A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments

TL;DR

This survey reviews model extraction attacks and defenses across distributed computing environments, emphasizing environmental influences on security strategies and highlighting the need for integrated protective measures.

Contribution

It provides a systematic analysis of attack and defense methods in cloud, edge, and federated settings, offering insights for robust security in distributed machine learning.

Findings

Environmental factors influence attack vectors and defenses.

Current evaluation practices have limitations.

Integrated security strategies are essential across environments.

Abstract

Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data. With the increasing deployment of machine learning models in distributed computing environments, including cloud, edge, and federated learning settings, each paradigm introduces distinct vulnerabilities and challenges. Without a unified perspective on MEAs across these distributed environments, organizations risk fragmented defenses, inadequate risk assessments, and substantial economic and privacy losses. This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements. We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services. By synthesizing recent advances in MEAs research and discussing the limitations of current evaluation practices, this survey provides essential insights for developing robust and adaptive defense strategies. Our comprehensive approach highlights the importance of integrating protective measures across the entire distributed computing landscape to ensure the secure deployment of machine learning models.