DeMistify : Identifying On-device Machine Learning Models Stealing and Reuse Vulnerabilities in Mobile Apps
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review
Author(s)
Related Research Unit(s)
Detail(s)
Original language | English |
---|---|
Title of host publication | ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering |
Publisher | Association for Computing Machinery |
ISBN (electronic) | 9798400702174 |
Publication status | Published - Feb 2024 |
Publication series
Name | Proceedings - International Conference on Software Engineering |
---|---|
ISSN (Print) | 0270-5257 |
Conference
Title | 46th IEEE/ACM International Conference on Software Engineering (ICSE 2024) |
---|---|
Location | Centro Cultural de Belém |
Place | Portugal |
City | Lisbon |
Period | 14 - 20 April 2024 |
Link(s)
Abstract
Mobile apps have become popular for providing artificial intelligence (AI) services via on-device machine learning (ML) techniques. Unlike accomplishing these AI services on remote servers traditionally, these on-device techniques process sensitive information required by AI services locally, which can mitigate the severe concerns of the sensitive data collection on the remote side. However, these on-device techniques have to push the core of ML expertise (e.g., models) to smartphones locally, which are still subject to similar vulnerabilities on the remote clouds and servers, especially when facing the model stealing attack. To defend against these attacks, developers have taken various protective measures. Unfortunately, we have found that these protections are still insufficient, and on-device ML models in mobile apps could be extracted and reused without limitation. To better demonstrate its inadequate protection and the feasibility of this attack, this paper presents DeMistify, which statically locates ML models within an app, slices relevant execution components, and finally generates scripts automatically to instrument mobile apps to successfully steal and reuse target ML models freely. To evaluate DeMistify and demonstrate its applicability, we apply it on 1,511 top mobile apps using on-device ML expertise for several ML services based on their install numbers from Google Play and DeMistify can successfully execute 1250 of them (82.73%). In addition, an in-depth study is conducted to understand the on-device ML ecosystem in the mobile application. © 2024 IEEE Computer Society. All rights reserved.
Research Area(s)
- Android App, Machine Learning, On-device Model Reuse, Program Analysis
Citation Format(s)
DeMistify: Identifying On-device Machine Learning Models Stealing and Reuse Vulnerabilities in Mobile Apps. / Ren, Pengcheng; Zuo, Chaoshun; Liu, Xiaofeng et al.
ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. Association for Computing Machinery, 2024. 41 (Proceedings - International Conference on Software Engineering).
ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. Association for Computing Machinery, 2024. 41 (Proceedings - International Conference on Software Engineering).
Research output: Chapters, Conference Papers, Creative and Literary Works › RGC 32 - Refereed conference paper (with host publication) › peer-review