A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments
It addresses the urgent need for unified defenses against MEAs to prevent economic and privacy losses in critical sectors such as autonomous vehicles, healthcare, and financial services, but is incremental as it synthesizes existing research.
This survey tackles the problem of Model Extraction Attacks (MEAs) in distributed computing environments like cloud, edge, and federated learning, by systematically examining attack methodologies and defense mechanisms to provide insights for developing robust security strategies.
Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data. With the increasing deployment of machine learning models in distributed computing environments, including cloud, edge, and federated learning settings, each paradigm introduces distinct vulnerabilities and challenges. Without a unified perspective on MEAs across these distributed environments, organizations risk fragmented defenses, inadequate risk assessments, and substantial economic and privacy losses. This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements. We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services. By synthesizing recent advances in MEAs research and discussing the limitations of current evaluation practices, this survey provides essential insights for developing robust and adaptive defense strategies. Our comprehensive approach highlights the importance of integrating protective measures across the entire distributed computing landscape to ensure the secure deployment of machine learning models.