2024
Scalable watermarking for identifying large language model outputs.
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
Nat., October, 2024
Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy, Research, and Practice.
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
,
CoRR, 2024
To Shuffle or not to Shuffle: Auditing DP-SGD with Shuffling.
CoRR, 2024
Stealing User Prompts from Mixture of Experts.
CoRR, 2024
Measuring memorization through probabilistic discoverable extraction.
CoRR, 2024
The Last Iterate Advantage: Empirical Auditing and Principled Heuristic Analysis of Differentially Private SGD.
CoRR, 2024
UnUnlearning: Unlearning is not sufficient for content regulation in advanced generative AI.
CoRR, 2024
Measuring memorization in RLHF for code completion.
CoRR, 2024
Are we making progress in unlearning? Findings from the first NeurIPS unlearning competition.
,
,
,
,
,
,
,
,
,
,
,
,
,
,
CoRR, 2024
Locking Machine Learning Models into Hardware.
CoRR, 2024
Inexact Unlearning Needs More Careful Evaluations to Avoid a False Sense of Privacy.
CoRR, 2024
Buffer Overflow in Mixture of Experts.
CoRR, 2024
Beyond Slow Signs in High-fidelity Model Extraction.
Proceedings of the Advances in Neural Information Processing Systems 38: Annual Conference on Neural Information Processing Systems 2024, 2024
Beyond the Calibration Point: Mechanism Comparison in Differential Privacy.
Proceedings of the Forty-first International Conference on Machine Learning, 2024
2023
Unlocking Accuracy and Fairness in Differentially Private Image Classification.
CoRR, 2023
Bounding data reconstruction attacks with the hypothesis testing interpretation of differential privacy.
CoRR, 2023
Differentially Private Diffusion Models Generate Useful Synthetic Images.
CoRR, 2023
Tight Auditing of Differentially Private Machine Learning.
Proceedings of the 32nd USENIX Security Symposium, 2023
Extracting Training Data from Diffusion Models.
Proceedings of the 32nd USENIX Security Symposium, 2023
Mnemonist: Locating Model Parameters that Memorize Training Examples.
Proceedings of the Uncertainty in Artificial Intelligence, 2023
Towards Unbounded Machine Unlearning.
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023
Bounding training data reconstruction in DP-SGD.
Proceedings of the Advances in Neural Information Processing Systems 36: Annual Conference on Neural Information Processing Systems 2023, 2023
Adaptive Webpage Fingerprinting from TLS Traces.
Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network, 2023
2022
Unlocking High-Accuracy Differentially Private Image Classification through Scale.
CoRR, 2022
Learning to be adversarially robust and differentially private.
CoRR, 2022
Reconstructing Training Data with Informed Adversaries.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022
Local and Central Differential Privacy for Robustness and Privacy in Federated Learning.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022
2020
Towards transformation-resilient provenance detection of digital media.
CoRR, 2020
Adaptive Traffic Fingerprinting: Large-scale Inference under Realistic Assumptions.
CoRR, 2020
Toward Robustness and Privacy in Federated Learning: Experimenting with Local and Central Differential Privacy.
CoRR, 2020
Provable trade-offs between private & robust machine learning.
CoRR, 2020
Unique properties of adversarially trained linear classifiers on Gaussian data.
CoRR, 2020
A Framework for robustness Certification of Smoothed Classifiers using F-Divergences.
Proceedings of the 8th International Conference on Learning Representations, 2020
Extensions and limitations of randomized smoothing for robustness guarantees.
Proceedings of the 2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2020
2019
LOGAN: Membership Inference Attacks Against Generative Models.
Proc. Priv. Enhancing Technol., 2019
2018
A note on hyperparameters in black-box adversarial examples.
CoRR, 2018
Evading classifiers in discrete domains with provable optimality guarantees.
CoRR, 2018
Learning Universal Adversarial Perturbations with Generative Models.
Proceedings of the 2018 IEEE Security and Privacy Workshops, 2018
Contamination Attacks and Mitigation in Multi-Party Machine Learning.
Proceedings of the Advances in Neural Information Processing Systems 31: Annual Conference on Neural Information Processing Systems 2018, 2018
On Visible Adversarial Perturbations & Digital Watermarking.
Proceedings of the 2018 IEEE Conference on Computer Vision and Pattern Recognition Workshops, 2018
2017
Website Fingerprinting Defenses at the Application Layer.
Proc. Priv. Enhancing Technol., 2017
Machine Learning as an Adversarial Service: Learning Black-Box Adversarial Examples.
CoRR, 2017
LOGAN: Evaluating Privacy Leakage of Generative Models Using Generative Adversarial Networks.
CoRR, 2017
ste-GAN-ography: Generating Steganographic Images via Adversarial Training.
CoRR, 2017
AnNotify: A Private Notification Service.
Proceedings of the 2017 on Workshop on Privacy in the Electronic Society, Dallas, TX, USA, October 30, 2017
The Loopix Anonymity System.
Proceedings of the 26th USENIX Security Symposium, 2017
Generating steganographic images via adversarial training.
Proceedings of the Advances in Neural Information Processing Systems 30: Annual Conference on Neural Information Processing Systems 2017, 2017
2016
AnoNotify: A Private Notification Service.
IACR Cryptol. ePrint Arch., 2016
Traffic Confirmation Attacks Despite Noise.
CoRR, 2016
TASP: Towards Anonymity Sets that Persist.
Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society, 2016
k-fingerprinting: A Robust Scalable Website Fingerprinting Technique.
Proceedings of the 25th USENIX Security Symposium, 2016
2015
Guard Sets for Onion Routing.
Proc. Priv. Enhancing Technol., 2015
Better open-world website fingerprinting.
CoRR, 2015