English
Related papers

Related papers: Defending against Model Stealing via Verifying Emb…

200 papers

Machine learning models are vulnerable to both security attacks (e.g., adversarial examples) and privacy attacks (e.g., private attribute inference). We take the first step to mitigate both the security and privacy attacks, and maintain…

Machine Learning · Computer Science 2024-12-17 Binghui Zhang , Sayedeh Leila Noorbakhsh , Yun Dong , Yuan Hong , Binghui Wang

The main premise of federated learning is that machine learning model updates are computed locally, in particular to preserve user data privacy, as those never leave the perimeter of their device. This mechanism supposes the general model,…

Machine Learning · Computer Science 2023-08-09 Simon Queyrut , Yérom-David Bromberg , Valerio Schiavoni

Most machine learning models are validated and tested on fixed datasets. This can give an incomplete picture of the capabilities and weaknesses of the model. Such weaknesses can be revealed at test time in the real world. The risks involved…

Computer Vision and Pattern Recognition · Computer Science 2022-06-01 Nataniel Ruiz , Adam Kortylewski , Weichao Qiu , Cihang Xie , Sarah Adel Bargal , Alan Yuille , Stan Sclaroff

Deep models are highly susceptible to adversarial attacks. Such attacks are carefully crafted imperceptible noises that can fool the network and can cause severe consequences when deployed. To encounter them, the model requires training…

Machine Learning · Computer Science 2022-04-11 Gaurav Kumar Nayak , Ruchit Rawal , Anirban Chakraborty

The growing incorporation of artificial neural networks (NNs) into many fields, and especially into life-critical systems, is restrained by their vulnerability to adversarial examples (AEs). Some existing defense methods can increase NNs'…

Computer Vision and Pattern Recognition · Computer Science 2020-03-18 Haya Brama , Tal Grinshpoun

In a model extraction attack, an adversary steals a copy of a remotely deployed machine learning model, given oracle prediction access. We taxonomize model extraction attacks around two objectives: *accuracy*, i.e., performing well on the…

Machine Learning · Computer Science 2020-03-05 Matthew Jagielski , Nicholas Carlini , David Berthelot , Alex Kurakin , Nicolas Papernot

In this work, we propose information laundering, a novel framework for enhancing model privacy. Unlike data privacy that concerns the protection of raw data information, model privacy aims to protect an already-learned model that is to be…

Cryptography and Security · Computer Science 2020-09-16 Xinran Wang , Yu Xiang , Jun Gao , Jie Ding

Model extraction attacks are designed to steal trained models with only query access, as is often provided through APIs that ML-as-a-Service providers offer. Machine Learning (ML) models are expensive to train, in part because data is hard…

Machine Learning · Computer Science 2024-06-14 Avital Shafran , Ilia Shumailov , Murat A. Erdogdu , Nicolas Papernot

It is common practice to outsource the training of machine learning models to cloud providers. Clients who do so gain from the cloud's economies of scale, but implicitly assume trust: the server should not deviate from the client's training…

Cryptography and Security · Computer Science 2025-04-02 Hengrui Jia , Sierra Wyllie , Akram Bin Sediq , Ahmed Ibrahim , Nicolas Papernot

In the last decade, the use of Machine Learning techniques in anomaly-based intrusion detection systems has seen much success. However, recent studies have shown that Machine learning in general and deep learning specifically are vulnerable…

Cryptography and Security · Computer Science 2023-03-14 Islam Debicha , Thibault Debatty , Jean-Michel Dricot , Wim Mees , Tayeb Kenaza

Recent studies have shown that federated learning (FL) is vulnerable to poisoning attacks that inject a backdoor into the global model. These attacks are effective even when performed by a single client, and undetectable by most existing…

Cryptography and Security · Computer Science 2021-04-20 Sebastien Andreina , Giorgia Azzurra Marson , Helen Möllering , Ghassan Karame

Deep Convolution Neural Networks (CNNs) can easily be fooled by subtle, imperceptible changes to the input images. To address this vulnerability, adversarial training creates perturbation patterns and includes them in the training set to…

Computer Vision and Pattern Recognition · Computer Science 2022-09-19 Muzammal Naseer , Salman Khan , Munawar Hayat , Fahad Shahbaz Khan , Fatih Porikli

Backdoor data poisoning is an emerging form of adversarial attack usually against deep neural network image classifiers. The attacker poisons the training set with a relatively small set of images from one (or several) source class(es),…

Machine Learning · Computer Science 2020-10-16 Zhen Xiang , David J. Miller , George Kesidis

As machine learning becomes a practice and commodity, numerous cloud-based services and frameworks are provided to help customers develop and deploy machine learning applications. While it is prevalent to outsource model training and…

Cryptography and Security · Computer Science 2018-07-16 Tianwei Zhang , Zecheng He , Ruby B. Lee

Modern machine learning (ML) models are expensive IP and business competitiveness often depends on keeping this IP confidential. This in turn restricts how these models are deployed; for example, it is unclear how to deploy a model…

Cryptography and Security · Computer Science 2025-03-11 Eleanor Clifford , Adhithya Saravanan , Harry Langford , Cheng Zhang , Yiren Zhao , Robert Mullins , Ilia Shumailov , Jamie Hayes

Federated learning enables learning from decentralized data sources without compromising privacy, which makes it a crucial technique. However, it is vulnerable to model poisoning attacks, where malicious clients interfere with the training…

Cryptography and Security · Computer Science 2023-07-19 Sungwon Park , Sungwon Han , Fangzhao Wu , Sundong Kim , Bin Zhu , Xing Xie , Meeyoung Cha

Machine learning models are essential tools in various domains, but their performance can degrade over time due to changes in data distribution or other factors. On one hand, detecting and addressing such degradations is crucial for…

Machine Learning · Computer Science 2023-09-28 Florian Heinrichs

Since there are multiple parties in collaborative learning, malicious parties might manipulate the learning process for their own purposes through backdoor attacks. However, most of existing works only consider the federated learning…

Machine Learning · Computer Science 2020-07-08 Yang Liu , Zhihao Yi , Tianjian Chen

Machine unlearning algorithms, designed for selective removal of training data from models, have emerged as a promising approach to growing privacy concerns. In this work, we expose a critical yet underexplored vulnerability in the…

Cryptography and Security · Computer Science 2024-10-15 Yangsibo Huang , Daogao Liu , Lynn Chua , Badih Ghazi , Pritish Kamath , Ravi Kumar , Pasin Manurangsi , Milad Nasr , Amer Sinha , Chiyuan Zhang

Adversarial reconnaissance is a crucial step in sophisticated cyber-attacks as it enables threat actors to find the weakest points of otherwise well-defended systems. To thwart reconnaissance, defenders can employ cyber deception…

Cryptography and Security · Computer Science 2023-06-13 Shanto Roy , Nazia Sharmin , Mohammad Sujan Miah , Jaime C Acosta , Christopher Kiekintveld , Aron Laszka