Learning to Reverse DNNs from AI Programs Automatically


With the privatization deployment of DNNs on edge devices, the security of on-device DNNs has raised great concern. To quantify model leakage risk of on-device DNNs automatically, we propose NNReverse, the first learning-based method which can reverse DNNs from AI programs without domain knowledge. NNReverse trains a representation model to represent the semantic of binary codes for DNN layers. By searching the most similar function in our database, NNReverse infers the layer type of a given functions’ binary codes. To represent assembly instructions semantic precisely, NNReverse propose a more finegrained embedding model to represent the textual and structural semantic of assembly functions. We evaluate NNReverse on ten different DNNs with different layers and parameter numbers, the results show NNReverse reverse the DNNs without accuracy loss.

In The 31st International Joint Conference on Artificial Intelligence.