LymphNode: A Plug-and-Play Access Control Method for Deep Neural Networks
Abstract
Deep Neural Networks (DNNs) are high-value intellectual property (IP), yet deploying them to edge environments exposes them to unrestricted oracle access, rendering them vulnerable to model extraction and inversion attacks. Existing defenses fail to address this practically: passive watermarking only offers post-hoc provenance, while active defenses impose prohibitive latency or require persistent access to sensitive training data. To bridge this gap, we propose LymphNode, a novel post-hoc defense framework that acts as an intrinsic ``immune system" within the model. LymphNode enforces a strict ``default-deny'' policy: it actively neutralizes model utility for unauthorized queries via Generalized Sparse Universal Adversarial Perturbations (GSUAP) injected into the feature space, effectively blocking gradient estimation and data inference. Utility is selectively restored only for authorized inputs carrying a stealthy feature-domain credential. Our framework is highly practical: it is data-efficient, establishing robust protection with fewer than 100 samples (<1\% of training data), and cross-dataset adaptable, enabling protection using public surrogate datasets. LymphNode thus provides a lightweight, immediately deployable defense for high-stakes scenarios where original training data is restricted or unavailable.
Turn this paper into a full lesson
ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.