Whispers in the Machine: Confidentiality in LLM-integrated Systems

1 code implementation • 10 Feb 2024 • Jonathan Evertz, Merlin Chlosta, Lea Schönherr, Thorsten Eisenhofer

Specifically, malicious tools can exploit vulnerabilities in the LLM itself to manipulate the model and compromise the data of other services, raising the question of how private data can be protected in the context of LLM integrations.

A Representative Study on Human Detection of Artificially Generated Media Across Countries

1 code implementation • 10 Dec 2023 • Joel Frank, Franziska Herbert, Jonas Ricker, Lea Schönherr, Thorsten Eisenhofer, Asja Fischer, Markus Dürmuth, Thorsten Holz

To further understand which factors influence people's ability to detect generated media, we include personal variables, chosen based on a literature review in the domains of deepfake and fake news research.

Face Swapping Human Detection

On the Limitations of Model Stealing with Uncertainty Quantification Models

no code implementations • 9 May 2023 • David Pape, Sina Däubener, Thorsten Eisenhofer, Antonio Emanuele Cinà, Lea Schönherr

We realize that during training, the models tend to have similar predictions, indicating that the network diversity we wanted to leverage using uncertainty quantification models is not (high) enough for improvements on the model stealing task.

Uncertainty Quantification

No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning

1 code implementation • 25 Mar 2023 • Thorsten Eisenhofer, Erwin Quiring, Jonas Möller, Doreen Riepel, Thorsten Holz, Konrad Rieck

In this paper, we show that this automation can be manipulated using adversarial learning.

Topic Models

Learned Systems Security

no code implementations • 20 Dec 2022 • Roei Schuster, Jin Peng Zhou, Thorsten Eisenhofer, Paul Grubbs, Nicolas Papernot

We analyze the root causes of potentially-increased attack surface in learned systems and develop a framework for identifying vulnerabilities that stem from the use of ML.

Verifiable and Provably Secure Machine Unlearning

1 code implementation • 17 Oct 2022 • Thorsten Eisenhofer, Doreen Riepel, Varun Chandrasekaran, Esha Ghosh, Olga Ohrimenko, Nicolas Papernot

In this framework, the server first computes a proof that the model was trained on a dataset $D$.

Machine Unlearning regression +1

Dompteur: Taming Audio Adversarial Examples

1 code implementation • 10 Feb 2021 • Thorsten Eisenhofer, Lea Schönherr, Joel Frank, Lars Speckemeier, Dorothea Kolossa, Thorsten Holz

In this paper we propose a different perspective: We accept the presence of adversarial examples against ASR systems, but we require them to be perceivable by human listeners.

Automatic Speech Recognition Automatic Speech Recognition (ASR) +1

VenoMave: Targeted Poisoning Against Speech Recognition

1 code implementation • 21 Oct 2020 • Hojjat Aghakhani, Lea Schönherr, Thorsten Eisenhofer, Dorothea Kolossa, Thorsten Holz, Christopher Kruegel, Giovanni Vigna

In a more realistic scenario, when the target audio waveform is played over the air in different rooms, VENOMAVE maintains a success rate of up to 73. 3%.

Automatic Speech Recognition Automatic Speech Recognition (ASR) +3

Leveraging Frequency Analysis for Deep Fake Image Recognition

1 code implementation • ICML 2020 • Joel Frank, Thorsten Eisenhofer, Lea Schönherr, Asja Fischer, Dorothea Kolossa, Thorsten Holz

Based on this analysis, we demonstrate how the frequency representation can be used to identify deep fake images in an automated way, surpassing state-of-the-art methods.

Image Forensics

Imperio: Robust Over-the-Air Adversarial Examples for Automatic Speech Recognition Systems

no code implementations • 5 Aug 2019 • Lea Schönherr, Thorsten Eisenhofer, Steffen Zeiler, Thorsten Holz, Dorothea Kolossa

In this paper, we demonstrate the first algorithm that produces generic adversarial examples, which remain robust in an over-the-air attack that is not adapted to the specific environment.

Automatic Speech Recognition Automatic Speech Recognition (ASR) +1