Search Results for author:
Found 5 papers, 2 papers with code
Memorization in Self-Supervised Learning Improves Downstream Generalization
Our definition compares the difference in alignment of representations for data points and their augmented views returned by both encoders that were trained on these data points and encoders that were not.
Private Multi-Winner Voting for Machine Learning
We use our mechanisms to enable privacy-preserving multi-label learning in the central setting by extending the canonical single-label technique: PATE.
Dataset Inference for Self-Supervised Models
We introduce a new dataset inference defense, which uses the private training set of the victim encoder model to attribute its ownership in the event of stealing.
On the Difficulty of Defending Self-Supervised Learning against Model Extraction
We construct several novel attacks and find that approaches that train directly on a victim's stolen representations are query efficient and enable high accuracy for downstream models.
Increasing the Cost of Model Extraction with Calibrated Proof of Work
Since we calibrate the effort required to complete the proof-of-work to each query, this only introduces a slight overhead for regular users (up to 2x).
