| CPC G06F 21/128 (2013.01) [G06F 21/14 (2013.01); G06F 21/602 (2013.01); G06F 21/64 (2013.01)] | 20 Claims |
|
1. A method of protecting a model, the method comprising:
generating a WASM file, wherein the WASM file is configured to provide a runtime environment for a target model, and the WASM file contains a corresponding model inference algorithm and a corresponding security verification algorithm,
wherein the security verification algorithm is configured to perform at least one security verification operation to protect the target model, the at least one security verification operation is selected from:
a verification of a host environment;
a verification of an integrity of the WASM file;
a verification of an integrity of a model file, wherein the model file is an encrypted file generated corresponding to an original model file of the target model;
a timeout verification of a specified inference process during a model inference process; or
a timeout verification of an entire inference process during the model inference process,
wherein the model file is obtained by:
determining a topology of the target model based on the original model file;
obfuscating attributes of operators in the topology and dependencies between the operators to obtain an intermediate product of the original model file; and
encrypting the intermediate product to obtain the model file.
|