang","raw_affiliation_strings":["Peking University"],"affiliations":[{"raw_affiliation_string":"Peking University","institution_ids":["https://openalex.org/I20231570"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5101788269"],"corresponding_institution_ids":["https://openalex.org/I149594827"],"apc_list":null,"apc_paid":null,"fwci":0.3503,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.65598206,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":"16","issue":"12","first_page":"3942","last_page":"3945"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9923999905586243,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.9916999936103821,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7225073575973511},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.7150354981422424},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.5600141286849976},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5547621250152588},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.45506948232650757},{"id":"https://openalex.org/keywords/generator","display_name":"Generator (circuit theory)","score":0.43871593475341797},{"id":"https://openalex.org/keywords/black-box","display_name":"Black box","score":0.4202401041984558},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4056917726993561},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2925819158554077}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7225073575973511},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.7150354981422424},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.5600141286849976},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5547621250152588},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.45506948232650757},{"id":"https://openalex.org/C2780992000","wikidata":"https://www.wikidata.org/wiki/Q17016113","display_name":"Generator (circuit theory)","level":3,"score":0.43871593475341797},{"id":"https://openalex.org/C94966114","wikidata":"https://www.wikidata.org/wiki/Q29256","display_name":"Black box","level":2,"score":0.4202401041984558},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4056917726993561},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2925819158554077},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C157915830","wikidata":"https://www.wikidata.org/wiki/Q2928001","display_name":"Bubble","level":2,"score":0.0},{"id":"https://openalex.org/C129307140","wikidata":"https://www.wikidata.org/wiki/Q6795880","display_name":"Maximum bubble pressure method","level":3,"score":0.0},{"id":"https://openalex.org/C163258240","wikidata":"https://www.wikidata.org/wiki/Q25342","display_name":"Power (physics)","level":2,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.14778/3611540.3611591","is_oa":false,"landing_page_url":"https://doi.org/10.14778/3611540.3611591","pdf_url":null,"source":{"id":"https://openalex.org/S4210226185","display_name":"Proceedings of the VLDB Endowment","issn_l":"2150-8097","issn":["2150-8097"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the VLDB Endowment","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7300000190734863,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W3086652408","https://openalex.org/W3164878287","https://openalex.org/W4281626245","https://openalex.org/W4288057780","https://openalex.org/W4312343407"],"related_works":["https://openalex.org/W2379533788","https://openalex.org/W2390536984","https://openalex.org/W2390459957","https://openalex.org/W1495126611","https://openalex.org/W2366230866","https://openalex.org/W2357906747","https://openalex.org/W2360796461","https://openalex.org/W2372895414","https://openalex.org/W2358525519","https://openalex.org/W2516598795"],"abstract_inverted_index":{"Recent":[0],"works":[1],"explore":[2],"several":[3],"attacks":[4,31,43,98],"against":[5,46,185],"Machine-Learning-as-a-Service":[6],"(MLaaS)":[7],"platforms":[8],"(e.g.,":[9],"the":[10,30,61,69,80,126,140,146,175],"model":[11,66,151],"stealing":[12],"attack),":[13],"allegedly":[14],"posing":[15],"potential":[16],"real-world":[17,36,102],"threats":[18],"beyond":[19],"viability":[20],"in":[21,101,130,181],"laboratories.":[22],"However,":[23],"hampered":[24],"by":[25],"model-type-sensitive":[26,97],",":[27],"most":[28,127],"of":[29,51,95,107,135,142],"can":[32,158,177],"hardly":[33],"break":[34],"mainstream":[35,187],"MLaaS":[37,42,63,148,188],"platforms.":[38,189],"That":[39],"is,":[40],"many":[41],"are":[44],"designed":[45],"only":[47],"one":[48],"certain":[49],"type":[50,67,141,152],"model,":[52],"such":[53],"as":[54,125],"tree":[55],"models":[56,143],"or":[57],"neural":[58],"networks.":[59],"As":[60],"black-box":[62,147],"interface":[64,184],"hides":[65],"info,":[68],"attacker":[70],"cannot":[71],"choose":[72],"a":[73,88,133,182],"proper":[74],"attack":[75,81,122,165],"method":[76,157],"with":[77,179],"confidence,":[78],"limiting":[79],"performance.":[82],"In":[83],"this":[84],"paper,":[85],"we":[86],"demonstrate":[87],"system,":[89],"named":[90],"Sniffer,":[91,131],"that":[92],"is":[93],"capable":[94],"making":[96],"\"great":[99],"again\"":[100],"applications.":[103],"Specifically,":[104],"Sniffer":[105,180],"consists":[106],"four":[108],"components:":[109],"Generator,":[110],"Querier,":[111],"Probe,":[112,124],"and":[113],"Arsenal.":[114],"The":[115],"first":[116],"two":[117],"components":[118],"work":[119],"for":[120],"preparing":[121],"samples.":[123],"characteristic":[128],"component":[129],"implements":[132],"series":[134],"self-designed":[136],"algorithms":[137],"to":[138,167],"determine":[139],"hidden":[144],"behind":[145],"interfaces.":[149],"With":[150],"info":[153],"unraveled,":[154],"an":[155],"optimum":[156],"be":[159],"selected":[160],"from":[161],"Arsenal":[162],"(containing":[163],"multiple":[164],"methods)":[166],"accomplish":[168],"its":[169],"attack.":[170],"Our":[171],"demonstration":[172],"shows":[173],"how":[174],"audience":[176],"interact":[178],"web-based":[183],"five":[186]},"counts_by_year":[{"year":2024,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}