摘要
Recently, model stealing attacks(模型窃取攻击) are widely studied(广泛研究) but most of them are focused on stealing a single non-discrete model(窃取单个非离散模型), e.g., neural networks(神经网络). For ensemble models(对于集成模型), these attacks are either non-executable(不可执行) or suffer from intolerant performance degradation(遭受不可容忍的性能损失) due to(由于) the complex model structure(复杂网络结构) (multiple sub-models 多个子模型) and the discreteness possessed by the sub-model(子模型拥有的离散性) (e.g., decision trees 决策树). To overcome the bottleneck(为了克服这一瓶颈), this paper proposes a divide-and-conquer strategy(分而治之的策略) called DivTheft to formulate the model stealing attack(模型窃取攻击) to common ensemble models(常见的集成模型) by combining active learning(结合主动学习) (AL). Specifically(具体来说), based on the boosting learning concept(基于增强学习的概念), we divide(划分) a hard ensemble model stealing task(硬集成模型窃取任务) into multiple sim
扫一扫
&spm=1001.2101.3001.5002&articleId=141358764&d=1&t=3&u=3e06a15056c542d4a06e9010ff8f5f0b)
169
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
