Search Results for author:
Found 21 papers, 5 papers with code
Physical Adversarial Examples for Multi-Camera Systems
Neural networks build the foundation of several intelligent systems, which, however, are known to be easily fooled by adversarial examples.
Protecting Publicly Available Data With Machine Learning Shortcuts
Machine-learning (ML) shortcuts or spurious correlations are artifacts in datasets that lead to very good training and test performance but severely limit the model's generalization capability.
Complex-valued neural networks for voice anti-spoofing
Current anti-spoofing and audio deepfake detection systems use either magnitude spectrogram-based features (such as CQT or Melspectrograms) or raw audio processed through convolution or sinc-layers.
Shortcut Detection with Variational Autoencoders
For real-world applications of machine learning (ML), it is essential that models make predictions based on well-generalizing features rather than spurious correlations in the data.
Introducing Model Inversion Attacks on Automatic Speaker Recognition
To the best of our knowledge, our work is the first one extending MI attacks to audio data, and our results highlight the security risks resulting from the extraction of the biometric data in that setup.
Localized Shortcut Removal
This is often due to the existence of machine learning shortcuts - features in the data that are predictive but unrelated to the problem at hand.
R2-AD2: Detecting Anomalies by Analysing the Raw Gradient
Neural networks follow a gradient-based learning scheme, adapting their mapping parameters by back-propagating the output loss.
Semi-supervised Anomaly Detection
Supervised Anomaly Detection
Does Audio Deepfake Detection Generalize?
Current text-to-speech algorithms produce realistic fakes of human voices, making deepfake detection a much-needed area of research.
Language Dependencies in Adversarial Attacks on Speech Recognition Systems
Automatic speech recognition (ASR) systems are ubiquitously present in our daily devices.
Automatic Speech Recognition
Automatic Speech Recognition (ASR)
+1
Visualizing Automatic Speech Recognition -- Means for a Better Understanding?
Automatic speech recognition (ASR) is improving ever more at mimicking human speech processing.
Automatic Speech Recognition
Automatic Speech Recognition (ASR)
+1
Gradient Masking and the Underestimated Robustness Threats of Differential Privacy in Deep Learning
An important problem in deep learning is the privacy and security of neural networks (NNs).
Defending Against Adversarial Denial-of-Service Data Poisoning Attacks
Since many applications rely on untrusted training data, an attacker can easily craft malicious samples and inject them into the training dataset to degrade the performance of machine learning models.
Deep Reinforcement Learning for Backup Strategies against Adversaries
In this setting, the usual round-robin scheme, which always replaces the oldest backup, is no longer optimal with respect to avoidable exposure.
Adversarial Vulnerability of Active Transfer Learning
In this paper, we share an intriguing observation: Namely, that the combination of these techniques is particularly susceptible to a new kind of data poisoning attack: By adding small adversarial noise on the input, it is possible to create a collision in the output space of the transfer learner.
Towards Resistant Audio Adversarial Examples
We devise an approach to mitigate this flaw and find that our method improves generation of adversarial examples with varying offsets.
Data Poisoning Attacks on Regression Learning and Corresponding Defenses
Adversarial data poisoning is an effective attack against machine learning and threatens model integrity by introducing poisoned data into the training dataset.
Optimizing Information Loss Towards Robust Neural Networks
To overcome the downsides of adversarial training while still providing a high level of security, we present a new training approach we call \textit{entropic retraining}.
$\text{A}^3$: Activation Anomaly Analysis
Based on the activation values in the target network, the alarm network decides if the given sample is normal.
Semi-supervised Anomaly Detection
Supervised Anomaly Detection
DLA: Dense-Layer-Analysis for Adversarial Example Detection
In this paper, we present a novel end-to-end framework to detect such attacks during classification without influencing the target model's performance.
Deep Reinforcement Fuzzing
Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs.
