SPARTA Results

The Feasibility of Deep Learning Use for Adversarial Model Extraction in the Cybersecurity Domain

Michał Choraś, Marek Pawlicki, Rafał Kozik

Machine learning algorithms found their way into a surprisingly wide range of applications, providing utility and allowing for insights gathered from data in a way never before possible. Those tools, however, have not been developed with security in mind. A deployed algorithm can meet a multitude of risks in the real world. This work explores one of those risks - the feasibility of an exploratory attack geared towards stealing an algorithm used in the cybersecurity domain. The process we have used is thoroughly explained and the results are promising.

Full paper