Search Results for author:
Found 22 papers, 2 papers with code
Watermarking Neuromorphic Brains: Intellectual Property Protection in Spiking Neural Networks
As spiking neural networks (SNNs) gain traction in deploying neuromorphic computing solutions, protecting their intellectual property (IP) has become crucial.
SSAP: A Shape-Sensitive Adversarial Patch for Comprehensive Disruption of Monocular Depth Estimation in Autonomous Navigation Applications
In this paper, we introduce SSAP (Shape-Sensitive Adversarial Patch), a novel approach designed to comprehensively disrupt monocular depth estimation (MDE) in autonomous navigation applications.
BrainLeaks: On the Privacy-Preserving Properties of Neuromorphic Architectures against Model Inversion Attacks
Particularly, model inversion (MI) attacks enable the reconstruction of data samples that have been used to train the model.
Evasive Hardware Trojan through Adversarial Power Trace
We introduce a HT obfuscation (HTO) approach to allow HTs to bypass this detection method.
May the Noise be with you: Adversarial Training without Adversarial Examples
We model the propagation of noise through the layers, introducing a closed-form stochastic loss function that encapsulates a noise variance parameter.
Fool the Hydra: Adversarial Attacks against Multi-view Object Detection Systems
Adversarial patches exemplify the tangible manifestation of the threat posed by adversarial attacks on Machine Learning (ML) models in real-world scenarios.
Attention Deficit is Ordered! Fooling Deformable Vision Transformers with Collaborative Adversarial Patches
The latest generation of transformer-based vision models has proven to be superior to Convolutional Neural Network (CNN)-based models across several vision tasks, largely attributed to their remarkable prowess in relation modeling.
DeepMem: ML Models as storage channels and their (mis-)applications
In this paper, we propose a novel information theoretic perspective of the problem; we consider the ML model as a storage channel with a capacity that increases with overparameterization.
DAP: A Dynamic Adversarial Patch for Evading Person Detectors
Patch-based adversarial attacks were proven to compromise the robustness and reliability of computer vision systems.
Jedi: Entropy-based Localization and Removal of Adversarial Patches
Jedi tackles the patch localization problem from an information theory perspective; leverages two new ideas: (1) it improves the identification of potential patch regions using entropy analysis: we show that the entropy of adversarial patches is high, even in naturalistic patches; and (2) it improves the localization of adversarial patches, using an autoencoder that is able to complete patch regions from high entropy kernels.
Exploring Machine Learning Privacy/Utility trade-off from a hyperparameters Lens
Towards investigating new ground for better privacy-utility trade-off, this work questions; (i) if models' hyperparameters have any inherent impact on ML models' privacy-preserving properties, and (ii) if models' hyperparameters have any impact on the privacy/utility trade-off of differentially private models.
AdvART: Adversarial Art for Camouflaged Object Detection Attacks
Physical adversarial attacks pose a significant practical threat as it deceives deep learning systems operating in the real world by producing prominent and maliciously designed physical perturbations.
APARATE: Adaptive Adversarial Patch for CNN-based Monocular Depth Estimation for Autonomous Navigation
APARATE, results in a mean depth estimation error surpassing $0. 5$, significantly impacting as much as $99\%$ of the targeted region when applied to CNN-based MDE models.
Special Session: Towards an Agile Design Methodology for Efficient, Reliable, and Secure ML Systems
The real-world use cases of Machine Learning (ML) have exploded over the past few years.
ROOM: Adversarial Machine Learning Attacks Under Real-Time Constraints
Thus, we propose ROOM, a novel Real-time Online-Offline attack construction Model where an offline component serves to warm up the online algorithm, making it possible to generate highly successful attacks under time constraints.
Adversarial Attacks in a Multi-view Setting: An Empirical Study of the Adversarial Patches Inter-view Transferability
In this paper, we study the effect of view angle on the effectiveness of an adversarial patch.
PDF-Malware: An Overview on Threats, Detection and Evasion Attacks
Since classical analysis techniques may be limited in case of zero-days, machine-learning based techniques have emerged recently as an automatic PDF-malware detection method that is able to generalize from a set of training samples.
Stochastic-HMDs: Adversarial Resilient Hardware Malware Detectors through Voltage Over-scaling
Machine learning-based hardware malware detectors (HMDs) offer a potential game changing advantage in defending systems against malware.
An Investigation on Inherent Robustness of Posit Data Representation
Moreover, in 100% of the tested machine-learning applications, the accuracy of posit-implemented systems is higher than the classical floating-point-based ones.
Hardware Architecture
Securing Deep Spiking Neural Networks against Adversarial Attacks through Inherent Structural Parameters
We thoroughly study SNNs security under different adversarial attacks in the strong white-box setting, with different noise budgets and under variable spiking parameters.
Defensive Approximation: Securing CNNs using Approximate Computing
We show that our approximate computing implementation achieves robustness across a wide range of attack scenarios.
NeuroAttack: Undermining Spiking Neural Networks Security through Externally Triggered Bit-Flips
Due to their proven efficiency, machine-learning systems are deployed in a wide range of complex real-life problems.
