I've spent a lot of time training my custom model. Lately, I've gotten worried about security and how easy it would be to someone to reverse-engineer my application and steal my model file if I bundled it together with my APK if I added it to /assets folder.
I came to conclusion that one of the safest ways would be do host the model on my Server - in this case, my model would be somewhat safe. But I have no backend knowledge and when you start to question security of the Server I could offer as well as solving the possible future scaling? No, that's not really an option for me.
I did find that Firebase ML allows to deploy custom models. Question is, is that safe? The only positive is that I could allow to download this model only for authorised users. If I have linked my app's SHA-1 I'd believe that stealing the model file would be a lot more complicated for the hacker - but is it possible? And if it is, how hard that would be?
Store the model file on Firebase storage AND add cloud function API. This makes sure that model does not leave Firebase and I do not have to worry about APIs security, scalability etc.?
I'd prefer to go with option 1 if I could verify that it makes super complicated to steal that model file from someone who does these things. Maybe there's an option 3? Thanks peeps.
