Teacher Model Fingerprinting Attacks Against Transfer Learning. (arXiv:2106.12478v2 [cs.CR] UPDATED)

Transfer learning has become a common solution to address training data
scarcity in practice. It trains a specified student model by reusing or
fine-tuning early layers of a well-trained teacher model that is usually
publicly available. However, besides utility improvement, the transferred
public knowledge also brings potential threats to model confidentiality, and
even further raises other security and privacy issues.

In this paper, we present the first comprehensive investigation of the
teacher model exposure threat in the transfer learning context, …

attacks fingerprinting