Stealing Machine Learning Models via Prediction APIs FlorianTramèr1, Fan Zhang2,Ari Juels3,Michael Reiter4,Thomas Ristenpart3 1EPFL, 2Cornell, 3CornellTech, 4UNC http://silver.web.unc.edu Cloud Security Horizons Summit, March 2016 Goals Approach cont. Results Approach § Machine learning models may be deemed confidential due to § Sensitive training data § Commercial value § Use in security applicat