Abstract
The collection and availability of big data, combined with advances in pre-trained models (e.g. BERT), have revolutionized the predictive performance of natural language processing tasks. This allows corporations to provide machine learning as a service (MLaaS) by encapsulating fine-tuned BERT-based models as APIs. Due to significant commercial interest, there has been a surge of attempts to steal remote services via model extraction. Although previous works have made progress in defending against model extraction attacks, there has been little discussion on their performance in preventing privacy leakage. This work bridges this gap by launching an attribute inference attack against the extracted BERT model. Our extensive experiments reveal that model extraction can cause severe privacy leakage even when victim models are facilitated with state-of-the-art defensive strategies.- Anthology ID:
- 2022.emnlp-main.99
- Volume:
- Proceedings of the 2022 Conference on Empirical Methods in Natural Language Processing
- Month:
- December
- Year:
- 2022
- Address:
- Abu Dhabi, United Arab Emirates
- Venue:
- EMNLP
- SIG:
- Publisher:
- Association for Computational Linguistics
- Note:
- Pages:
- 1530–1537
- Language:
- URL:
- https://aclanthology.org/2022.emnlp-main.99
- DOI:
- Cite (ACL):
- Xuanli He, Lingjuan Lyu, Chen Chen, and Qiongkai Xu. 2022. Extracted BERT Model Leaks More Information than You Think!. In Proceedings of the 2022 Conference on Empirical Methods in Natural Language Processing, pages 1530–1537, Abu Dhabi, United Arab Emirates. Association for Computational Linguistics.
- Cite (Informal):
- Extracted BERT Model Leaks More Information than You Think! (He et al., EMNLP 2022)
- PDF:
- https://preview.aclanthology.org/starsem-semeval-split/2022.emnlp-main.99.pdf