Skip to main content

Rethink before Releasing Your Model: ML Model Extraction Attack in EDA

Publication ,  Conference
Chang, CC; Pan, J; Xie, Z; Hu, J; Chen, Y
Published in: Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC
January 16, 2023

Machine learning (ML)-based techniques for electronic design automation (EDA) have boosted the performance of modern integrated circuits (ICs). Such achievement makes ML model to be of importance for the EDA industry. In addition, ML models for EDA are widely considered having high development cost because of the time-consuming and complicated training data generation process. Thus, confidentiality protection for EDA models is a critical issue. However, an adversary could apply model extraction attacks to steal the model in the sense of achieving the comparable performance to the victim's model. As model extraction attacks have posed great threats to other application domains, e.g., computer vision and natural language process, in this paper, we study model extraction attacks for EDA models under two real-world scenarios. It is the first work that (1) introduces model extraction attacks on EDA models and (2) proposes two attack methods against the unlimited and limited query budget scenarios. Our results show that our approach can achieve competitive performance with the well-trained victim model without any performance degradation. Based on the results, we demonstrate that model extraction attacks truly threaten the EDA model privacy and hope to raise concerns about ML security issues in EDA.

Duke Scholars

Altmetric Attention Stats
Dimensions Citation Stats

Published In

Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC

DOI

Publication Date

January 16, 2023

Start / End Page

252 / 257
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Chang, C. C., Pan, J., Xie, Z., Hu, J., & Chen, Y. (2023). Rethink before Releasing Your Model: ML Model Extraction Attack in EDA. In Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC (pp. 252–257). https://doi.org/10.1145/3566097.3567896
Chang, C. C., J. Pan, Z. Xie, J. Hu, and Y. Chen. “Rethink before Releasing Your Model: ML Model Extraction Attack in EDA.” In Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC, 252–57, 2023. https://doi.org/10.1145/3566097.3567896.
Chang CC, Pan J, Xie Z, Hu J, Chen Y. Rethink before Releasing Your Model: ML Model Extraction Attack in EDA. In: Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC. 2023. p. 252–7.
Chang, C. C., et al. “Rethink before Releasing Your Model: ML Model Extraction Attack in EDA.” Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC, 2023, pp. 252–57. Scopus, doi:10.1145/3566097.3567896.
Chang CC, Pan J, Xie Z, Hu J, Chen Y. Rethink before Releasing Your Model: ML Model Extraction Attack in EDA. Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC. 2023. p. 252–257.

Published In

Proceedings of the Asia and South Pacific Design Automation Conference, ASP-DAC

DOI

Publication Date

January 16, 2023

Start / End Page

252 / 257