密码学报(中英文)2025,Vol.12Issue(3):679-695,17.DOI:10.13868/j.cnki.jcr.000788
基于差分密码分析的全连接神经网络模型萃取
Model Extraction of Full Connected Neural Network Based on Differential Cryptanalysis
摘要
Abstract
In recent years,model extraction has emerged as a key research direction in the field of deep learning.It aims to extract crucial model parameters from trained neural network models,including connection weights and biases.This technique holds significant theoretical and practical value for gaining a deeper understanding of the network's internal mechanisms,optimizing model structures,and enhancing model transparency.Nevertheless,current model extraction techniques are primarily limited to networks using the ReLU activation function.Given the higher degree of nonlinearity in more complex networks,the difficulty of model extraction significantly increases,and studies on more complex structures and types of activation functions remain scarce.In response to this,the present study draws on the concept of chosen-plaintext attacks in cryptography,proposing a parameter extraction method for single-hidden-layer Leaky ReLU and Parametric ReLU fully connected neural networks.It elaborately describes how to accurately extract network parameters,including those of activation functions,only through network access.Moreover,through empirical analysis conducted on networks trained on the MNIST dataset and experiments on the simplified version of neural differential distinguisher in cryptography,this study verifies the effectiveness of the proposed framework.This research offers a new perspective for interpretative research and optimization practices in deep learning.关键词
全连接神经网络/模型萃取/差分密码分析/激活函数Key words
full connected neural network/model extraction/differential cryptanalysis/activation function分类
信息技术与安全科学引用本文复制引用
熊黎依,刘阳,陆金玉,刘国强,孙兵..基于差分密码分析的全连接神经网络模型萃取[J].密码学报(中英文),2025,12(3):679-695,17.基金项目
国家自然科学基金联合基金重点项目(U2336209) (U2336209)
湖南省研究生科研创新项目(CX20230002,XJJC2024077)Key Program of Joint Fund of National Natural Science Foundation of China(U2336209) (CX20230002,XJJC2024077)
Postgraduate Scientific Research Innovation Project of Hunan Province(CX20230002,XJJC2024077) (CX20230002,XJJC2024077)
