Forensicability of Deep Neural Network Inference Pipelines
This addresses a forensic application for machine learning practitioners, but it appears incremental as it builds on existing methods for numerical analysis.
The paper tackled the problem of identifying the hardware platform used for deep neural network predictions by tracing numerical deviations in outputs, achieving proof-of-concept results through experiments on local and cloud-hosted machines.
We propose methods to infer properties of the execution environment of machine learning pipelines by tracing characteristic numerical deviations in observable outputs. Results from a series of proof-of-concept experiments obtained on local and cloud-hosted machines give rise to possible forensic applications, such as the identification of the hardware platform used to produce deep neural network predictions. Finally, we introduce boundary samples that amplify the numerical deviations in order to distinguish machines by their predicted label only.