English
Related papers

Related papers: Spoofing Generalization: When Can't You Trust Prop…

200 papers

Counterfactual instances are a powerful tool to obtain valuable insights into automated decision processes, describing the necessary minimal changes in the input space to alter the prediction towards a desired target. Most previous…

Machine Learning · Computer Science 2021-06-07 Robert-Florian Samoilescu , Arnaud Van Looveren , Janis Klaise

Most previous works usually explained adversarial examples from several specific perspectives, lacking relatively integral comprehension about this problem. In this paper, we present a systematic study on adversarial examples from three…

Machine Learning · Computer Science 2019-03-01 Ke Sun , Zhanxing Zhu , Zhouchen Lin

Privacy concerns have led to the development of privacy-preserving approaches for learning models from sensitive data. Yet, in practice, even models learned with privacy guarantees can inadvertently memorize unique training examples or leak…

Machine Learning · Statistics 2019-11-11 Mario Diaz , Peter Kairouz , Jiachun Liao , Lalitha Sankar

Voice anti-spoofing aims at classifying a given utterance either as a bonafide human sample, or a spoofing attack (e.g. synthetic or replayed sample). Many anti-spoofing methods have been proposed but most of them fail to generalize across…

Audio and Speech Processing · Electrical Eng. & Systems 2021-06-23 Bhusan Chettri , Rosa González Hautamäki , Md Sahidullah , Tomi Kinnunen

Algorithmic fairness and privacy are essential pillars of trustworthy machine learning. Fair machine learning aims at minimizing discrimination against protected groups by, for example, imposing a constraint on models to equalize their…

Machine Learning · Statistics 2021-04-08 Hongyan Chang , Reza Shokri

Model stealing attacks endanger the confidentiality of machine learning models offered as a service. Although these models are kept secret, a malicious party can query a model to label data samples and train their own substitute model,…

Cryptography and Security · Computer Science 2025-09-01 Daryna Oliynyk , Rudolf Mayer , Kathrin Grosse , Andreas Rauber

Generalization is a main issue for current audio deepfake detectors, which struggle to provide reliable results on out-of-distribution data. Given the speed at which more and more accurate synthesis methods are developed, it is very…

Sound · Computer Science 2024-07-02 Alessandro Pianese , Davide Cozzolino , Giovanni Poggi , Luisa Verdoliva

Membership inference (MI) attack is currently the most popular test for measuring privacy leakage in machine learning models. Given a machine learning model, a data point and some auxiliary information, the goal of an MI attack is to…

Machine Learning · Computer Science 2023-03-09 Zhifeng Kong , Amrita Roy Chowdhury , Kamalika Chaudhuri

Generative models learn the distribution of data from a sample dataset and can then generate new data instances. Recent advances in deep learning has brought forth improvements in generative model architectures, and some state-of-the-art…

Cryptography and Security · Computer Science 2021-07-30 Luke A. Bauer , Vincent Bindschaedler

Property inference attacks consider an adversary who has access to the trained model and tries to extract some global statistics of the training data. In this work, we study property inference in scenarios where the adversary can…

Machine Learning · Computer Science 2021-01-28 Melissa Chase , Esha Ghosh , Saeed Mahloujifar

Machine learning models' goal is to make correct predictions for specific tasks by learning important properties and patterns from data. By doing so, there is a chance that the model learns properties that are unrelated to its primary task.…

Cryptography and Security · Computer Science 2021-04-28 Mathias P. M. Parisot , Balazs Pejo , Dayana Spagnuelo

This paper studies model-inversion attacks, in which the access to a model is abused to infer information about the training data. Since its first introduction, such attacks have raised serious concerns given that training data usually…

Machine Learning · Computer Science 2020-04-21 Yuheng Zhang , Ruoxi Jia , Hengzhi Pei , Wenxiao Wang , Bo Li , Dawn Song

We present a data generation framework designed to simulate spoofing attacks and randomly place attack scenarios worldwide. We apply deep neural network-based models for spoofing detection, utilizing Long Short-Term Memory networks and…

Cryptography and Security · Computer Science 2025-10-24 Jan Zelinka , Oliver Kost , Marek Hrúz

How much does a machine learning algorithm leak about its training data, and why? Membership inference attacks are used as an auditing tool to quantify this leakage. In this paper, we present a comprehensive \textit{hypothesis testing…

Machine Learning · Computer Science 2022-09-14 Jiayuan Ye , Aadyaa Maddi , Sasi Kumar Murakonda , Vincent Bindschaedler , Reza Shokri

A common assumption in the social learning literature is that agents exchange information in an unselfish manner. In this work, we consider the scenario where a subset of agents aims at driving the network beliefs to the wrong hypothesis.…

Systems and Control · Electrical Eng. & Systems 2021-03-30 Konstantinos Ntemos , Virginia Bordignon , Stefan Vlaski , Ali H. Sayed

Machine learning models leak information about their training data every time they reveal a prediction. This is problematic when the training data needs to remain private. Private prediction methods limit how much information about the…

Machine Learning · Computer Science 2020-07-13 Laurens van der Maaten , Awni Hannun

We consider the recent privacy preserving methods that train the models not on original images, but on mixed images that look like noise and hard to trace back to the original images. We explain that those mixed images will be samples on…

Machine Learning · Computer Science 2021-03-02 Roozbeh Yousefzadeh

Neural networks are widely known to be vulnerable to backdoor attacks, a method that poisons a portion of the training data to make the target model perform well on normal data sets, while outputting attacker-specified or random categories…

Computer Vision and Pattern Recognition · Computer Science 2024-06-07 Yong Li , Han Gao

Trusting machine learning algorithms requires having confidence in their outputs. Confidence is typically interpreted in terms of model reliability, where a model is reliable if it produces a high proportion of correct outputs. However,…

Machine Learning · Computer Science 2023-11-01 Jonathan Vandenburgh

Obtaining deep networks that are robust against adversarial examples and generalize well is an open problem. A recent hypothesis even states that both robust and accurate models are impossible, i.e., adversarial robustness and…

Computer Vision and Pattern Recognition · Computer Science 2019-04-11 David Stutz , Matthias Hein , Bernt Schiele