Communications of the ACM
Stealing an AI Algorithm and Its nderlying Data Is a 'high-School Level Exercise'
Researchers at Cornell Tech have developed a way to reverse-engineer machine-learning algorithms by using an application programming interface.
Credit: agsandrew/Shutterstock.com
Cornell Tech researchers have demonstrated the ability to remotely reverse-engineer machine-learning algorithms, essentially stealing artificial intelligence (AI) products and using them for free, by accessing an application programming interface (API).
In addition, after the algorithm has been copied, it can be coerced into producing examples of the potentially proprietary data on which it was trained.
Google, Microsoft, and Amazon permit developers to either upload their algorithms to their cloud or use the cloud firm's proprietary AI algorithms, which are both accessed via APIs. Uploading the algorithm is sensible because the data and labor is done on the cloud company's server, while making proprietary algorithms available in this way enables companies to charge for their use without making the code available.
The Cornell Tech team beat this system by making standard requests from the AI algorithm thousands of times through the API, and piecing together its function.
"In hindsight, it was just blatantly obvious," says Cornell Tech professor Thomas Ristenpart. "It's kind of a high-school level exercise."
To test their ability to recreate the stolen algorithms' training data, the researchers employed the attack on a public series of faces and were able to reconstruct all of them.
From NextGov.com
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA
No entries found