Deep learning has shown its power in many applications, including object
detection in images, natural-language understanding, and speech recognition. To
make it more accessible to end users, many deep learning models are now
embedded in mobile apps. Compared to offloading deep learning from smartphones
to the cloud, performing machine learning on-device can help improve latency,
connectivity, and power consumption. However, most deep learning models within
Android apps can easily be obtained via mature reverse engineering, while the
models’ exposure may invite adversarial attacks. In this study, we propose a
simple but effective approach to hacking deep learning models using adversarial
attacks by identifying highly similar pre-trained models from TensorFlow Hub.
All 10 real-world Android apps in the experiment are successfully attacked by
our approach. Apart from the feasibility of the model attack, we also carry out
an empirical study that investigates the characteristics of deep learning
models used by hundreds of Android apps on Google Play. The results show that
many of them are similar to each other and widely use fine-tuning techniques to
pre-trained models on the Internet.

Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Huang_Y/0/1/0/all/0/1">Yujin Huang</a>, <a href="http://arxiv.org/find/cs/1/au:+Hu_H/0/1/0/all/0/1">Han Hu</a>, <a href="http://arxiv.org/find/cs/1/au:+Chen_C/0/1/0/all/0/1">Chunyang Chen</a>

By admin