Learning to Reverse DNNs from AI Programs Automatically
This addresses security concerns for on-device DNN deployments, though it appears incremental as it builds on existing reverse engineering techniques with a novel learning-based approach.
The paper tackles the problem of quantifying model leakage risk for on-device DNNs by proposing NNReverse, a learning-based method that automatically reverses DNNs from AI programs without domain knowledge, achieving this by training a representation model to infer layer types from binary code.
With the privatization deployment of DNNs on edge devices, the security of on-device DNNs has raised significant concern. To quantify the model leakage risk of on-device DNNs automatically, we propose NNReverse, the first learning-based method which can reverse DNNs from AI programs without domain knowledge. NNReverse trains a representation model to represent the semantics of binary code for DNN layers. By searching the most similar function in our database, NNReverse infers the layer type of a given function's binary code. To represent assembly instructions semantics precisely, NNReverse proposes a more fine-grained embedding model to represent the textual and structural-semantic of assembly functions.