Search Results for author:
Found 16 papers, 8 papers with code
Verifiable and Provably Secure Machine Unlearning
In our cryptographic protocol, the server first computes a proof that the model was trained on a dataset~$D$.
On the Fundamental Limits of Formally (Dis)Proving Robustness in Proof-of-Learning
We contribute a formal analysis of why the PoL protocol cannot be formally (dis)proven to be robust against spoofing adversaries.
Hierarchical Federated Learning with Privacy
Federated learning (FL), where data remains at the federated clients, and where only gradient updates are shared with a central aggregator, was assumed to be private.
Unrolling SGD: Understanding Factors Influencing Machine Unlearning
In this work, we first taxonomize approaches and metrics of approximate unlearning.
SoK: Machine Learning Governance
The application of machine learning (ML) in computer systems introduces not only many benefits but also risks to society.
On the Exploitability of Audio Machine Learning Pipelines to Surreptitious Adversarial Examples
In the white-box setting, we instantiate this class with a joint, multi-stage optimization attack.
Causally Constrained Data Synthesis for Private Data Release
However for real-world applications, the privacy of data is critical.
Proof-of-Learning: Definitions and Practice
In particular, our analyses and experiments show that an adversary seeking to illegitimately manufacture a proof-of-learning needs to perform *at least* as much work than is needed for gradient descent itself.
A General Framework For Detecting Anomalous Inputs to DNN Classifiers
We propose an unsupervised anomaly detection framework based on the internal DNN layer representations in the form of a meta-algorithm with configurable components.
Face-Off: Adversarial Face Obfuscation
We implement and evaluate Face-Off to find that it deceives three commercial face recognition services from Microsoft, Amazon, and Face++.
Cryptography and Security
Entangled Watermarks as a Defense against Model Extraction
Such pairs are watermarks, which are not sampled from the task distribution and are only known to the defender.
On the Effectiveness of Mitigating Data Poisoning Attacks with Gradient Shaping
In this work, we study the feasibility of an attack-agnostic defense relying on artifacts that are common to all poisoning attacks.
Machine Unlearning
Once users have shared their data online, it is generally difficult for them to revoke access and ask for the data to be deleted.
Generating Semantic Adversarial Examples with Differentiable Rendering
In this paper we explore semantic adversarial examples (SAEs) where an attacker creates perturbations in the semantic space representing the environment that produces input for the ML model.
Rearchitecting Classification Frameworks For Increased Robustness
and how to design a classification paradigm that leverages these invariances to improve the robustness accuracy trade-off?
Exploring Connections Between Active Learning and Model Extraction
This has resulted in the surge of Machine Learning-as-a-Service (MLaaS) - cloud services that provide (a) tools and resources to learn the model, and (b) a user-friendly query interface to access the model.
