High-performance deep neural networks (DNNs) are increasingly deployed in
many real-world applications e.g., cloud prediction APIs. Recent advances in
model functionality stealing attacks via black-box access (i.e., inputs in,
predictions out) threaten the business model of such applic