TY - GEN
T1 - IPES
T2 - 2023 IEEE Congress on Cybermatics: 16th IEEE International Conferences on Internet of Things, iThings 2023, 19th IEEE International Conference on Green Computing and Communications, GreenCom 2023, 16th IEEE International Conference on Cyber, Physical and Social Computing, CPSCom 2023 and 9th IEEE International Conference on Smart Data, SmartData 2023
AU - Zhang, Chuan
AU - Li, Zhuopeng
AU - Liang, Haotian
AU - Liang, Jinwen
AU - Liu, Ximeng
AU - Zhu, Liehuang
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Recent studies have shed light on security vulnerabilities in Encoder-as-a-Service (EaaS) systems that enable the theft of valuable encoder attributes such as functionality. However, many of these attacks often either simply used the data augmentation method, or solely explored the idea of contrastive learning to improve the performance, lacking analysis and a combination of both two aspects. Furthermore, they also ignored the potential of harnessing the inner characteristics of the encoder, specifically its robustness. Thus, we introduce Improved Pretrained Encoder Stealing (IPES), a novel approach that capitalizes on augmented and perturbed samples to enhance the surrogate encoder's ability to replicate the aim encoder. Additionally, we place emphasis on optimizing the query budget by leveraging the inherent robustness of well-trained encoders. By combining the idea of contrastive learning and the inherent robustness of the encoder, IPES improves the performance by more than 14% in downstream accuracy compared to conventional methods.
AB - Recent studies have shed light on security vulnerabilities in Encoder-as-a-Service (EaaS) systems that enable the theft of valuable encoder attributes such as functionality. However, many of these attacks often either simply used the data augmentation method, or solely explored the idea of contrastive learning to improve the performance, lacking analysis and a combination of both two aspects. Furthermore, they also ignored the potential of harnessing the inner characteristics of the encoder, specifically its robustness. Thus, we introduce Improved Pretrained Encoder Stealing (IPES), a novel approach that capitalizes on augmented and perturbed samples to enhance the surrogate encoder's ability to replicate the aim encoder. Additionally, we place emphasis on optimizing the query budget by leveraging the inherent robustness of well-trained encoders. By combining the idea of contrastive learning and the inherent robustness of the encoder, IPES improves the performance by more than 14% in downstream accuracy compared to conventional methods.
UR - http://www.scopus.com/inward/record.url?scp=85192861751&partnerID=8YFLogxK
U2 - 10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics60724.2023.00078
DO - 10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics60724.2023.00078
M3 - Conference contribution
AN - SCOPUS:85192861751
T3 - Proceedings - IEEE Congress on Cybermatics: 2023 IEEE International Conferences on Internet of Things, iThings 2023, IEEE Green Computing and Communications, GreenCom 2023, IEEE Cyber, Physical and Social Computing, CPSCom 2023 and IEEE Smart Data, SmartData 2023
SP - 354
EP - 361
BT - Proceedings - IEEE Congress on Cybermatics
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 17 December 2023 through 21 December 2023
ER -
