Black Box to White Box: Discover Model Characteristics Based on Strategic Probing
Title | Black Box to White Box: Discover Model Characteristics Based on Strategic Probing |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Kalin, J., Ciolino, M., Noever, D., Dozier, G. |
Conference Name | 2020 Third International Conference on Artificial Intelligence for Industries (AI4I) |
Keywords | adversarial attacks, architecture attribution, Black Box Attacks, black box encryption, composability, deep classifier, GPT-2, image based classifiers, image classification, Industries, learning (artificial intelligence), Libraries, machine learning, Metrics, model characteristics, Probes, pubcrawl, resilience, Resiliency, security, security of data, strategic probing, text analysis, text generation, text transformer, Training, Training data, Tuning, white box, white box adversarial attacks, White Box Security |
Abstract | In Machine Learning, White Box Adversarial Attacks rely on knowing underlying knowledge about the model attributes. This works focuses on discovering to distrinct pieces of model information: the underlying architecture and primary training dataset. With the process in this paper, a structured set of input probes and the output of the model become the training data for a deep classifier. Two subdomains in Machine Learning are explored - image based classifiers and text transformers with GPT-2. With image classification, the focus is on exploring commonly deployed architectures and datasets available in popular public libraries. Using a single transformer architecture with multiple levels of parameters, text generation is explored by fine tuning off different datasets. Each dataset explored in image and text are distinguishable from one another. Diversity in text transformer outputs implies further research is needed to successfully classify architecture attribution in text domain. |
DOI | 10.1109/AI4I49448.2020.00020 |
Citation Key | kalin_black_2020 |
- tuning
- White Box Security
- Libraries
- machine learning
- model characteristics
- Probes
- pubcrawl
- resilience
- security
- security of data
- strategic probing
- text analysis
- text generation
- text transformer
- Training
- Training data
- learning (artificial intelligence)
- white box
- white box adversarial attacks
- Black Box Attacks
- composability
- Metrics
- Resiliency
- adversarial attacks
- architecture attribution
- black box encryption
- deep classifier
- GPT-2
- image based classifiers
- image classification
- Industries