"Model Extraction and Theft: How Deployed Models Get Stolen—and How to Stop It"
As AI systems become products, they also become targets. This book is written for experienced ML engineers, security architects, platform teams, and technical leaders who need to protect deployed models from replication, exfiltration, and commercial abuse. Rather than treating model theft as an abstract risk, it frames extraction and artifact theft as concrete engineering problems, showing how real interfaces, deployment choices, and operational practices determine what attackers can learn and steal.
Across the book, readers move from threat modeling and asset identification to the mechanics of black-box extraction, gray-box leakage, API overexposure, and white-box weight theft. It examines how probabilities, embeddings, traces, prompts, retrieval assets, and operational secrets become attack surfaces, then develops practical defenses: output minimization, rate shaping, tenant isolation, telemetry, anomaly detection, canaries, fingerprinting, and incident response. The outcome is a rigorous mental model for evaluating attacker economics and designing systems that are harder to copy, easier to monitor, and faster to contain when abuse occurs.
The treatment is technical, operational, and evidence-oriented. Familiarity with modern ML deployment, APIs, and security fundamentals is assumed. What distinguishes this book is its integrated view of ML security, MLOps hardening, and product interface design, connecting preventive controls, detection signals, and legal or commercial enforcement into a s
