Search Results for author:
Found 25 papers, 8 papers with code
Iteratively Prompting Multimodal LLMs to Reproduce Natural and AI-Generated Images
With the digital imagery landscape rapidly evolving, image stocks and AI-generated image marketplaces have become central to visual media.
Fake or Compromised? Making Sense of Malicious Clients in Federated Learning
Federated learning (FL) is a distributed machine learning paradigm that enables training models on decentralized data.
SoK: Challenges and Opportunities in Federated Unlearning
This SoK paper aims to take a deep look at the \emph{federated unlearning} literature, with the goal of identifying research trends and challenges in this emerging field.
Diffence: Fencing Membership Privacy With Diffusion Models
A unique feature of our defense is that it works on input samples only, without modifying the training or inference phase of the target model.
Memory Triggers: Unveiling Memorization in Text-To-Image Generative Models through Word-Level Duplication
Diffusion-based models, such as the Stable Diffusion model, have revolutionized text-to-image synthesis with their ability to produce high-quality, high-resolution images.
Understanding (Un)Intended Memorization in Text-to-Image Generative Models
Multimodal machine learning, especially text-to-image models like Stable Diffusion and DALL-E 3, has gained significance for transforming text into detailed images.
RAIFLE: Reconstruction Attacks on Interaction-based Federated Learning with Active Data Manipulation
Federated learning (FL) has recently emerged as a privacy-preserving approach for machine learning in domains that rely on user interactions, particularly recommender systems (RS) and online learning to rank (OLTR).
Realistic Website Fingerprinting By Augmenting Network Trace
Our extensive open-world and close-world experiments demonstrate that under practical evaluation settings, our WF attacks provide superior performances compared to the state-of-the-art; this is due to their use of augmented network traces for training, which allows them to learn the features of target traffic in unobserved settings.
Stealing the Decoding Algorithms of Language Models
A key component of generating text from modern language models (LM) is the selection and tuning of decoding algorithms.
Security Analysis of SplitFed Learning
We observe that the model updates in SplitFed have significantly smaller dimensionality as compared to FL that is known to have the curse of dimensionality.
E2FL: Equal and Equitable Federated Learning
Federated Learning (FL) enables data owners to train a shared global model without sharing their private data.
Mitigating Membership Inference Attacks by Self-Distillation Through a Novel Ensemble Architecture
The goal of this work is to train ML models that have high membership privacy while largely preserving their utility; we therefore aim for an empirical membership privacy guarantee as opposed to the provable privacy guarantees provided by techniques like differential privacy, as such techniques are shown to deteriorate model utility.
FRL: Federated Rank Learning
The FRL server uses a voting mechanism to aggregate the parameter rankings submitted by clients in each training epoch to generate the global ranking of the next training epoch.
FSL: Federated Supermask Learning
FSL clients share local subnetworks in the form of rankings of network edges; more useful edges have higher ranks.
Back to the Drawing Board: A Critical Evaluation of Poisoning Attacks on Production Federated Learning
While recent works have indicated that federated learning (FL) may be vulnerable to poisoning attacks by compromised clients, their real impact on production FL systems is not fully understood.
Robust Adversarial Attacks Against DNN-Based Wireless Communication Systems
We show that in the presence of defense mechanisms deployed by the communicating parties, our attack performs significantly better compared to existing attacks against DNN-based wireless systems.
Adversarial Attack
Cryptography and Security
Improving Deep Learning with Differential Privacy using Gradient Encoding and Denoising
We show that our mechanism outperforms the state-of-the-art DPSGD; for instance, for the same model accuracy of $96. 1\%$ on MNIST, our technique results in a privacy bound of $\epsilon=3. 2$ compared to $\epsilon=6$ of DPSGD, which is a significant improvement.
Blind Adversarial Network Perturbations
Deep Neural Networks (DNNs) are commonly used for various traffic analysis problems, such as website fingerprinting and flow correlation, as they outperform traditional (e. g., statistical) techniques by large margins.
Cronus: Robust and Heterogeneous Collaborative Learning with Black-Box Knowledge Transfer
Collaborative (federated) learning enables multiple parties to train a model without sharing their private data, but through repeated sharing of the parameters of their local models.
Membership Privacy for Machine Learning Models Through Knowledge Transfer
Large capacity machine learning (ML) models are prone to membership inference attacks (MIAs), which aim to infer whether the target sample is a member of the target model's training dataset.
Comprehensive Privacy Analysis of Deep Learning: Passive and Active White-box Inference Attacks against Centralized and Federated Learning
Deep neural networks are susceptible to various inference attacks as they remember information about their training data.
DeepCorr: Strong Flow Correlation Attacks on Tor Using Deep Learning
Flow correlation is the core technique used in a multitude of deanonymization attacks on Tor.
Machine Learning with Membership Privacy using Adversarial Regularization
In this paper, we focus on such attacks against black-box models, where the adversary can only observe the output of the model, but not its parameters.
Matching Anonymized and Obfuscated Time Series to Users' Profiles
Here we derive the fundamental limits of user privacy when both anonymization and obfuscation-based protection mechanisms are applied to users' time series of data.
Information Theory Cryptography and Security Information Theory
SWEET: Serving the Web by Exploiting Email Tunnels
As the operation of SWEET is not bound to specific email providers we argue that a censor will need to block all email communications in order to disrupt SWEET, which is infeasible as email constitutes an important part of today's Internet.
Cryptography and Security
