The advent of on-device machine learning allows developers to deploy models on end-user devices. A trained machine learning model can be a representation of the dataset used to train the model and may carry knowledge of decision making based on training. Malicious actors can perform inference attacks to exploit open-ended, unprotected on-device machine learning models, e.g., by taking the device offline to block information from being sent to the cloud and sending several inference requests to extract the patterns of data and/or training of the machine-learning model. This disclosure describes an on-device security agent that monitors the patterns of inference requests to an on-device machine learning model and the corresponding responses provided by the model. The inference agent can implement rules or a lightweight machine learning model to analyze the inference requests to determine a risk score and can take actions to mitigate inference attacks. Further, with user permission, the inference agent can send inference data including requests received and responses provided by a model to a cloud-based security agent. The cloud-based security agent can analyze such data to generate security policies for the on-device security agent.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
S, Hari Bhaskar, "On Device Security Agent to Mitigate Inference Attacks on Machine Learning Models", Technical Disclosure Commons, (July 06, 2023)