Model extraction

Model extraction attacks, aka model stealing attacks, are used to extract the parameters from the target model. Ideally, the adversary will be able to steal and replicate a model that will have a very similar performance to the target model.

Papers

Recently Added Most Hyped Most Active Needs Verification Most Verified

Showing 51–100 of 176 papers

Title	Date	Tasks	Status	Score
Marich: A Query-efficient Distributionally Equivalent Model Extraction Attack using Public Data	Feb 16, 2023	Model extraction	CodeCode Available	5
Process Extraction from Text: Benchmarking the State of the Art and Paving the Way for Future Challenges	Oct 7, 2021	BenchmarkingModel extraction	CodeCode Available	5
Protecting Intellectual Property of Language Generation APIs with Lexical Watermark	Dec 5, 2021	Document SummarizationImage Captioning	CodeCode Available	5
MeaeQ: Mount Model Extraction Attacks with Efficient Queries	Oct 21, 2023	Active LearningDiversity	CodeCode Available	5
FLuID: Mitigating Stragglers in Federated Learning using Invariant Dropout	Jul 5, 2023	Federated LearningModel extraction	CodeCode Available	5
Safe and Robust Watermark Injection with a Single OoD Image	Sep 4, 2023	Model extraction	CodeCode Available	5
SAME: Sample Reconstruction against Model Extraction Attacks	Dec 17, 2023	modelModel extraction	CodeCode Available	5
Fraternal Twins: Unifying Attacks on Machine Learning and Digital Watermarking	Mar 16, 2017	Autonomous DrivingBIG-bench Machine Learning	—Unverified	0
GENIE: Watermarking Graph Neural Networks for Link Prediction	Jun 7, 2024	Backdoor AttackDrug Discovery	—Unverified	0
Good Artists Copy, Great Artists Steal: Model Extraction Attacks Against Image Translation Models	Apr 26, 2021	Generative Adversarial Networkimage-classification	—Unverified	0
Grey-box Extraction of Natural Language Models	Jan 1, 2021	Model extraction	—Unverified	0
GrOVe: Ownership Verification of Graph Neural Networks using Embeddings	Apr 17, 2023	Model extraction	—Unverified	0
HODA: Hardness-Oriented Detection of Model Extraction Attacks	Jun 21, 2021	modelModel extraction	—Unverified	0
High Accuracy and High Fidelity Extraction of Neural Networks	Sep 3, 2019	Model extractionVocal Bursts Intensity Prediction	—Unverified	0
HODA: Protecting DNNs Against Model Extraction Attacks via Hardness of Samples	Sep 29, 2021	Model extraction	—Unverified	0
HoneypotNet: Backdoor Attacks Against Model Extraction	Jan 2, 2025	Backdoor Attackmodel	—Unverified	0
Increasing the Cost of Model Extraction with Calibrated Proof of Work	Jan 23, 2022	BIG-bench Machine LearningModel extraction	—Unverified	0
Interpretability via Model Extraction	Jun 29, 2017	BIG-bench Machine Learningmodel	—Unverified	0
Interpreting Blackbox Models via Model Extraction	May 23, 2017	modelModel extraction	—Unverified	0
Killing One Bird with Two Stones: Model Extraction and Attribute Inference Attacks against BERT-based APIs	May 23, 2021	AttributeInference Attack	—Unverified	0
Noisy Data Meets Privacy: Training Local Models with Post-Processed Remote Queries	May 25, 2024	Knowledge DistillationModel extraction	—Unverified	0
Learnable Linguistic Watermarks for Tracing Model Extraction Attacks on Large Language Models	Apr 28, 2024	Model extraction	—Unverified	0
Leveraging Extracted Model Adversaries for Improved Black Box Attacks	Oct 30, 2020	Model extractionQuestion Answering	—Unverified	0
Like an Open Book? Read Neural Network Architecture with Simple Power Analysis on 32-bit Microcontrollers	Nov 2, 2023	Model extraction	—Unverified	0
MaskedNet: The First Hardware Inference Engine Aiming Power Side-Channel Protection	Oct 29, 2019	BIG-bench Machine LearningModel extraction	—Unverified	0
MEAOD: Model Extraction Attack against Object Detectors	Dec 22, 2023	Active Learningmodel	—Unverified	0
MEGEX: Data-Free Model Extraction Attack against Gradient-Based Explainable AI	Jul 19, 2021	Explainable artificial intelligenceModel extraction	—Unverified	0
Mercury: An Automated Remote Side-channel Attack to Nvidia Deep Learning Accelerator	Aug 2, 2023	Model extraction	—Unverified	0
Mitigating Query-Flooding Parameter Duplication Attack on Regression Models with High-Dimensional Gaussian Mechanism	Feb 6, 2020	Model extractionregression	—Unverified	0
Model Extraction and Adversarial Attacks on Neural Networks using Switching Power Information	Jun 15, 2021	Model extraction	—Unverified	0
Model Extraction and Defenses on Generative Adversarial Networks	Jan 6, 2021	modelModel extraction	—Unverified	0
Model Extraction Attack against Self-supervised Speech Models	Nov 29, 2022	modelModel extraction	—Unverified	0
Model Extraction Attacks Against Reinforcement Learning Based Controllers	Apr 25, 2023	modelModel extraction	—Unverified	0
Model Extraction Attacks against Recurrent Neural Networks	Feb 1, 2020	modelModel extraction	—Unverified	0
Model Extraction Attacks on Split Federated Learning	Mar 13, 2023	BlockingFederated Learning	—Unverified	0
Model Extraction Attacks Revisited	Dec 8, 2023	modelModel extraction	—Unverified	0
Model Extraction Warning in MLaaS Paradigm	Nov 20, 2017	Adversarial AttackBIG-bench Machine Learning	—Unverified	0
Monitoring-based Differential Privacy Mechanism Against Query-Flooding Parameter Duplication Attack	Nov 1, 2020	Model extraction	—Unverified	0
NASPY: Automated Extraction of Automated Machine Learning Models	Sep 29, 2021	BIG-bench Machine LearningModel extraction	—Unverified	0
NaturalFinger: Generating Natural Fingerprint with Generative Adversarial Networks	May 29, 2023	Model extraction	—Unverified	0
Navigating the Deep: Signature Extraction on Deep Neural Networks	Jun 20, 2025	CryptanalysisModel extraction	—Unverified	0
On the amplification of security and privacy risks by post-hoc explanations in machine learning models	Jun 28, 2022	Model extraction	—Unverified	0
On the interplay of Explainability, Privacy and Predictive Performance with Explanation-assisted Model Extraction	May 13, 2025	counterfactualModel extraction	—Unverified	0
Ownership Protection of Generative Adversarial Networks	Jun 8, 2023	Image GenerationModel extraction	—Unverified	0
Pareto-Secure Machine Learning (PSML): Fingerprinting and Securing Inference Serving Systems	Jul 3, 2023	Model extraction	—Unverified	0
Power-Based Attacks on Spatial DNN Accelerators	Aug 28, 2021	Model extraction	—Unverified	0
Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices	Mar 5, 2024	Model extraction	—Unverified	0
Privacy Implications of Explainable AI in Data-Driven Systems	Jun 22, 2024	counterfactualDecision Making	—Unverified	0
ProDiF: Protecting Domain-Invariant Features to Secure Pre-Trained Models Against Extraction	Mar 17, 2025	Model extraction	—Unverified	0
Protecting Copyright of Medical Pre-trained Language Models: Training-Free Backdoor Model Watermarking	Sep 14, 2024	Model extractionWord Embeddings	—Unverified	0

Show:10 25 50

← PrevPage 2 of 4Next →

Benchmark Results

#	Model	Metric	Claimed	Verified	Status
1	three-step-original	Exact Match	0.17	—	Unverified