How to reverse engineer AI models: a study on Google Photos(skyld.io)
10 pointsby superkitten9 months ago5 comments
  • 9 months ago
    undefined
  • msabt9 months ago
    That is both fascinating and scaring! No need for expensive NVIDIA chips to train AI models. Just steal the best models around.
    • superkitten9 months ago
      Well, ofc this is illegal except for reseach purposes. Our goal was to showcase the inefficiency of classical software protection for protecting AI model against extraction. But yes, this is kind of scary to see how easy it is to steal someone else' IP
  • 9 months ago
    undefined
  • Person-new9 months ago
    Impressive! The fact that models can be stolen even if they are encrypted raises questions about how to protect them.
    • superkitten9 months ago
      Yes indeed, the specifities of AI deployment make models very hard to protect! you can check our work at Skyld if you are interested in this topic.
  • CaptainCyber9 months ago
    That's interesting, it's crazy that strong encryption algorithms like AES do not prevent such theft !
    • superkitten9 months ago
      Yup, encryption protects at rest but not during runtime.