MeaeQ: Mount Model Extraction Attacks with Efficient Queries

Chengwei Dai, Minxuan Lv, Kun Li, Wei Zhou


Abstract
We study model extraction attacks in natural language processing (NLP) where attackers aim to steal victim models by repeatedly querying the open Application Programming Interfaces (APIs). Recent works focus on limited-query budget settings and adopt random sampling or active learning-based sampling strategies on publicly available, unannotated data sources. However, these methods often result in selected queries that lack task relevance and data diversity, leading to limited success in achieving satisfactory results with low query costs. In this paper, we propose MeaeQ (Model extraction attack with efficient Queries), a straightforward yet effective method to address these issues. Specifically, we initially utilize a zero-shot sequence inference classifier, combined with API service information, to filter task-relevant data from a public text corpus instead of a problem domain-specific dataset. Furthermore, we employ a clustering-based data reduction technique to obtain representative data as queries for the attack. Extensive experiments conducted on four benchmark datasets demonstrate that MeaeQ achieves higher functional similarity to the victim model than baselines while requiring fewer queries.
Anthology ID:
2023.emnlp-main.781
Volume:
Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing
Month:
December
Year:
2023
Address:
Singapore
Editors:
Houda Bouamor, Juan Pino, Kalika Bali
Venue:
EMNLP
SIG:
Publisher:
Association for Computational Linguistics
Note:
Pages:
12671–12684
Language:
URL:
https://aclanthology.org/2023.emnlp-main.781
DOI:
10.18653/v1/2023.emnlp-main.781
Bibkey:
Cite (ACL):
Chengwei Dai, Minxuan Lv, Kun Li, and Wei Zhou. 2023. MeaeQ: Mount Model Extraction Attacks with Efficient Queries. In Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing, pages 12671–12684, Singapore. Association for Computational Linguistics.
Cite (Informal):
MeaeQ: Mount Model Extraction Attacks with Efficient Queries (Dai et al., EMNLP 2023)
Copy Citation:
PDF:
https://aclanthology.org/2023.emnlp-main.781.pdf
Video:
 https://aclanthology.org/2023.emnlp-main.781.mp4