pith. sign in

arxiv: 2502.16065 · v1 · pith:2UM3KO2Knew · submitted 2025-02-22 · 💻 cs.CR · cs.AI· cs.LG

A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments

classification 💻 cs.CR cs.AIcs.LG
keywords distributedenvironmentslearningacrosscomputingdefensemachinemeas
0
0 comments X
read the original abstract

Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data. With the increasing deployment of machine learning models in distributed computing environments, including cloud, edge, and federated learning settings, each paradigm introduces distinct vulnerabilities and challenges. Without a unified perspective on MEAs across these distributed environments, organizations risk fragmented defenses, inadequate risk assessments, and substantial economic and privacy losses. This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements. We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services. By synthesizing recent advances in MEAs research and discussing the limitations of current evaluation practices, this survey provides essential insights for developing robust and adaptive defense strategies. Our comprehensive approach highlights the importance of integrating protective measures across the entire distributed computing landscape to ensure the secure deployment of machine learning models.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 4 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. GraphIP-Bench: How Hard Is It to Steal a Graph Neural Network, and Can We Stop It?

    cs.CR 2026-05 accept novelty 8.0

    GraphIP-Bench shows stealing GNNs is easy at moderate query budgets, most defenses fail to block or reliably trace extraction, and watermarks lose verification power on surrogates while heterophilic graphs are harder ...

  2. GraphIP-Bench: How Hard Is It to Steal a Graph Neural Network, and Can We Stop It?

    cs.CR 2026-05 unverdicted novelty 7.0

    GraphIP-Bench is a new unified benchmark showing GNN model extraction succeeds at moderate query budgets while most defenses fail to prevent it or retain verification signals on surrogates.

  3. GRADE: Graph Representation of LLM Agent Dependency and Execution

    cs.LG 2026-06 unverdicted novelty 5.0

    GRADE models any LLM agent run as a graph with execution and graded dependency edge layers to enable failure prediction and fault localization across tool, coding, and web agent corpora.

  4. A Survey on Security with Quantum Computing

    cs.CR 2026-05 unverdicted novelty 2.0

    A survey consolidating literature on quantum computing security issues, threats to existing systems, and development of quantum-resilient solutions.