Search Results for author:
Found 24 papers, 10 papers with code
Hardening RGB-D Object Recognition Systems against Adversarial Patch Attacks
We empirically show that this defense improves the performances of RGB-D systems against adversarial examples even when they are computed ad-hoc to circumvent this detection mechanism, and that is also more effective than adversarial training.
Minimizing Energy Consumption of Deep Learning Models by Energy-Aware Training
Deep learning models undergo a significant increase in the number of parameters they possess, leading to the execution of a larger number of operations during inference.
A Survey on Reinforcement Learning Security with Application to Autonomous Driving
Reinforcement learning allows machines to learn from their own experience.
Wild Patterns Reloaded: A Survey of Machine Learning Security against Training Data Poisoning
In this survey, we provide a comprehensive systematization of poisoning attacks and defenses in machine learning, reviewing more than 100 papers published in the field in the last 15 years.
Machine Learning Security against Data Poisoning: Are We There Yet?
The recent success of machine learning (ML) has been fueled by the increasing availability of computing power and large amounts of data in many different applications.
Energy-Latency Attacks via Sponge Poisoning
Sponge examples are test-time inputs carefully optimized to increase energy consumption and latency of neural networks when deployed on hardware accelerators.
ImageNet-Patch: A Dataset for Benchmarking Machine Learning Robustness against Adversarial Patches
We showcase the usefulness of this dataset by testing the effectiveness of the computed patches against 127 models.
Why Adversarial Reprogramming Works, When It Fails, and How to Tell the Difference
Adversarial reprogramming allows repurposing a machine-learning model to perform a different task.
The Threat of Offensive AI to Organizations
Although offensive AI has been discussed in the past, there is a need to analyze and understand the threat in the context of organizations.
Indicators of Attack Failure: Debugging and Improving Optimization of Adversarial Examples
Evaluating robustness of machine-learning models to adversarial examples is a challenging problem.
Backdoor Learning Curves: Explaining Backdoor Poisoning Beyond Influence Functions
Backdoor attacks inject poisoning samples during training, with the goal of forcing a machine learning model to output an attacker-chosen class when presented a specific trigger at test time.
BAARD: Blocking Adversarial Examples by Testing for Applicability, Reliability and Decidability
Applicability Domain defines a domain based on the known compounds and rejects any unknown compound that falls outside the domain.
The Hammer and the Nut: Is Bilevel Optimization Really Needed to Poison Linear Classifiers?
One of the most concerning threats for modern AI systems is data poisoning, where the attacker injects maliciously crafted training data to corrupt the system's behavior at test time.
Domain Knowledge Alleviates Adversarial Attacks in Multi-Label Classifiers
Adversarial attacks on machine learning-based classifiers, along with defense mechanisms, have been widely studied in the context of single-label classification problems.
Do Gradient-based Explanations Tell Anything About Adversarial Robustness to Android Malware?
While machine-learning algorithms have demonstrated a strong ability in detecting Android malware, they can be evaded by sparse evasion attacks crafted by injecting a small set of fake components, e. g., permissions and system calls, without compromising intrusive functionality.
secml: A Python Library for Secure and Explainable Machine Learning
We present \texttt{secml}, an open-source Python library for secure and explainable machine learning.
Deep Neural Rejection against Adversarial Examples
Despite the impressive performances reported by deep neural networks in different application domains, they remain largely vulnerable to adversarial examples, i. e., input samples that are carefully perturbed to cause misclassification at test time.
Why Do Adversarial Attacks Transfer? Explaining Transferability of Evasion and Poisoning Attacks
Transferability captures the ability of an attack against a machine-learning model to be effective against a different, potentially unknown, model.
Adversarial Malware Binaries: Evading Deep Learning for Malware Detection in Executables
Machine-learning methods have already been exploited as useful tools for detecting malicious executable files.
Cryptography and Security
Super-sparse Learning in Similarity Spaces
In several applications, input samples are more naturally represented in terms of similarities between each other, rather than in terms of feature vectors.
On Security and Sparsity of Linear Classifiers for Adversarial Settings
However, in such settings, they have been shown to be vulnerable to adversarial attacks, including the deliberate manipulation of data at test time to evade detection.
Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization
This exposes learning algorithms to the threat of data poisoning, i. e., a coordinate attack in which a fraction of the training data is controlled by the attacker and manipulated to subvert the learning process.
Is Deep Learning Safe for Robot Vision? Adversarial Examples against the iCub Humanoid
Deep neural networks have been widely adopted in recent years, exhibiting impressive performances in several application domains.
Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection
To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection.
Cryptography and Security
