{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,27]],"date-time":"2025-08-27T15:47:02Z","timestamp":1756309622225,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":29,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819605668"},{"type":"electronic","value":"9789819605675"}],"license":[{"start":{"date-parts":[[2024,12,3]],"date-time":"2024-12-03T00:00:00Z","timestamp":1733184000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,3]],"date-time":"2024-12-03T00:00:00Z","timestamp":1733184000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-0567-5_23","type":"book-chapter","created":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T08:36:15Z","timestamp":1733128575000},"page":"317-332","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Model Extraction Attacks on\u00a0Privacy-Preserving Deep Learning Based Medical Services"],"prefix":"10.1007","author":[{"given":"Xinqian","family":"Wang","sequence":"first","affiliation":[]},{"given":"Xiaoning","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Xun","family":"Yi","sequence":"additional","affiliation":[]},{"given":"Xuechao","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Iqbal","family":"Gondal","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,12,3]]},"reference":[{"key":"23_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"420","DOI":"10.1007\/3-540-46766-1_34","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201991","author":"D Beaver","year":"1992","unstructured":"Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420\u2013432. Springer, Heidelberg (1992). https:\/\/doi.org\/10.1007\/3-540-46766-1_34"},{"key":"23_CR2","doi-asserted-by":"crossref","unstructured":"Br\u00fcggemann, A., Schick, O., Schneider, T., Suresh, A., Yalame, H.: Don\u2019t eject the impostor: fast three-party computation with a known cheater. In: 2024 IEEE Symposium on Security and Privacy (SP), pp. 164\u2013164. IEEE Computer Society (2024)","DOI":"10.1109\/SP54263.2024.00164"},{"key":"23_CR3","unstructured":"Cardoso, M.J., et\u00a0al.: Monai: an open-source framework for deep learning in healthcare. arXiv preprint arXiv:2211.02701 (2022)"},{"key":"23_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/978-3-030-56877-1_7","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"N Carlini","year":"2020","unstructured":"Carlini, N., Jagielski, M., Mironov, I.: Cryptanalytic extraction of neural\u00a0network models. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 189\u2013218. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56877-1_7"},{"key":"23_CR5","unstructured":"Chandran, N., Gupta, D., Obbattu, S.L.B., Shah, A.: $$\\{$$SIMC$$\\}$$:$$\\{$$ML$$\\}$$ inference secure against malicious clients at $$\\{$$Semi-Honest$$\\}$$ cost. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 1361\u20131378 (2022)"},{"key":"23_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"769","DOI":"10.1007\/978-3-319-96881-0_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"R Cramer","year":"2018","unstructured":"Cramer, R., Damg\u00e5rd, I., Escudero, D., Scholl, P., Xing, C.: SPD$$\\mathbb{Z}_{2^k}$$: efficient MPC mod $$2^k$$ for dishonest majority. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 769\u2013798. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96881-0_26"},{"key":"23_CR7","doi-asserted-by":"crossref","unstructured":"Evans, D., Kolesnikov, V., Rosulek, M., et\u00a0al.: A pragmatic introduction to secure multi-party computation. Found. Trends\u00ae Priv. Secur. 2(2-3), 70\u2013246 (2018)","DOI":"10.1561\/3300000019"},{"key":"23_CR8","doi-asserted-by":"crossref","unstructured":"He, K., Zhang, X., Ren, S., Sun, J.: Deep residual learning for image recognition. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 770\u2013778 (2016)","DOI":"10.1109\/CVPR.2016.90"},{"key":"23_CR9","doi-asserted-by":"crossref","unstructured":"Hussain, S.U., Javaheripi, M., Samragh, M., Koushanfar, F.: Coinn: crypto\/ml codesign for oblivious inference via neural networks. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 3266\u20133281 (2021)","DOI":"10.1145\/3460120.3484797"},{"key":"23_CR10","unstructured":"Jagielski, M., Carlini, N., Berthelot, D., Kurakin, A., Papernot, N.: High accuracy and high fidelity extraction of neural networks. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 1345\u20131362 (2020)"},{"key":"23_CR11","doi-asserted-by":"crossref","unstructured":"Jayaraman, B., Evans, D.: Are attribute inference attacks just imputation? In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 1569\u20131582 (2022)","DOI":"10.1145\/3548606.3560663"},{"issue":"6","key":"23_CR12","doi-asserted-by":"publisher","first-page":"473","DOI":"10.1038\/s42256-021-00337-8","volume":"3","author":"G Kaissis","year":"2021","unstructured":"Kaissis, G., et al.: End-to-end privacy preserving deep learning on multi-institutional medical imaging. Nat. Mach. Intell. 3(6), 473\u2013484 (2021)","journal-title":"Nat. Mach. Intell."},{"key":"23_CR13","doi-asserted-by":"crossref","unstructured":"Keller, M.: Mp-spdz: a versatile framework for multi-party computation. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1575\u20131590 (2020)","DOI":"10.1145\/3372297.3417872"},{"issue":"11","key":"23_CR14","doi-asserted-by":"publisher","first-page":"2278","DOI":"10.1109\/5.726791","volume":"86","author":"Y LeCun","year":"1998","unstructured":"LeCun, Y., Bottou, L., Bengio, Y., Haffner, P.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278\u20132324 (1998)","journal-title":"Proc. IEEE"},{"key":"23_CR15","unstructured":"Lehmkuhl, R., Mishra, P., Srinivasan, A., Popa, R.A.: Muse: secure inference resilient to malicious clients. In: 30th USENIX Security Symposium (USENIX Security 2021), pp. 2201\u20132218 (2021)"},{"key":"23_CR16","unstructured":"Lu, W.J., Huang, Z., Zhang, Q., Wang, Y., Hong, C.: Squirrel: a scalable secure $$\\{$$Two-Party$$\\}$$ computation framework for training gradient boosting decision tree. In: 32nd USENIX Security Symposium (USENIX Security 2023), pp. 6435\u20136451 (2023)"},{"key":"23_CR17","doi-asserted-by":"crossref","unstructured":"Mishra, P., Lehmkuhl, R., Srinivasan, A., Zheng, W., Popa, R.A.: Delphi: a cryptographic inference system for neural networks. In: Proceedings of the 2020 Workshop on Privacy-Preserving Machine Learning in Practice, pp. 27\u201330 (2020)","DOI":"10.1145\/3411501.3419418"},{"key":"23_CR18","doi-asserted-by":"crossref","unstructured":"Mohassel, P., Zhang, Y.: Secureml: a system for scalable privacy-preserving machine learning. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 19\u201338. IEEE (2017)","DOI":"10.1109\/SP.2017.12"},{"key":"23_CR19","doi-asserted-by":"crossref","unstructured":"Pang, Q., Zhu, J., M\u00f6llering, H., Zheng, W., Schneider, T.: Bolt: privacy-preserving, accurate and efficient inference for transformers. Cryptology ePrint Archive (2023)","DOI":"10.1109\/SP54263.2024.00130"},{"key":"23_CR20","unstructured":"P\u00e9rez-Garc\u00eda, F., et\u00a0al.: Rad-dino: exploring scalable medical image encoders beyond text supervision. arXiv preprint arXiv:2401.10815 (2024)"},{"key":"23_CR21","doi-asserted-by":"crossref","unstructured":"Rathee, D., et al.: Sirnn: a math library for secure rnn inference. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 1003\u20131020. IEEE (2021)","DOI":"10.1109\/SP40001.2021.00086"},{"key":"23_CR22","doi-asserted-by":"crossref","unstructured":"Rathee, D., et al.: Cryptflow2: practical 2-party secure inference. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 325\u2013342 (2020)","DOI":"10.1145\/3372297.3417274"},{"key":"23_CR23","unstructured":"Riazi, M.S., Samragh, M., Chen, H., Laine, K., Lauter, K., Koushanfar, F.: $$\\{$$XONN$$\\}$$:$$\\{$$XNOR-based$$\\}$$ oblivious deep neural network inference. In: 28th USENIX Security Symposium (USENIX Security 2019), pp. 1501\u20131518 (2019)"},{"key":"23_CR24","doi-asserted-by":"crossref","unstructured":"Shokri, R., Stronati, M., Song, C., Shmatikov, V.: Membership inference attacks against machine learning models. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 3\u201318. IEEE (2017)","DOI":"10.1109\/SP.2017.41"},{"key":"23_CR25","unstructured":"Simonyan, K., Zisserman, A.: Very deep convolutional networks for large-scale image recognition. arXiv preprint arXiv:1409.1556 (2014)"},{"key":"23_CR26","unstructured":"Tram\u00e8r, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction $$\\{$$APIs$$\\}$$. In: 25th USENIX Security Symposium (USENIX Security 2016), pp. 601\u2013618 (2016)"},{"key":"23_CR27","doi-asserted-by":"crossref","unstructured":"Truong, J.B., Maini, P., Walls, R.J., Papernot, N.: Data-free model extraction. In: Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, pp. 4771\u20134780 (2021)","DOI":"10.1109\/CVPR46437.2021.00474"},{"key":"23_CR28","doi-asserted-by":"crossref","unstructured":"Zhang, Q., Xin, C., Wu, H.: Gala: greedy computation for linear algebra in privacy-preserved neural networks. arXiv preprint arXiv:2105.01827 (2021)","DOI":"10.14722\/ndss.2021.24351"},{"key":"23_CR29","doi-asserted-by":"crossref","unstructured":"Zheng, W., Popa, R.A., Gonzalez, J.E., Stoica, I.: Helen: maliciously secure coopetitive learning for linear models. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 724\u2013738. IEEE (2019)","DOI":"10.1109\/SP.2019.00045"}],"container-title":["Lecture Notes in Computer Science","Web Information Systems Engineering \u2013 WISE 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-0567-5_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T09:09:42Z","timestamp":1733130582000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-0567-5_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,3]]},"ISBN":["9789819605668","9789819605675"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-0567-5_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024,12,3]]},"assertion":[{"value":"3 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Web Information Systems Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Doha","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Qatar","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wise2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/wise2024-qatar.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}