How to reverse engineer AI models: a study on Google Photos(skyld.io)
10 pointsby superkitten10 hours ago5 comments
  • 10 hours ago
    undefined
  • msabt10 hours ago
    That is both fascinating and scaring! No need for expensive NVIDIA chips to train AI models. Just steal the best models around.
    • superkitten10 hours ago
      Well, ofc this is illegal except for reseach purposes. Our goal was to showcase the inefficiency of classical software protection for protecting AI model against extraction. But yes, this is kind of scary to see how easy it is to steal someone else' IP
  • 10 hours ago
    undefined
  • Person-new10 hours ago
    Impressive! The fact that models can be stolen even if they are encrypted raises questions about how to protect them.
    • superkitten10 hours ago
      Yes indeed, the specifities of AI deployment make models very hard to protect! you can check our work at Skyld if you are interested in this topic.
  • CaptainCyber10 hours ago
    That's interesting, it's crazy that strong encryption algorithms like AES do not prevent such theft !
    • superkitten10 hours ago
      Yup, encryption protects at rest but not during runtime.