Home Research Papers Datasets State of the Art Pricing

Discover, visualize, and connect AI research papers. Explore the latest trends and insights in artificial intelligence research.

Product

Home
Research Papers
About

Support

Contact
Terms of Service
Privacy Policy

© 2026 Papersgraph. All rights reserved.

methodology-3

Model extraction

3260 papers • 126 benchmarks • 313 datasets

Model extraction attacks, aka model stealing attacks, are used to extract the parameters from the target model. Ideally, the adversary will be able to steal and replicate a model that will have a very similar performance to the target model.

(Image credit: Papersgraph)

Benchmarks

These leaderboards are used to track progress in model-extraction-6

Trend

Dataset

Best Model

Actions

UML Classes With Specs

UML Classes With Specs

Libraries

i

Use these libraries to find model-extraction-6 models and implementations

dmitrykazhdan/MEME-RNN-XAI

2 papers 12

Datasets

Data Collected with Package Delivery Quadcopter Drone

Data Collected with Package Delivery Quadcopter Drone

UML Classes With Specs

UML Classes With Specs

Subtasks

No subtasks available.

Most implemented papers

Entangled Watermarks as a Defense against Model Extraction

Christopher A. Choquette-Choo, Nicolas Papernot, Hengrui Jia•Wed Feb 26 2020

Entangled Watermarking Embeddings (EWE) is introduced, which encourages the model to learn common features for classifying data that is sampled from the task distribution, but also data that encodes watermarks, which forces an adversary attempting to remove watermarks that are entangled with legitimate data to sacrifice performance on legitimate data.

274

Content

Introduction Benchmarks Datasets Subtasks Libraries Papers

0

FedRolex: Model-Heterogeneous Federated Learning with Rolling Sub-Model Extraction

Samiul Alam, Luyang Liu, Ming Yan, Mi Zhang•Fri Dec 02 2022

FedRolex is proposed, a partial training (PT)-based approach that enables model-heterogeneous FL and can train a global server model larger than the largest client model and reduces the gap between model- heterogeneous and model-homogeneous FL, especially under the large-model large-dataset regime.

208 0

Data-Free Model Extraction

Pratyush Maini, Jean-Baptiste Truong, R. Walls, Nicolas Papernot•Sun Nov 29 2020

It is found that the proposed data-free model extraction approach achieves high-accuracy with reasonable query complexity – 0.99× and 0.92× the victim model accuracy on SVHN and CIFAR- 10 datasets given 2M and 20M queries respectively.

222 0

Protecting Language Generation Models via Invisible Watermarking

Xuandong Zhao, Lei Li, Yu-Xiang Wang•Sun Feb 05 2023

GINSEW, a novel method to protect text generation models from being stolen through distillation by injecting secret signals into the probability vector of the decoding steps for each target token, is proposed.

112 0

Process Extraction from Text: Benchmarking the State of the Art and Paving the Way for Future Challenges

Patrizio Bellan, M. Dragoni, Chiara Ghidini•Wed Oct 06 2021

A quantitative comparison of the tools proposed by the papers on the unifying task of process model entity and relation extraction so as to be able to compare them directly is proposed.

10 0

Stealing Machine Learning Models via Prediction APIs

Florian Tramèr, Fan Zhang, A. Juels, M. Reiter, Thomas Ristenpart•Tue Aug 09 2016

Simple, efficient attacks are shown that extract target ML models with near-perfect fidelity for popular model classes including logistic regression, neural networks, and decision trees against the online services of BigML and Amazon Machine Learning.

2010 0

An Approach for Process Model Extraction by Multi-grained Text Classification

Chen Qian, L. Wen, Akhil Kumar, Leilei Lin, Li Lin, Zan Zong, Shuang Li, Jianmin Wang•Wed May 15 2019

This paper formalizes the PME task into the multi-grained text classification problem, and proposes a hierarchical neural network to effectively model and extract multi-Grained information without manually-defined procedural features.

53 0

DAWN: Dynamic Adversarial Watermarking of Neural Networks

Samuel Marchal, Sebastian Szyller, B. Atli, N. Asokan•Sun Jun 02 2019

DAWN (Dynamic Adversarial Watermarking of Neural Networks), the first approach to use watermarking to deter model extraction theft, is introduced and is shown to be resilient against two state-of-the-art model extraction attacks.

213 0

Thieves on Sesame Street! Model Extraction of BERT-based APIs

Kalpesh Krishna, Mohit Iyyer, Ankur P. Parikh, Gaurav Singh Tomar, Nicolas Papernot•Sat Oct 26 2019

This work highlights an exploit only made feasible by the shift towards transfer learning methods within the NLP community: for a query budget of a few hundred dollars, an attacker can extract a model that performs only slightly worse than the victim model.

233 0

Deep Neural Network Fingerprinting by Conferrable Adversarial Examples

F. Kerschbaum, Nils Lukas, Yuxuan Zhang•Sun Dec 01 2019

The fingerprint is robust against distillation, related model extraction attacks, and even transfer learning when the attacker has no access to the model provider's dataset, and is the first method that reaches an AUC of 1.0 in verifying surrogates.

172 0

Adding a benchmark result helps the community track progress.

Model extraction | State-of-the-Art