The blog summarizes the machine learning related papers on the USENIX Security 21’ at first. Then I would like to choose several papers to introduce their main ideas. All the videos, slides are published here.
Machine Learning: Backdoor and Poisoning
- Explanation-Guided Backdoor Poisoning Attacks Against Malware Classifiers
- Blind Backdoors in Deep Learning Models
- Graph Backdoor
- Demon in the Variant: Statistical Analysis of DNNs for Robust Backdoor Contamination Detection
- You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion
- Poisoning the Unlabeled Dataset of Semi-Supervised Learning
- Double-Cross Attacks: Subverting Active Learning Systems
Adversarial Machine Learning: Defenses
- PatchGuard: A Provably Robust Defense against Adversarial Patches via Small Receptive Fields and Masking
- T-Miner: A Generative Approach to Defend Against Trojan Attacks on DNN-based Text Classification
- WaveGuard: Understanding and Mitigating Audio Adversarial Examples
- Cost-Aware Robust Tree Ensembles for Security Applications
- Dompteur: Taming Audio Adversarial Examples
- CADE: Detecting and Explaining Concept Drift Samples for Security Applications
- SIGL: Securing Software Installations Through Deep Graph Learning
Machine Learning: Privacy Issues
- Systematic Evaluation of Privacy Risks of Machine Learning Models
- Extracting Training Data from Large Language Models
- SWIFT: Super-fast and Robust Privacy-Preserving Machine Learning
- Stealing Links from Graph Neural Networks
- Leakage of Dataset Properties in Multi-Party Machine Learning
- Defeating DNN-Based Traffic Analysis Systems in Real-Time With Blind Adversarial Perturbations
- Cerebro: A Platform for Multi-Party Cryptographic Collaborative Learning