Invention Title:

SYSTEM AND METHOD FOR MIMICKING A NEURAL NETWORK WITHOUT ACCESS TO THE ORIGINAL TRAINING DATASET OR THE TARGET MODEL

Publication number:

US20240232635

Publication date:

2024-07-11

Section:

Physics

Class:

G06N3/086

Inventor:

Eli DAVID Tel Aviv, Israel

Assignee:

Nano Dimension Technologies, Ltd. Ness Ziona, Israel

Applicant:

Nano Dimension Technologies, Ltd. Ness Ziona, Israel

Drawings (4 of 4)

Drawing 01 for SYSTEM AND METHOD FOR MIMICKING A NEURAL NETWORK WITHOUT ACCESS TO THE ORIGINAL TRAINING DATASET OR THE TARGET MODEL

Drawing 02 for SYSTEM AND METHOD FOR MIMICKING A NEURAL NETWORK WITHOUT ACCESS TO THE ORIGINAL TRAINING DATASET OR THE TARGET MODEL

Drawing 03 for SYSTEM AND METHOD FOR MIMICKING A NEURAL NETWORK WITHOUT ACCESS TO THE ORIGINAL TRAINING DATASET OR THE TARGET MODEL

Drawing 04 for SYSTEM AND METHOD FOR MIMICKING A NEURAL NETWORK WITHOUT ACCESS TO THE ORIGINAL TRAINING DATASET OR THE TARGET MODEL

Smart overview of the Invention

A method and system are designed to replicate a pre-trained neural network model without needing access to the original model or its training dataset. By utilizing random or semi-random input data, the system probes the target model to receive corresponding output data. This process allows for the creation of a new training dataset that captures the relationship between inputs and outputs, enabling the training of a new model that mimics the behavior of the target model.

Field of Application

The technology is situated within the realm of artificial intelligence, specifically focusing on machine learning techniques. It pertains to training predictive models such as neural networks, logistic regression, or Bayesian models, which are commonly used in various AI applications.

Challenges Addressed

Conventional neural network training is often complex and time-consuming, requiring substantial computational resources and time. Additionally, proprietary concerns often prevent access to original training datasets. This limitation complicates efforts to replicate or modify existing models. The proposed system addresses these challenges by allowing for model replication without direct access to sensitive data.

Methodology

The described method involves sending random input data to a remote pre-trained model and recording the resulting outputs. This data forms a new probe training dataset, which is then used to train a new "student" model. The student model learns to produce outputs similar to those of the original target model based solely on this probing process, effectively mimicking the target's behavior.

Applications and Implications

The approach can be applied in various fields such as autonomous driving, drone navigation, and image recognition. By enabling the replication of complex models without compromising their underlying data privacy, this technology paves the way for broader accessibility and innovation in AI development while maintaining confidentiality.