Search Results for author:
Found 13 papers, 9 papers with code
Optimistic Verifiable Training by Controlling Hardware Nondeterminism
The increasing compute demands of AI systems has led to the emergence of services that train models on behalf of clients lacking necessary resources.
FairProof : Confidential and Certifiable Fairness for Neural Networks
To this end, we propose FairProof - a system that uses Zero-Knowledge Proofs (a cryptographic primitive) to publicly verify the fairness of a model, while maintaining confidentiality.
Differentially Private Learning Needs Better Features (or Much More Data)
We demonstrate that differentially private machine learning has not yet reached its "AlexNet moment" on many canonical vision tasks: linear models trained on handcrafted features significantly outperform end-to-end deep neural networks for moderate privacy budgets.
Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy
Existing systems for metadata-hiding messaging that provide cryptographic privacy properties have either high communication costs, high computation costs, or both.
Cryptography and Security
How Relevant is the Turing Test in the Age of Sophisbots?
Popular culture has contemplated societies of thinking machines for generations, envisioning futures from utopian to dystopian.
Adversarial Training and Robustness for Multiple Perturbations
Defenses against adversarial examples, such as adversarial training, are typically tailored to a single perturbation type (e. g., small $\ell_\infty$-noise).
SentiNet: Detecting Physical Attacks Against Deep Learning Systems
By leveraging the neural network's susceptibility to attacks and by using techniques from model interpretability and object detection as detection mechanisms, SentiNet turns a weakness of a model into a strength.
Cryptography and Security
AdVersarial: Perceptual Ad Blocking meets Adversarial Machine Learning
On the other, we present a concrete set of attacks on visual ad-blockers by constructing adversarial examples in a real web page context.
Fidelius: Protecting User Secrets from Compromised Browsers
In this work, we present Fidelius, a new architecture that uses trusted hardware enclaves integrated into the browser to enable protection of user secrets during web browsing sessions, even if the entire underlying browser and OS are fully controlled by a malicious attacker.
Cryptography and Security
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware
As Machine Learning (ML) gets applied to security-critical or sensitive domains, there is a growing need for integrity and privacy for outsourced ML computations.
Ensemble Adversarial Training: Attacks and Defenses
We show that this form of adversarial training converges to a degenerate global minimum, wherein small curvature artifacts near the data points obfuscate a linear approximation of the loss.
The Space of Transferable Adversarial Examples
Adversarial examples are maliciously perturbed inputs designed to mislead machine learning (ML) models at test-time.
Mobile Device Identification via Sensor Fingerprinting
We demonstrate how the multitude of sensors on a smartphone can be used to construct a reliable hardware fingerprint of the phone.
Cryptography and Security
