1 code implementation • 26 Feb 2024 • Georg Pichler, Marco Romanelli, Divya Prakash Manivannan, Prashanth Krishnamurthy, Farshad Khorrami, Siddharth Garg
We introduce a formal statistical definition for the problem of backdoor detection in machine learning systems and use it to analyze the feasibility of such problems, providing evidence for the utility and applicability of our definition.
1 code implementation • 24 Feb 2024 • Federica Granese, Marco Romanelli, Pablo Piantanida
We approach this defensive strategy with utmost caution, operating in an environment where the defender possesses significantly less information compared to the attacker.
no code implementations • 6 Feb 2024 • Saswat Das, Marco Romanelli, Ferdinando Fioretto
Ensuring privacy-preserving inference on cryptographically secure data is a well-known computational challenge.
no code implementations • 22 Jan 2024 • Animesh Basak Chowdhury, Marco Romanelli, Benjamin Tan, Ramesh Karri, Siddharth Garg
Logic synthesis, a pivotal stage in chip design, entails optimizing chip specifications encoded in hardware description languages like Verilog into highly efficient implementations using Boolean logic gates.
1 code implementation • 2 Jun 2023 • Eduardo Dadalto, Marco Romanelli, Georg Pichler, Pablo Piantanida
Misclassification detection is an important problem in machine learning, as it allows for the identification of instances where the model's predictions are unreliable.
no code implementations • 22 May 2023 • Animesh Basak Chowdhury, Marco Romanelli, Benjamin Tan, Ramesh Karri, Siddharth Garg
%Compared to prior work, INVICTUS is the first solution that uses a mix of RL and search methods joint with an online out-of-distribution detector to generate synthesis recipes over a wide range of benchmarks.
no code implementations • 4 Feb 2023 • Federica Granese, Marco Romanelli, Siddharth Garg, Pablo Piantanida
Multi-armed adversarial attacks, in which multiple algorithms and objective loss functions are simultaneously used at evaluation time, have been shown to be highly successful in fooling state-of-the-art adversarial examples detectors while requiring no specific side information about the detection mechanism.
1 code implementation • 30 Jun 2022 • Federica Granese, Marine Picot, Marco Romanelli, Francisco Messina, Pablo Piantanida
Detection of adversarial examples has been a hot topic in the last years due to its importance for safely deploying machine learning algorithms in critical applications.
1 code implementation • 30 Mar 2022 • Georg Pichler, Marco Romanelli, Leonardo Rey Vega, Pablo Piantanida
Federated Learning is expected to provide strong privacy guarantees, as only gradients or model parameters but no plain text training data is ever exchanged either between the clients or between the clients and the central server.
1 code implementation • NeurIPS 2021 • Federica Granese, Marco Romanelli, Daniele Gorla, Catuscia Palamidessi, Pablo Piantanida
Deep neural networks (DNNs) have shown to perform very well on large scale object recognition problems and lead to widespread use for real-world applications, including situations where DNN are implemented as "black boxes".
1 code implementation • 9 May 2020 • Marco Romanelli, Konstantinos Chatzikokolakis, Catuscia Palamidessi, Pablo Piantanida
A feature of our approach is that it does not require to estimate the conditional probabilities, and that it is suitable for a large class of ML algorithms.
no code implementations • 27 Jan 2020 • Catuscia Palamidessi, Marco Romanelli
Many algorithms for feature selection in the literature have adopted the Shannon-entropy-based mutual information.
1 code implementation • 1 Apr 2019 • Marco Romanelli, Konstantinos Chatzikokolakis, Catuscia Palamidessi
The idea is to set up two nets: the generator, that tries to produce an optimal obfuscation mechanism to protect the data, and the classifier, that tries to de-obfuscate the data.