Research On Security Analysis And Reinforcement Technology Of Mobile Application Oriented Machine Learning Model

With the rapid development of mobile market and the maturity of mobile machine learning framework,more and more developers begin to add machine learning functions into mobile applications.By deploying the model on device,mobile application developers can greatly reduce the cost of maintaining server or cloud service,and users can better protect their privacy information.However,the new deployment method also introduces new security challenges besides bringing convenience to people’s life.Firstly,ML model is a kind of intellectual property of its owner.Training a machine learning model usually requires a lot of resources.If an attacker can steal the model parameters,it will undoubtedly infringe the intellectual property of the model owner.Second,machine learning models have been found vulnerable to many attacks,such as backdoor attacks.Using attacked model may pose risks to user’s safety of life and property.How to analyze the security of machine learning app and how to better protect machine learning app is an urgent problem to be solved.At present,varieties of model attack algorithms have been proposed,but many of these methods are based on white box settings where the model needs to be trainable or attacker have to know the information of training dataset.Therefore these methods are not applicable to mobile devices.In terms of model protection,most of the existing protection methods can only provide evidence of ownership after suffering losses rather than preventing the event in advance.And many methods are still not suitable for mobile scenario.In order to solve the above mentioned problems,the main work of this paper is as follows:(1)For mobile scenarios,we first propose a model information extraction framework which can automatically distinguish the use of machine learning library,extract the offline deployed model files and related invoke information.(2)Based on this framework,we further propose a security analysis framework and reinforcement framework for machine learning models in mobile applications.The security analysis framework tries to attack the target model,analyzing whether adversarial attack and backdoor attack will threat the security of the model.Then the framework calculate the security score of model according to the success rate and difficulty of the attack.(3)We purpose a security reinforcement framework that mainly defends against two types of security risks:model theft and model tampering.The main idea of it is to force the mobile application to verify the model,and provide an owner related signature information as additional input to the model when inferencing.Through reinforcement,a mutual authentication relationship between app and model is built,which can greatly increase the attack cost and improve the security of the whole application.