Cornell Tech researchers have demonstrated the ability to remotely reverse-engineer machine-learning algorithms, essentially stealing artificial intelligence (AI) products and using them for free, by accessing an application programming interface (API).
In addition, after the algorithm has been copied, it can be coerced into producing examples of the potentially proprietary data on which it was trained.
Google, Microsoft, and Amazon permit developers to either upload their algorithms to their cloud or use the cloud firm's proprietary AI algorithms, which are both accessed via APIs. Uploading the algorithm is sensible because the data and labor is done on the cloud company's server, while making proprietary algorithms available in this way enables companies to charge for their use without making the code available.
The Cornell Tech team beat this system by making standard requests from the AI algorithm thousands of times through the API, and piecing together its function.
"In hindsight, it was just blatantly obvious," says Cornell Tech professor Thomas Ristenpart. "It's kind of a high-school level exercise."
To test their ability to recreate the stolen algorithms' training data, the researchers employed the attack on a public series of faces and were able to reconstruct all of them.
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA
No entries found