{"data":{"id":"8aeb8558-66e3-4830-ad2f-f06a3163d516","title":"SOOM: A Schedule-Search-Based Operator Obfuscation Method Against Model Extraction Attacks","summary":"Researchers created SOOM, a defense method that obfuscates (hides or disguises) deep learning operators to protect against model extraction attacks, where attackers reverse-engineer compiled neural network code to recreate trainable models. Built on TVM (a deep learning compiler), SOOM uses a machine learning cost model to scramble how operators work while keeping inference fast, achieving a 89% failure rate against extraction attacks with minimal performance slowdown.","solution":"The source proposes SOOM itself as the mitigation: a schedule-search-based operator obfuscation method built on TVM that constructs an obfuscation space for deep learning operators and uses a security-aware learned cost model based on XGBoost gradient boosted trees to generate obfuscated executable code for various deep learning operators, balancing security objectives with performance requirements.","labels":["security","research"],"sourceUrl":"http://ieeexplore.ieee.org/document/11557392","publishedAt":"2026-06-10T13:17:33.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["model_theft"],"issueType":"research","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TVM"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-10T13:17:33.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["integrity"],"aiComponentTargeted":"model","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":"peer_reviewed","atlasIds":null}}