2023安全顶会AI安全相关汇总

顶会 汇总 AI安全 机器学习
发布日期:   2023-09-06
更新日期:   2024-01-10
文章字数:   937
阅读时长:   5 分
阅读次数:  

NDSS

对抗样本防御

  1. Adversarial Robustness for Tabular Data through Cost and Utility Awareness
  2. BARS: Local Robustness Certification for Deep Learning based Traffic Analysis Systems 流量相关

后门攻击

  1. Backdoor Attacks Against Dataset Distillation

S&P

AI伦理

  1. How technical do you get? I’m an English teacher”: Teaching and Learning Cybersecurity and AI Ethics in High School

AI&差分隐私

  1. A Theory to Instruct Differentially-Private Learning via Clipping Bias Reduction
  2. Continual Observation under User-level Differential Privacy
  3. Locally Differentially Private Frequency Estimation Based on Convolution Framework
  4. Spectral-DP: Differentially Private Deep Learning through Spectral Perturbation and Filtering

对抗样本攻击

  1. AI-Guardian: Defeating Adversarial Attacks using Backdoors
  2. SoK: Certified Robustness for Deep Neural Networks

后门攻击

  1. Redeem Myself: Purifying Backdoors in Deep Learning Models using Self Attention Distillation
  2. Disguising Attacks with Explanation-Aware Backdoors

推理攻击

  1. SNAP: Efficient Extraction of Private Properties with Poisoning
  2. Accuracy-Privacy Trade-off in Deep Ensemble: A Membership Inference Perspective
  3. SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning

模型萃取攻击

  1. D-DAE: Defense-Penetrating Model Extraction Attacks

机器学习可解释性

  1. Everybody’s Got ML, Tell Me What Else You Have: Practitioners’ Perception of ML-Based Security Tools and Explanations

USENIX

对抗样本攻击

  1. KENKU: Towards Efficient and Stealthy Black-box Adversarial Attacks against ASR Systems
  2. Towards Targeted Obfuscation of Adversarial Unsafe Images using Reconstruction and Counterfactual Super Region Attribution Explainability
  3. TPatch: A Triggered Physical Adversarial Patch
  4. CAPatch: Physical Adversarial Patch against Image Captioning Systems
  5. Hard-label Black-box Universal Adversarial Patch Attack
  6. The Space of Adversarial Strategies
  7. X-Adv: Physical Adversarial Object Attacks against X-ray Prohibited Item Detection
  8. SMACK: Semantically Meaningful Adversarial Audio Attack audio
  9. URET: Universal Robustness Evaluation Toolkit (for Evasion)
  10. Precise and Generalized Robustness Certification for Neural Networks
  11. DiffSmooth: Certifiably Robust Learning via Diffusion Models and Local Smoothing

成员推理攻击

后门攻击

  1. Towards A Proactive ML Approach for Detecting Backdoor Poison Samples
  2. PELICAN: Exploiting Backdoors of Naturally Trained Deep Learning Models In Binary Code Analysis 二进制代码分析自动发现后门
  3. A Data-free Backdoor Injection Approach in Neural Networks
  4. Sparsity Brings Vulnerabilities: Exploring New Metrics in Backdoor Attacks
  5. Aliasing Backdoor Attacks on Pre-trained Models
  6. ASSET: Robust Backdoor Data Detection Across a Multiplicity of Deep Learning Paradigms
  7. VILLAIN: Backdoor Attacks Against Vertical Split Learning
  8. FreeEagle: Detecting Complex Neural Trojans in Data-Free Cases

投毒攻击

  1. Meta-Sift: How to Sift Out a Clean Subset in the Presence of Data Poisoning?
  2. Fine-grained Poisoning Attack to Local Differential Privacy Protocols for Mean and Variance Estimation

比特翻转(bit-flip)攻击

  1. Aegis: Mitigating Targeted Bit-flip Attacks against Deep Neural Networks
  2. NeuroPots: Realtime Proactive Defense against Bit-Flip Attacks in Neural Networks

差分隐私

  1. What Are the Chances? Explaining the Epsilon Parameter in Differential Privacy
  2. Tight Auditing of Differentially Private Machine Learning

模型水印

  1. Rethinking White-Box Watermarks on Deep Learning Models under Neural Structural Obfuscation

其它

  1. CodexLeaks: Privacy Leaks from Code Generation Language Models in GitHub Copilot
  2. IvySyn: Automated Vulnerability Discovery in Deep Learning Frameworks
  3. “Security is not my field, I’m a stats guy”: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry 对抗训练相关

CCS

后门攻击

  1. Narcissus: A Practical Clean-Label Backdoor Attack with Limited Information

模型窃取

  1. Stealing the Decoding Algorithms of Language Models语言模型的解码算法、超参数窃取
  2. Stolen Risks of Models with Security Properties 强化学习模型隐私风险验证

差分隐私&机器学习

  1. DPMLBench: Holistic Evaluation of Differentially Private Machine Learning
  2. Geometry of Sensitivity: Twice Sampling and Hybrid Clipping in Differential Privacy with Optimal Gaussian Noise and Application to Deep Learning
  3. Blink: Link Local Differential Privacy in Graph Neural Networks via Bayesian Estimation 图神经网络
  4. DP-Forward: Fine-tuning and Inference on Language Models with Differential Privacy in Forward Pass 语言模型

其它

  1. Stateful Defenses for Machine Learning Models Are Not Yet Secure Against Black-box Attacks 黑盒攻击增强策略
  2. Prediction Privacy in Distributed Multi-Exit Neural Networks: Vulnerabilities and Solutions
  3. Devil in Disguise: Breaching Graph Neural Networks Privacy through Infiltration 对图神经网络的攻击
  4. Evading Watermark based Detection of AI-Generated Content 生成模型水印检测规避
  5. Interactive Proofs For Differentially Private Counting 交互式差分隐私证明(可能没有AI相关的内容)
  6. SalsaPicante: A Machine Learning Attack on LWE with Binary Secrets 用机器学习攻击量子密码系统
  7. Efficient Query-Based Attack against ML-Based Android Malware Detection under Zero Knowledge Setting 攻击恶意软件检测模型
  8. “Get in Researchers; We’re Measuring Reproducibility”: A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences 论文可复现性检查
  9. DE-FAKE: Detection and Attribution of Fake Images Generated by Text-to-Image Generation Models 生成图像检测
  10. Attack Some while Protecting Others: Selective Attack Strategies for Attacking and Protecting Multiple Concepts
  11. Unforgeability in Stochastic Gradient Descent SGD执行的可伪造性
文章作者: wangxh
文章链接: https://blog.expecto.top/2023/09/06/2023-an-quan-ding-hui-ai-an-quan-xiang-guan-hui-zong/
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 wangxh !
顶会 汇总 AI安全 机器学习
  目录