Explanation-based data-free model extraction attacks

Deep learning (DL) has dramatically pushed the previous limits of various tasks, ranging from computer vision to natural language processing. Despite its success, the lack of model explanations thwarts the usage of these techniques in life-critical domains, e.g., medical diagnosis and self-driving s...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	World wide web (Bussum) Jg. 26; H. 5; S. 3081 - 3092
Hauptverfasser:	Yan, Anli, Hou, Ruitao, Yan, Hongyang, Liu, Xiaozhang
Format:	Journal Article
Sprache:	Englisch
Veröffentlicht:	New York Springer US 01.09.2023 Springer Nature B.V
Schlagworte:	Computer Science Computer vision Database Management Effectiveness Explainable artificial intelligence Information Systems Applications (incl.Internet) Natural language processing Operating Systems Privacy Special Issue on Privacy and Security in Machine Learning Synthetic data Deep neural network Black-box Model explanation Model extraction attack
ISSN:	1386-145X, 1573-1413
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Abstract	Deep learning (DL) has dramatically pushed the previous limits of various tasks, ranging from computer vision to natural language processing. Despite its success, the lack of model explanations thwarts the usage of these techniques in life-critical domains, e.g., medical diagnosis and self-driving systems. To date, the core technology to solve the explainable issue is explainable artificial intelligence (XAI). XAI methods have been developed to produce human-understandable explanations by leveraging intermediate results of the DL models, e.g., gradients and model parameters. While the effectiveness of XAI methods has been demonstrated in benign environments, their privacy against model extraction attacks (i.e., attacks at the model confidentially) requires to be studied. To this end, this paper proposes DMEAE, a d ata-free m odel e xtraction a ttack using e xplanation-guided, to explore XAI privacy threats. Compared with previous works, DMEAE does not require collecting any data and utilizes model explanation loss. Specifically, DMEAE creates synthetic data using a generative model with model explanation loss items. Extensive evaluations verify the effectiveness and efficiency of the proposed attack strategy on SVHN and CIFAR-10 datasets. We hope that our research can provide insights for the development of practical tools to trade off the relationship between privacy and model explanations.
AbstractList	Deep learning (DL) has dramatically pushed the previous limits of various tasks, ranging from computer vision to natural language processing. Despite its success, the lack of model explanations thwarts the usage of these techniques in life-critical domains, e.g., medical diagnosis and self-driving systems. To date, the core technology to solve the explainable issue is explainable artificial intelligence (XAI). XAI methods have been developed to produce human-understandable explanations by leveraging intermediate results of the DL models, e.g., gradients and model parameters. While the effectiveness of XAI methods has been demonstrated in benign environments, their privacy against model extraction attacks (i.e., attacks at the model confidentially) requires to be studied. To this end, this paper proposes DMEAE, a d ata-free m odel e xtraction a ttack using e xplanation-guided, to explore XAI privacy threats. Compared with previous works, DMEAE does not require collecting any data and utilizes model explanation loss. Specifically, DMEAE creates synthetic data using a generative model with model explanation loss items. Extensive evaluations verify the effectiveness and efficiency of the proposed attack strategy on SVHN and CIFAR-10 datasets. We hope that our research can provide insights for the development of practical tools to trade off the relationship between privacy and model explanations. Deep learning (DL) has dramatically pushed the previous limits of various tasks, ranging from computer vision to natural language processing. Despite its success, the lack of model explanations thwarts the usage of these techniques in life-critical domains, e.g., medical diagnosis and self-driving systems. To date, the core technology to solve the explainable issue is explainable artificial intelligence (XAI). XAI methods have been developed to produce human-understandable explanations by leveraging intermediate results of the DL models, e.g., gradients and model parameters. While the effectiveness of XAI methods has been demonstrated in benign environments, their privacy against model extraction attacks (i.e., attacks at the model confidentially) requires to be studied. To this end, this paper proposes DMEAE, a data-free model extraction attack using explanation-guided, to explore XAI privacy threats. Compared with previous works, DMEAE does not require collecting any data and utilizes model explanation loss. Specifically, DMEAE creates synthetic data using a generative model with model explanation loss items. Extensive evaluations verify the effectiveness and efficiency of the proposed attack strategy on SVHN and CIFAR-10 datasets. We hope that our research can provide insights for the development of practical tools to trade off the relationship between privacy and model explanations.
Author	Liu, Xiaozhang Yan, Hongyang Yan, Anli Hou, Ruitao
Author_xml	– sequence: 1 givenname: Anli surname: Yan fullname: Yan, Anli organization: School of Cyberspace Security (School of Cryptology), Hainan University, Institute of Artificial Intelligence and Blockchain, Guangzhou University – sequence: 2 givenname: Ruitao surname: Hou fullname: Hou, Ruitao organization: Institute of Artificial Intelligence and Blockchain, Guangzhou University – sequence: 3 givenname: Hongyang surname: Yan fullname: Yan, Hongyang organization: Institute of Artificial Intelligence and Blockchain, Guangzhou University – sequence: 4 givenname: Xiaozhang surname: Liu fullname: Liu, Xiaozhang email: lxzh@hainanu.edu.cn organization: School of Computer Science and Technology, Hainan University
BookMark	eNp9kMtKAzEUhoNUsK2-gKsB19HcJjNZSqkXKLhRcBfO5CJTpzM1SaG-vWlHEFx0lRP4v3P5ZmjSD71D6JqSW0pIdRcpZTXBhHFMKC0JlmdoSsuKYyoon-Sa1zLX5fsFmsW4JoRIrugUieV-20EPqR163EB0trCQAPvgXLEZrOsKt08BzCFQQEpgPuMlOvfQRXf1-87R28PydfGEVy-Pz4v7FTacqoQtsY3xgkvgQBtFla9AKeuVIhXjjJe-ktYYVVsgoiq9As6lsLJumG9c_szRzdh3G4avnYtJr4dd6PNIzeqqlIIxJXKKjSkThhiD83ob2g2Eb02JPtjRox2d7eijHS0zVP-DTJuOFvKxbXca5SMa85z-w4W_rU5QP25xeq4
CitedBy_id	crossref_primary_10_1109_TKDE_2024_3460806 crossref_primary_10_1016_j_knosys_2024_112144
Cites_doi	10.1109/TNNLS.2020.3027314 10.1109/TDSC.2020.3015886 10.1016/j.inffus.2019.12.012 10.1016/j.ins.2022.04.003 10.1109/TKDE.2020.3015835 10.1109/TIFS.2020.3025438 10.1080/17517575.2019.1600040 10.1007/s11263-019-01228-7 10.1016/j.ins.2020.09.064 10.1016/j.patcog.2021.108238 10.1016/j.ins.2021.05.073 10.1007/s13042-020-01242-z 10.1145/3423558 10.1016/j.ins.2020.10.010 10.1016/j.ins.2021.01.046 10.1109/EuroSP.2019.00044 10.1145/3460231.3474275 10.1109/CVPR46437.2021.01360 10.1002/int.23001 10.1109/CVPR42600.2020.00886 10.1145/3319535.3354261 10.1145/3287560.3287562 10.1002/cpe.5925 10.1109/ICCCS52626.2021.9449145 10.1109/ICCV.2017.371 10.1145/3052973.3053009 10.1016/j.patcog.2022.108666 10.1145/3460120.3484575 10.1609/aaai.v34i01.5432 10.1109/CVPR.2019.00509 10.1109/CVPR46437.2021.00474 10.1007/s11432-022-3507-7 10.1145/2939672.2939778 10.1109/CVPR42600.2020.00031
ContentType	Journal Article
Copyright	The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2023. Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
Copyright_xml	– notice: The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2023. Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
DBID	AAYXX CITATION 3V. 7SC 7XB 8AL 8FD 8FE 8FG 8FK ABUWG AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- L7M L~C L~D M0N P5Z P62 PHGZM PHGZT PKEHL PQEST PQGLB PQQKQ PQUKI Q9U
DOI	10.1007/s11280-023-01150-6
DatabaseName	CrossRef ProQuest Central (Corporate) Computer and Information Systems Abstracts ProQuest Central (purchase pre-March 2016) Computing Database (Alumni Edition) Technology Research Database ProQuest SciTech Collection ProQuest Technology Collection ProQuest Central (Alumni) (purchase pre-March 2016) ProQuest Central (Alumni) ProQuest Central UK/Ireland Advanced Technologies & Computer Science Collection ProQuest Central Essentials ProQuest Central - New (Subscription) Technology collection ProQuest One Community College ProQuest Central Korea ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection Computer Science Database Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional Computing Database Advanced Technologies & Aerospace Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Premium ProQuest One Academic (New) ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central Basic
DatabaseTitle	CrossRef Computer Science Database ProQuest Central Student Technology Collection Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection Computer and Information Systems Abstracts ProQuest Central (Alumni Edition) SciTech Premium Collection ProQuest One Community College ProQuest Central ProQuest One Applied & Life Sciences ProQuest Central Korea ProQuest Central (New) Advanced Technologies Database with Aerospace Advanced Technologies & Aerospace Collection ProQuest Computing ProQuest Central Basic ProQuest Computing (Alumni Edition) ProQuest One Academic Eastern Edition ProQuest Technology Collection ProQuest SciTech Collection Computer and Information Systems Abstracts Professional Advanced Technologies & Aerospace Database ProQuest One Academic UKI Edition ProQuest One Academic ProQuest Central (Alumni) ProQuest One Academic (New)
DatabaseTitleList	Computer Science Database
Database_xml	– sequence: 1 dbid: BENPR name: ProQuest Central url: https://www.proquest.com/central sourceTypes: Aggregation Database
DeliveryMethod	fulltext_linktorsrc
Discipline	Engineering Computer Science
EISSN	1573-1413
EndPage	3092
ExternalDocumentID	10_1007_s11280_023_01150_6
GroupedDBID	-59 -5G -BR -EM -Y2 -~C .86 .DC .VR 06D 0R~ 0VY 123 1SB 203 29R 2J2 2JN 2JY 2KG 2LR 2P1 2VQ 2~H 30V 3V. 4.4 406 408 409 40D 40E 5VS 67Z 6NX 8FE 8FG 8TC 95- 95. 95~ 96X AAAVM AABHQ AACDK AAHNG AAIAL AAJBT AAJKR AANZL AARHV AARTL AASML AATNV AATVU AAUYE AAWCG AAYIU AAYOK AAYQN AAYTO AAYZH ABAKF ABBBX ABBXA ABDZT ABECU ABFTD ABFTV ABHLI ABHQN ABJNI ABJOX ABKCH ABKTR ABMNI ABMQK ABNWP ABQBU ABQSL ABSXP ABTEG ABTHY ABTKH ABTMW ABULA ABUWG ABWNU ABXPI ACAOD ACBXY ACDTI ACGFS ACHSB ACHXU ACKNC ACMDZ ACMLO ACOKC ACOMO ACPIV ACSNA ACZOJ ADHHG ADHIR ADINQ ADKNI ADKPE ADRFC ADTPH ADURQ ADYFF ADZKW AEBTG AEFQL AEGAL AEGNC AEJHL AEJRE AEKMD AEMSY AEOHA AEPYU AESKC AETLH AEVLU AEXYK AFGCZ AFKRA AFLOW AFQWF AFWTZ AFZKB AGAYW AGDGC AGGDS AGJBK AGMZJ AGQEE AGQMX AGRTI AGWIL AGWZB AGYKE AHAVH AHBYD AHSBF AHYZX AIAKS AIGIU AIIXL AILAN AITGF AJBLW AJRNO AJZVZ ALMA_UNASSIGNED_HOLDINGS ALWAN AMKLP AMXSW AMYLF AMYQR AOCGG ARAPS ARMRJ ASPBG AVWKF AXYYD AYJHY AZFZN AZQEC B-. BA0 BDATZ BENPR BGLVJ BGNMA BPHCQ BSONS CAG CCPQU COF CS3 CSCUP DDRTE DL5 DNIVK DPUIP DWQXO EBLON EBS EIOEI EJD ESBYG FEDTE FERAY FFXSO FIGPU FINBP FNLPD FRRFC FSGXE FWDCC GGCAI GGRSB GJIRD GNUQQ GNWQR GQ6 GQ7 GQ8 GXS H13 HCIFZ HF~ HG5 HG6 HMJXF HQYDN HRMNR HVGLF HZ~ I09 IHE IJ- IKXTQ IWAJR IXC IXD IXE IZIGR IZQ I~X I~Z J-C J0Z JBSCW JCJTX JZLTJ K6V K7- KDC KOV LAK LLZTM M0N M4Y MA- N2Q NB0 NPVJJ NQJWS NU0 O9- O93 O9J OAM OVD P2P P62 P9O PF0 PQQKQ PROAC PT4 PT5 QOS R89 R9I RIG RNI ROL RPX RSV RZC RZE RZK S16 S1Z S27 S3B SAP SCO SDH SHX SISQX SJYHP SNE SNPRN SNX SOHCF SOJ SPISZ SRMVM SSLCW STPWE SZN T13 TEORI TSG TSK TSV TUC U2A UG4 UOJIU UTJUX UZXMN VC2 VFIZW W23 W48 WK8 YLTOR Z45 Z7X Z83 Z88 ZMTXR ~A9 AAPKM AAYXX ABBRH ABDBE ABFSG ABRTQ ACSTC ADHKG AEZWR AFDZB AFFHD AFHIU AFOHR AGQPQ AHPBZ AHWEU AIXLP ATHPR AYFIA CITATION PHGZM PHGZT PQGLB 7SC 7XB 8AL 8FD 8FK JQ2 L7M L~C L~D PKEHL PQEST PQUKI Q9U
ID	FETCH-LOGICAL-c319t-d0dbcf436a3a1b919f7a99df990723235f76dcc98da0475f9a3364d68b2fbea33
IEDL.DBID	RSV
ISICitedReferencesCount	4
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000999733500001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	1386-145X
IngestDate	Thu Nov 06 12:27:37 EST 2025 Tue Nov 18 22:32:53 EST 2025 Sat Nov 29 06:37:27 EST 2025 Fri Feb 21 02:42:35 EST 2025
IsPeerReviewed	true
IsScholarly	true
Issue	5
Keywords	Deep neural network Black-box Model explanation Model extraction attack
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c319t-d0dbcf436a3a1b919f7a99df990723235f76dcc98da0475f9a3364d68b2fbea33
Notes	ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14
PQID	2875642294
PQPubID	2034525
PageCount	12
ParticipantIDs	proquest_journals_2875642294 crossref_primary_10_1007_s11280_023_01150_6 crossref_citationtrail_10_1007_s11280_023_01150_6 springer_journals_10_1007_s11280_023_01150_6
PublicationCentury	2000
PublicationDate	20230900 2023-09-00 20230901
PublicationDateYYYYMMDD	2023-09-01
PublicationDate_xml	– month: 9 year: 2023 text: 20230900
PublicationDecade	2020
PublicationPlace	New York
PublicationPlace_xml	– name: New York
PublicationSubtitle	Internet and Web Information Systems
PublicationTitle	World wide web (Bussum)
PublicationTitleAbbrev	World Wide Web
PublicationYear	2023
Publisher	Springer US Springer Nature B.V
Publisher_xml	– name: Springer US – name: Springer Nature B.V
References	Zhu, Li, Hu, Xiong, Zhou (CR18) 2022; 34 Ren, Huang, Yan (CR24) 2021; 12 CR39 CR38 CR37 CR36 CR35 CR34 Selvaraju, Cogswell, Das, Vedantam, Parikh, Batra (CR41) 2020; 128 CR33 CR32 CR31 CR30 Hu, Yan, Li, Pan, Liu, Zhang (CR12) 2021; 560 Zhang, Chen, Yan, Xiang (CR19) 2021; 548 Pan, Zeng, Cheng, Yan, Li (CR2) 2021; 573 Yan, Jiang, Li, Wang, Yang (CR7) 2022; 22 CR5 CR8 CR9 CR49 CR48 CR47 CR46 Tjoa, Guan (CR16) 2021; 32 CR45 CR44 CR43 CR42 CR40 Yan, Hu, Xiang, Liu, Yuan (CR1) 2021; 548 Arrieta, Rodríguez, Ser, Bennetot, Tabik, Barbado, García, Gil-Lopez, Molina, Benjamins, Chatila, Herrera (CR14) 2020; 58 Tang, Li, Barni, Li, Huang (CR3) 2021; 16 Hou, Ai, Chen, Yan, Huang, Chen (CR4) 2022; 601 CR15 Wang, Li, Yan (CR6) 2021; 15 CR13 CR10 Li, Ye, Li, Wang, Lou, Hou, Liu, Lu (CR17) 2022; 19 CR50 CR29 Yin, Yang, Hu, Wu (CR11) 2022; 121 CR28 CR27 CR26 CR25 CR23 CR22 CR21 CR20 1150_CR40 1150_CR42 1150_CR43 1150_CR44 1150_CR45 X Wang (1150_CR6) 2021; 15 1150_CR46 1150_CR47 1150_CR48 1150_CR49 AB Arrieta (1150_CR14) 2020; 58 R Hou (1150_CR4) 2022; 601 H Yan (1150_CR7) 2022; 22 T Zhu (1150_CR18) 2022; 34 E Tjoa (1150_CR16) 2021; 32 1150_CR30 1150_CR31 1150_CR32 1150_CR33 1150_CR34 1150_CR35 1150_CR36 1150_CR37 L Hu (1150_CR12) 2021; 560 1150_CR38 1150_CR39 X Zhang (1150_CR19) 2021; 548 H Yan (1150_CR1) 2021; 548 1150_CR8 1150_CR9 1150_CR5 1150_CR20 1150_CR21 1150_CR22 1150_CR23 1150_CR25 1150_CR26 1150_CR27 1150_CR28 1150_CR29 Y Yin (1150_CR11) 2022; 121 J Li (1150_CR17) 2022; 19 RR Selvaraju (1150_CR41) 2020; 128 1150_CR50 W Tang (1150_CR3) 2021; 16 H Ren (1150_CR24) 2021; 12 1150_CR10 Z Pan (1150_CR2) 2021; 573 1150_CR13 1150_CR15
References_xml	– ident: CR45 – ident: CR22 – volume: 32 start-page: 4793 issue: 11 year: 2021 end-page: 4813 ident: CR16 article-title: A survey on explainable artificial intelligence (XAI): toward medical XAI publication-title: IEEE Trans. Neural Networks Learn. Syst. doi: 10.1109/TNNLS.2020.3027314 – volume: 19 start-page: 67 issue: 1 year: 2022 end-page: 76 ident: CR17 article-title: Efficient and secure outsourcing of differentially private data publishing with multiple evaluators publication-title: IEEE Trans. Dependable Secur. Comput. doi: 10.1109/TDSC.2020.3015886 – ident: CR49 – ident: CR39 – volume: 58 start-page: 82 year: 2020 end-page: 115 ident: CR14 article-title: Explainable artificial intelligence (XAI): concepts, taxonomies, opportunities and challenges toward responsible AI publication-title: Inf. Fusion. doi: 10.1016/j.inffus.2019.12.012 – volume: 601 start-page: 255 year: 2022 end-page: 267 ident: CR4 article-title: Similarity- based integrity protection for deep learning systems publication-title: Inf. Sci. doi: 10.1016/j.ins.2022.04.003 – ident: CR35 – ident: CR29 – ident: CR8 – volume: 34 start-page: 2962 issue: 6 year: 2022 end-page: 2974 ident: CR18 article-title: The dynamic privacy-preserving mechanisms for online dynamic social networks publication-title: IEEE Trans. Knowl. Data Eng. doi: 10.1109/TKDE.2020.3015835 – ident: CR25 – ident: CR42 – volume: 16 start-page: 952 year: 2021 end-page: 967 ident: CR3 article-title: An automatic cost learning framework for image steganography using deep reinforcement learning publication-title: IEEE Trans. Inf. Forensics Secur. doi: 10.1109/TIFS.2020.3025438 – ident: CR21 – ident: CR46 – volume: 15 start-page: 530 issue: 4 year: 2021 end-page: 544 ident: CR6 article-title: An improved anti-quantum MST3 public key encryption scheme for remote sensing images publication-title: Enterp. Inf. Syst. doi: 10.1080/17517575.2019.1600040 – ident: CR15 – ident: CR50 – ident: CR9 – ident: CR32 – ident: CR36 – ident: CR5 – ident: CR26 – volume: 128 start-page: 336 issue: 2 year: 2020 end-page: 359 ident: CR41 article-title: Grad-cam: Visual explanations from deep networks via gradient-based localization publication-title: Int. J. Comput. Vis. doi: 10.1007/s11263-019-01228-7 – ident: CR43 – ident: CR47 – volume: 548 start-page: 423 year: 2021 end-page: 437 ident: CR1 article-title: PPCL: privacy-preserving collaborative learning for mitigating indirect information leakage publication-title: Inf. Sci. doi: 10.1016/j.ins.2020.09.064 – ident: CR37 – ident: CR30 – ident: CR10 – ident: CR33 – ident: CR40 – ident: CR27 – ident: CR23 – volume: 121 year: 2022 ident: CR11 article-title: Universal multi-source domain adaptation for image classification publication-title: Pattern Recognition doi: 10.1016/j.patcog.2021.108238 – volume: 573 start-page: 370 year: 2021 end-page: 381 ident: CR2 article-title: PNAS: A privacy preserving framework for neural architecture search services publication-title: Inf. Sci. doi: 10.1016/j.ins.2021.05.073 – ident: CR44 – ident: CR48 – volume: 12 start-page: 3325 issue: 11 year: 2021 end-page: 3336 ident: CR24 article-title: Adversarial examples: attacks and defenses in the physical world publication-title: Int. J. Mach. Learn. Cybern. doi: 10.1007/s13042-020-01242-z – ident: CR38 – volume: 22 start-page: 33 issue: 2 year: 2022 end-page: 13321 ident: CR7 article-title: Collusion-free for cloud verification toward the view of game theory publication-title: ACM Trans. Internet Techn. doi: 10.1145/3423558 – ident: CR31 – ident: CR13 – ident: CR34 – volume: 548 start-page: 212 year: 2021 end-page: 232 ident: CR19 article-title: Privacy-preserving and verifiable online crowdsourcing with worker updates publication-title: Inf. Sci. doi: 10.1016/j.ins.2020.10.010 – ident: CR28 – volume: 560 start-page: 493 year: 2021 end-page: 503 ident: CR12 article-title: MHAT: an efficient model-heterogenous aggregation training scheme for federated learning publication-title: Inf. Sci. doi: 10.1016/j.ins.2021.01.046 – ident: CR20 – ident: 1150_CR33 doi: 10.1109/EuroSP.2019.00044 – ident: 1150_CR37 – ident: 1150_CR22 doi: 10.1145/3460231.3474275 – ident: 1150_CR35 doi: 10.1109/CVPR46437.2021.01360 – volume: 548 start-page: 212 year: 2021 ident: 1150_CR19 publication-title: Inf. Sci. doi: 10.1016/j.ins.2020.10.010 – ident: 1150_CR43 – ident: 1150_CR20 – ident: 1150_CR9 doi: 10.1002/int.23001 – volume: 573 start-page: 370 year: 2021 ident: 1150_CR2 publication-title: Inf. Sci. doi: 10.1016/j.ins.2021.05.073 – ident: 1150_CR38 doi: 10.1109/CVPR42600.2020.00886 – volume: 121 year: 2022 ident: 1150_CR11 publication-title: Pattern Recognition doi: 10.1016/j.patcog.2021.108238 – ident: 1150_CR23 doi: 10.1145/3319535.3354261 – volume: 22 start-page: 33 issue: 2 year: 2022 ident: 1150_CR7 publication-title: ACM Trans. Internet Techn. doi: 10.1145/3423558 – ident: 1150_CR36 doi: 10.1145/3287560.3287562 – ident: 1150_CR5 doi: 10.1002/cpe.5925 – volume: 15 start-page: 530 issue: 4 year: 2021 ident: 1150_CR6 publication-title: Enterp. Inf. Syst. doi: 10.1080/17517575.2019.1600040 – volume: 19 start-page: 67 issue: 1 year: 2022 ident: 1150_CR17 publication-title: IEEE Trans. Dependable Secur. Comput. doi: 10.1109/TDSC.2020.3015886 – ident: 1150_CR47 doi: 10.1109/ICCCS52626.2021.9449145 – ident: 1150_CR30 – ident: 1150_CR42 – ident: 1150_CR21 – ident: 1150_CR45 doi: 10.1109/ICCV.2017.371 – ident: 1150_CR46 – ident: 1150_CR32 doi: 10.1145/3052973.3053009 – volume: 601 start-page: 255 year: 2022 ident: 1150_CR4 publication-title: Inf. Sci. doi: 10.1016/j.ins.2022.04.003 – volume: 58 start-page: 82 year: 2020 ident: 1150_CR14 publication-title: Inf. Fusion. doi: 10.1016/j.inffus.2019.12.012 – ident: 1150_CR10 doi: 10.1016/j.patcog.2022.108666 – ident: 1150_CR28 – ident: 1150_CR25 doi: 10.1145/3460120.3484575 – volume: 34 start-page: 2962 issue: 6 year: 2022 ident: 1150_CR18 publication-title: IEEE Trans. Knowl. Data Eng. doi: 10.1109/TKDE.2020.3015835 – ident: 1150_CR49 – ident: 1150_CR29 doi: 10.1609/aaai.v34i01.5432 – ident: 1150_CR39 – volume: 548 start-page: 423 year: 2021 ident: 1150_CR1 publication-title: Inf. Sci. doi: 10.1016/j.ins.2020.09.064 – volume: 128 start-page: 336 issue: 2 year: 2020 ident: 1150_CR41 publication-title: Int. J. Comput. Vis. doi: 10.1007/s11263-019-01228-7 – ident: 1150_CR27 doi: 10.1109/CVPR.2019.00509 – ident: 1150_CR34 doi: 10.1109/CVPR46437.2021.00474 – ident: 1150_CR8 doi: 10.1007/s11432-022-3507-7 – volume: 32 start-page: 4793 issue: 11 year: 2021 ident: 1150_CR16 publication-title: IEEE Trans. Neural Networks Learn. Syst. doi: 10.1109/TNNLS.2020.3027314 – ident: 1150_CR48 – ident: 1150_CR44 doi: 10.1145/2939672.2939778 – ident: 1150_CR13 – ident: 1150_CR15 – ident: 1150_CR40 – volume: 12 start-page: 3325 issue: 11 year: 2021 ident: 1150_CR24 publication-title: Int. J. Mach. Learn. Cybern. doi: 10.1007/s13042-020-01242-z – volume: 560 start-page: 493 year: 2021 ident: 1150_CR12 publication-title: Inf. Sci. doi: 10.1016/j.ins.2021.01.046 – volume: 16 start-page: 952 year: 2021 ident: 1150_CR3 publication-title: IEEE Trans. Inf. Forensics Secur. doi: 10.1109/TIFS.2020.3025438 – ident: 1150_CR31 doi: 10.1109/CVPR42600.2020.00031 – ident: 1150_CR26 – ident: 1150_CR50
SSID	ssj0006391
Score	2.323356
Snippet	Deep learning (DL) has dramatically pushed the previous limits of various tasks, ranging from computer vision to natural language processing. Despite its...
SourceID	proquest crossref springer
SourceType	Aggregation Database Enrichment Source Index Database Publisher
StartPage	3081
SubjectTerms	Computer Science Computer vision Database Management Effectiveness Explainable artificial intelligence Information Systems Applications (incl.Internet) Natural language processing Operating Systems Privacy Special Issue on Privacy and Security in Machine Learning Synthetic data
SummonAdditionalLinks	– databaseName: Advanced Technologies & Aerospace Database dbid: P5Z link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV07T8MwED5BYYCBN6JQUAY2sMjDie0JIUTFVHUAqWKJ_JSQUFvSwO_HdpwGkOjCGCW2os_nu7Pv8QFcxoqYVLuobkqEPaDIGHEqE5SaOBc5p67_iyebIKMRnUzYOFy4LUJaZasTvaJWM-nuyG-sZ59bXzll-Hb-jhxrlIuuBgqNddhwXRIcdcM4f1lqYmt9mwMXLVCC80kommlK56xijpG1WMg7Raj4aZg6b_NXgNTbneHuf_94D3aCxxndNSKyD2t6egDb3_oQHgJ2mXi8uRdEzq6pyGWOIlNpHXmunMjq8KqpgYh4XbvC_CN4Hj483T-iQKeApN1nNVKxEtLgrOAZTwRLmCGcMWWsPSLWr8pyQwolJaOKx5jkhvEsK7AqqEiN0PbhGHrT2VSfQESFkEzxhDHBMJVEYJ1JJVwIz66xSfqQtFiWMvQad5QXb2XXJdnhX1r8S49_WfThajlm3nTaWPn1oAW9DLtuUXaI9-G6Xbbu9d-zna6e7Qy2Ui8pLrVsAL26-tDnsCk_69dFdeFl7gtQY9qB priority: 102 providerName: ProQuest
Title	Explanation-based data-free model extraction attacks
URI	https://link.springer.com/article/10.1007/s11280-023-01150-6 https://www.proquest.com/docview/2875642294
Volume	26
WOSCitedRecordID	wos000999733500001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVAVX databaseName: SpringerLINK Contemporary 1997-Present customDbUrl: eissn: 1573-1413 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0006391 issn: 1386-145X databaseCode: RSV dateStart: 19980301 isFulltext: true titleUrlDefault: https://link.springer.com/search?facet-content-type=%22Journal%22 providerName: Springer Nature
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8NAEB5s60EPVqtitZYcvOlCHpvs7lGlRRBKqQ-Kl7CPLAhSJY3-fnc3SaOigl4CIZslzOzMN5N5AZz4iugws1HdkAjjoEgfcSoDFGo_FjGntv-LGzZBJhM6n7NpVRS2rLPd65Ck09RNsZtRpT4yGIOcGYOSFnQM3FE7sGF2c7_SvwZzSzeLJijA8bwqlfl-j89w1NiYX8KiDm3G3f995zZsVdald14ehx1YyxY96NaTG7xKkHuw-aEN4S5gm4jHy9-CyMKa8mziKNJ5lnluVI5nVHhelkB4vChsXf4e3I1Ht5dXqJqmgKQRswIpXwmpcZTwiAeCBUwTzpjSBo6IMauiWJNEScmo4j4msWY8ihKsEipCLTJzsw_txfMiOwCPCiGZ4gFjgmEqicBZJJWwETzDYh30IaiJmsqq1bidePGUNk2SLZFSQ6TUESlN-nC6euelbLTx6-pBzau0Erplapy_2LhTIcN9OKt50zz-ebfDvy0_go3Qsddmmg2gXeSv2TGsy7ficZkPoXMxmkxnQ2hdE2Su0_hh6A7oOzEU2d8
linkProvider	Springer Nature
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1JSwMxFH4UFdSDu1itOgc9aXCWzCQ5iIgLlWrxoNDbmBUEaWs7Kv4pf6PJLFYFe-vB8ywM831530veBrDnK2JC7aK6IRF2gyJ9xKkMUGj8WMScuv4v-bAJ0m7TTofd1uCjqoVxaZWVTcwNtepJd0Z-ZD372PrKIcMn_Wfkpka56Go1QqOgRUu_v9kt2_D46tziux-Glxd3Z01UThVA0tItQ8pXQhocJTzigWABM4Qzpow1y8S6F1FsSKKkZFRxH5PYMB5FCVYJFaERmrsDUGvyp3FEiVtXLYK-LL9V-2KDRxMU4LhTFukUpXpWCHxkFRLlThhKfgrhyLv9FZDNde5y8b_9oSVYKD1q77RYAstQ090VmP_WZ3EVsMs05MW5J3K6rTyXGYvMQGsvnwXkWY0aFDUeHs8y13hgDe4n8tnrMNXtdfUGeFQIyRQPGBMMU0kE1pFUwoUoLYdNUIegwi6VZS91N9LjKR11gXZ4pxbvNMc7Tepw8PVMv-gkMvbuRgVyWlqVYTpCuA6HFU1Gl_9-2-b4t-3CbPPu5jq9vmq3tmAuzFnq0ugaMJUNXvQ2zMjX7HE42Mn57sHDpOnzCcojODI
linkToPdf	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1JS8NAFH4UFdGDu1itmoOedDD7ZA4iohaLUnpQKF7irCBI1TYq_jV_nW-ytCrYWw-ekwxJvm_eMm8D2HMVNb62UV2fCnRQpEt4Ij3iGzcSEU9s_5d82ARtt5Nul3Vq8FnVwti0ykom5oJaPUl7Rn6Eln2EtrLPwiNTpkV0zpsnzy_ETpCykdZqnEZBkSv98Y7u2-C4dY5Y7_t-8-Lm7JKUEwaIROplRLlKSBMGMQ-4J5jHDOWMKYMimqKpEUSGxkpKlijuhjQyjAdBHKo4Eb4RmtvDUBT_0xR9TJtO2InuhloANX_h7CUx8cKoWxbsFGV7qBRcgtqS5AYZiX8qxZGl-ys4m-u85uJ__ltLsFBa2s5psTWWoaZ7KzD_rf_iKoQ2A5EX56HE6nPl2IxZYvpaO_mMIAc_qV_Ufjg8y2xDgjW4nchrr8NU76mnN8BJhJBMcY8xwcJEUhHqQCphQ5fIbePVwatwTGXZY92O-nhMR92hLfYpYp_m2KdxHQ6GzzwXHUbG3t2oAE9LaTNIR2jX4bCizOjy36ttjl9tF2aRNel1q321BXN-TlibXdeAqaz_qrdhRr5lD4P-Tk59B-4nzZ4vPJhBVg
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Explanation-based+data-free+model+extraction+attacks&rft.jtitle=World+wide+web+%28Bussum%29&rft.au=Yan%2C+Anli&rft.au=Hou%2C+Ruitao&rft.au=Yan%2C+Hongyang&rft.au=Liu%2C+Xiaozhang&rft.date=2023-09-01&rft.pub=Springer+US&rft.issn=1386-145X&rft.eissn=1573-1413&rft.volume=26&rft.issue=5&rft.spage=3081&rft.epage=3092&rft_id=info:doi/10.1007%2Fs11280-023-01150-6&rft.externalDocID=10_1007_s11280_023_01150_6
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1386-145X&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1386-145X&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1386-145X&client=summon