1 code implementation • 15 Jun 2022 • Abderrahmen Amich, Ata Kaboudi, Birhanu Eshete
We also show that, when powered by OOD detection, Morphence-2. 0 is able to precisely make an input-based movement of the model's decision function that leads to higher prediction accuracy on both adversarial and benign queries.
Out-of-Distribution Detection Out of Distribution (OOD) Detection +1
no code implementations • 2 Mar 2022 • Ismat Jarin, Birhanu Eshete
In membership inference attacks (MIAs), an adversary observes the predictions of a model to determine whether a sample is part of the model's training data.
1 code implementation • 18 Feb 2022 • Abderrahmen Amich, Birhanu Eshete
Through an OOD to in-distribution mapping intuition, our approach translates OOD inputs to the data distribution used to train and test the model.
1 code implementation • 24 Dec 2021 • Ismat Jarin, Birhanu Eshete
In this paper, we present, DP-UTIL, a holistic utility analysis framework of DP across the ML pipeline with focus on input perturbation, objective perturbation, gradient perturbation, output perturbation, and prediction perturbation.
1 code implementation • 31 Aug 2021 • Abderrahmen Amich, Birhanu Eshete
Attacks often succeed by repeatedly probing a fixed target model with adversarial examples purposely crafted to fool it.
1 code implementation • 31 Aug 2021 • Abderrahmen Amich, Birhanu Eshete
The key insight in EG-Booster is the use of feature-based explanations of model predictions to guide adversarial example crafting by adding consequential perturbations likely to result in model evasion and avoiding non-consequential ones unlikely to contribute to evasion.
no code implementations • 30 Jun 2021 • Abderrahmen Amich, Birhanu Eshete
Towards systematic assessment of ML evasion attacks, we propose and evaluate a novel suite of model-agnostic metrics for sample-level and dataset-level correlation analysis.
1 code implementation • 19 Feb 2021 • Ismat Jarin, Birhanu Eshete
This paper presents PRICURE, a system that combines complementary strengths of secure multi-party computation (SMPC) and differential privacy (DP) to enable privacy-preserving collaborative prediction among multiple model owners.
no code implementations • 28 Jun 2020 • Abdullah Ali, Birhanu Eshete
This paper explores best-effort adversarial approximation of a black-box malware classifier in the most challenging setting, where the adversary's knowledge is limited to a prediction label for a given input.
no code implementations • 3 Oct 2018 • Sadegh M. Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. Sekar, V. N. Venkatakrishnan
In a nutshell, HOLMES aims to produce a detection signal that indicates the presence of a coordinated set of activities that are part of an APT campaign.
Cryptography and Security