Search Results for author:
Found 5 papers, 3 papers with code
Exploring Privacy and Fairness Risks in Sharing Diffusion Models: An Adversarial Perspective
We demonstrate that the sharer can execute fairness poisoning attacks to undermine the receiver's downstream models by manipulating the training data distribution of the diffusion model.
Passive Inference Attacks on Split Learning via Adversarial Regularization
SDAR leverages auxiliary data and adversarial regularization to learn a decodable simulator of the client's private model, which can effectively infer the client's private features under the vanilla SL, and both features and labels under the U-shaped SL.
A Fusion-Denoising Attack on InstaHide with Data Augmentation
InstaHide is a state-of-the-art mechanism for protecting private training images, by mixing multiple private images and modifying them such that their visual features are indistinguishable to the naked eye.
Feature Inference Attack on Model Predictions in Vertical Federated Learning
Federated learning (FL) is an emerging paradigm for facilitating multiple organizations' data collaboration without revealing their private data to each other.
Exploiting Defenses against GAN-Based Feature Inference Attacks in Federated Learning
In this paper, we exploit defenses against GAN-based attacks in federated learning, and propose a framework, Anti-GAN, to prevent attackers from learning the real distribution of the victim's data.
