{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,22]],"date-time":"2025-10-22T23:35:52Z","timestamp":1761176152137,"version":"build-2065373602"},"reference-count":0,"publisher":"IOS Press","isbn-type":[{"value":"9781643686318","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,10,21]],"date-time":"2025-10-21T00:00:00Z","timestamp":1761004800000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,10,21]]},"abstract":"<jats:p>Model stealing, i.e., unauthorized access and exfiltration of deep learning models, has emerged as a significant security threat. The misuse and illegal replication of models pose major risks to financial assets and competitive advantage. Traditional protection methods, such as model watermarking, are passive and challenging to enforce, while active defenses often face limitations in terms of efficiency and the security required for widespread deployment. To this end, we propose a native authentication mechanism, called AUTHNET, which integrates authentication logic as part of the model without any additional structures. Our key insight is to reuse redundant neurons with low activation and embed authentication bits in an intermediate layer, called a gate layer. Then, AUTHNET fine-tunes the layers after the gate layer to embed authentication logic so that only inputs with secret key can trigger the correct logic of AUTHNET. It provides the last line of defense, i.e., even being exfiltrated, the model is not usable as the adversary cannot generate valid inputs without the key. We theoretically demonstrate the high sensitivity of AUTHNET to the secret key, which means that precise key provision is essential for achieving good performance of AUTHNET. AUTHNET is compatible with any convolutional neural network, where our extensive evaluations show that AUTHNET successfully achieves the goal in rejecting unauthenticated users (whose average accuracy drops to 22.03%) with a trivial accuracy decrease (1.18% on average) for legitimate users, and is robust against adaptive attacks, providing efficient and lightweight protection.<\/jats:p>","DOI":"10.3233\/faia250931","type":"book-chapter","created":{"date-parts":[[2025,10,22]],"date-time":"2025-10-22T09:46:18Z","timestamp":1761126378000},"source":"Crossref","is-referenced-by-count":0,"title":["AUTHNET: Neural Network with Integrated Authentication Logic"],"prefix":"10.3233","author":[{"given":"Yuling","family":"Cai","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences"},{"name":"School of Cyberspace Security, University of Chinese Academy of Sciences"}]},{"given":"Fan","family":"Xiang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences"},{"name":"School of Cyberspace Security, University of Chinese Academy of Sciences"}]},{"given":"Guozhu","family":"Meng","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences"},{"name":"School of Cyberspace Security, University of Chinese Academy of Sciences"}]},{"given":"Yinzhi","family":"Cao","sequence":"additional","affiliation":[{"name":"Johns Hopkins University"}]},{"given":"Kai","family":"Chen","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences"},{"name":"School of Cyberspace Security, University of Chinese Academy of Sciences"}]}],"member":"7437","container-title":["Frontiers in Artificial Intelligence and Applications","ECAI 2025"],"original-title":[],"link":[{"URL":"https:\/\/ebooks.iospress.nl\/pdf\/doi\/10.3233\/FAIA250931","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,22]],"date-time":"2025-10-22T09:46:18Z","timestamp":1761126378000},"score":1,"resource":{"primary":{"URL":"https:\/\/ebooks.iospress.nl\/doi\/10.3233\/FAIA250931"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,10,21]]},"ISBN":["9781643686318"],"references-count":0,"URL":"https:\/\/doi.org\/10.3233\/faia250931","relation":{},"ISSN":["0922-6389","1879-8314"],"issn-type":[{"value":"0922-6389","type":"print"},{"value":"1879-8314","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,10,21]]}}}