An Embarrassingly Simple Detector for Model Extraction Attacks in Large Language Model API Traffic

Large language models (LLMs) are increasingly deployed through hosted APIs, making model extraction a practical threat to model ownership and service security. However, individual extraction queries often resemble benign requests, and existing evaluations often focus on single-query anomaly scoring or pure benign-versus-attacker user settings. We formulate model extraction monitoring as benign-calibrated traffic-window distribution testing and show that an embarrassingly simple detector is effective: embed incoming queries into a semantic space and test whether their aggregate distribution deviates from historical benign traffic. We instantiate the detector with maximum mean discrepancy (MMD), using only benign-vs-benign comparisons to set the decision threshold. We evaluate on fourteen attacker-normal query pairs from four extraction scenarios and compare with adapted PRADA, SEAT, CAP, DATE, and marginal Mahalanobis baselines. Across three random seeds, MMD achieves 0.3% benign FPR, 100.0% pure-attacker TPR, 90.5% average TPR over attacker fractions, and 95.1% balanced accuracy. These results show that benign-calibrated distribution testing is a strong empirical baseline for model extraction detection in both user-level and mixed multi-user LLM API traffic. Code is released at: https://github.com/LabRAI/mmd-llm-mea-detection.

Vehicle occupancy estimation in Automated Guideway Transit via deep learning with Wi-Fi probe requests

This study contributes to the advancement of vehicle occupancy estimation in Automated Guideway Transit (AGT) systems using Wi-Fi probe requests and deep learning models. We propose a comprehensive framework for evaluating various approaches to occupancy estimation, particularly in the context of MAC address randomization. While many methods proposed in the literature claim effectiveness in simpler experimental settings, our research reveals that those methods are unreliable in the complex environment of AGT systems. Specifically, techniques for handling randomized MAC addresses and distinguishing between passenger and non-passenger data do not perform well in AGT systems. Despite challenges in tracking individual devices, our study demonstrates that accurate occupancy estimation using Wi-Fi probe requests remains feasible. A pilot study conducted on the Miami-Dade Metromover, an AGT system characterized by frequent stops, significant occupancy fluctuations, and absence of fare collection devices, provides a robust testing ground for the framework. Additionally, our findings show that deep learning models significantly outperform machine learning models in this context. The insights from this study can significantly enhance decision-making for transit agencies to optimize operations and elevate service quality.