【数据科学名家讲坛】Extracting Large Machine Learning Models: Theory and Practice
2025-11-28 数据科学名家讲坛
SDS Colloquium Series | |
| Topic | Extracting Large Machine Learning Models: Theory and Practice |
| Speaker | Haibo HU, Professor and Associate Head, Department of Electrical and Electronic Engineering, The Hong Kong Polytechnic University |
| Host | Chenhao MA, Assistant Professor, School of Data Science, CUHK-Shenzhen |
| Date | 28 November (Friday), 2025 |
| Time | 4:00 PM - 5:00 PM, Beijing Time |
| Format | Hybrid |
| Venue | Room 103, Dao Yuan Building |
| Zoom Link | https://cuhk-edu-cn.zoom.us/j/96597538064?pwd=UA4JzmOQBFGpPQOr2xaSaaTNPZ5x1p.1 Meeting ID: 965 9753 8064, Password: 154080 |
| Language | English |
Abstract | |
| Recent advancements in machine learning, particularly large language models (LLMs), have revolutionized numerous domains. However, machine learning systems may suffer from model privacy threats known as model extraction (ME) attacks, where an attacker aims to copy the victim model by submitting crafted queries and then using the query-output pairs to train a surrogate model that can emulate the behavior of the victim model. Based on the extracted surrogate model, the adversary can conduct downstream attacks, such as generating adversarial examples. In this talk, I will first give an introduction to model extraction attacks. Then I will present several recent works on the theory and practice of ME attacks and defense schemes, especially for large machine learning models. Finally, I will show some open challenges in this field. | |
Biography | |
| Dr. Haibo Hu is a professor and associate head with the Department of Electrical and Electronic Engineering, The Hong Kong Polytechnic University. His research interests include cybersecurity, data privacy, and adversarial machine learning. He has published over 200 research papers in refereed journals, international conferences, and book chapters, and is granted 6 US patents and 4 China/HK patents. He is a co-programme chair of many international conferences, such as DSPP 2025, EAI SPNCE 2023, and ChinaPrivacy 2023, and is an area/track chair or senior PC member of international conferences such as AAAI 2026. He currently serves as the associate editors of IEEE TKDE, TIFS, and ACM TOPS. He is the recipient of a number of titles and awards, including IWAIT 2021 Best Paper Award, IEEE MDM 2019 Best Paper Award, WAIM Distinguished Young Lecturer, ACM-HK Best PhD Paper, Microsoft Imagine Cup, and GS1 Internet of Things Award. He is a senior member of ACM, IEEE and CCF, and a certified Cisco CCNA Security Trainer. | |
