信息安全研究2025,Vol.11Issue(3):214-220,7.DOI:10.12379/j.issn.2096-1057.2025.03.03
基于图像增强的模型防窃取研究
Research on Model Anti-stealing Based on Image Augmentation
摘要
Abstract
Convolutional neural network(CNN)models have been widely used in image classification tasks and have achieved good results,but these models can also become objects of stealing.This paper proposes a novel method to avoid the stealing of CNN models in image classification tasks,addressing the issues of high dependence on algorithm detection accuracy and post intellectual property verification in existing anti-stealing measures.It utilizes image data augmentation technology to improve the robustness and generalization ability of private models,and then uses loose suspicious behavior detection rules to detect image query behavior.Suspicious query images are processed using enhanced image technology,and the processed images are input into the enhanced model for prediction.Finally,a vector composed of the predicted category confidence of the model is output to achieve input-output inequality.This process will prevent suspicious users from obtaining the model prediction information corresponding to their input images,in order to achieve the goal of model stealing prevention.This paper conducts experiments using three common image datasets and four convolutional neural network(CNN)structures,and finally finds that the method proposed in this paper can achieve the goal of model anti-stealing and ensure that private models can complete their classification tasks normally.关键词
人工智能/卷积神经网络/模型窃取/模型防窃取/图像增强Key words
artificial intelligence/CNN/model stealing/model anti-stealing/image augmentation分类
计算机与自动化引用本文复制引用
武于新,陈伟,杨文馨,张怡婷,范渊..基于图像增强的模型防窃取研究[J].信息安全研究,2025,11(3):214-220,7.基金项目
江苏省重点研发计划项目(BE2022065-5) (BE2022065-5)
国家重点研发计划项目(2019YFB2101704) (2019YFB2101704)
江苏省网络与信息安全重点实验室项目(BM2003201) (BM2003201)
