KIT | KIT-Bibliothek | Impressum | Datenschutz

Synthesize, Adapt, Steal: A Few-Shot Domain Adaptive Model Stealing Attack for Tabular Data

Schwarzer, Maxime 1; Sánchez, Gustavo ORCID iD icon 1; Möhlenhof, Thies; Holz, Laurin; Loevenich, Johannes F.; Lopes, Roberto Rigolin F.; Hagenmeyer, Veit ORCID iD icon 1
1 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)

Abstract:

The growing popularity of Machine Learning as a Service (MLaaS) is creating new attack vectors. Model theft poses a particular threat because it enables Intellectual Property (IP) to be stolen and can serve as a starting point for further attacks. While attacks on computer vision (CV) are well-studied, tabular data crucial for industrial applications remains less explored. We present a few-shot, domain-adaptive, model-stealing attack optimized specifically for tabular data. Our approach combines three components: (1) generating a synthetic yet plausible data pool using a Conditional Generative Adversarial Network (CTGAN); (2) a hybrid query strategy combining active learning with adversarial augmentation to efficiently exploit the query budget; and (3) a novel Relational Attention Corrector (RAC) that implicitly learns and enforces semantic validity. Experiments on an energy critical infrastructure intrusion detection dataset (specifically, the ERENO IEC 61850 dataset) and standard benchmarks (Adult Income and Diabetes) demonstrate that our attack significantly outperforms previous methods. It improves the macro F1-score by over 24 percentage points with only 7,000 queries, closely approaching the performance of an attacker with full data knowledge.


Originalveröffentlichung
DOI: 10.1109/CAI68641.2026.11536246
Zugehörige Institution(en) am KIT Institut für Automation und angewandte Informatik (IAI)
Publikationstyp Proceedingsbeitrag
Publikationsdatum 08.05.2026
Sprache Englisch
Identifikator ISBN: 979-8-3315-6039-3
KITopen-ID: 1000194756
Erschienen in 2026 IEEE Conference on Artificial Intelligence (CAI)
Veranstaltung IEEE Conference on Artificial Intelligence (CAI 2026), Granada, Spanien, 08.05.2026 – 10.05.2026
Verlag Institute of Electrical and Electronics Engineers (IEEE)
Seiten 1220 - 1225
Externe Relationen Siehe auch
Nachgewiesen in OpenAlex
Scopus
Globale Ziele für nachhaltige Entwicklung Ziel 3 – Gesundheit und Wohlergehen
KIT – Die Universität in der Helmholtz-Gemeinschaft
KITopen Landing Page