research
∙
09/11/2023
Privacy Side Channels in Machine Learning Systems
Most current approaches for protecting privacy in machine learning (ML) ...
share
research
∙
07/27/2023
Backdoor Attacks for In-Context Learning with Language Models
Because state-of-the-art language models are expensive to train, most pr...
research
∙
06/26/2023
Are aligned neural networks adversarially aligned?
Large language models are now tuned to align with the goals of their cre...
research
∙
05/31/2023
A Note On Interpreting Canary Exposure
Canary exposure, introduced in Carlini et al. is frequently used to empi...
research
∙
05/15/2023
Privacy Auditing with One (1) Training Run
We propose a scheme for auditing differentially private machine learning...
research
∙
05/10/2023
Privacy-Preserving Recommender Systems with Synthetic Query Generation using Differentially Private Large Language Models
We propose a novel approach for developing privacy-preserving large-scal...
research
∙
03/06/2023
Students Parrot Their Teachers: Membership Inference on Model Distillation
Model distillation is frequently proposed as a technique to reduce the p...
research
∙
02/27/2023
Randomness in ML Defenses Helps Persistent Attackers and Hinders Evaluators
It is becoming increasingly imperative to design robust ML defenses. How...
research
∙
02/20/2023
Poisoning Web-Scale Training Datasets is Practical
Deep learning models are often trained on distributed, webscale datasets...
research
∙
02/15/2023
Tight Auditing of Differentially Private Machine Learning
Auditing mechanisms for differential privacy use probabilistic means to ...
research
∙
01/30/2023
Extracting Training Data from Diffusion Models
Image diffusion models such as DALL-E 2, Imagen, and Stable Diffusion ha...
research
∙
10/31/2022
Preventing Verbatim Memorization in Language Models Gives a False Sense of Privacy
Studying data memorization in neural language models helps us understand...
research
∙
08/27/2022
Network-Level Adversaries in Federated Learning
Federated learning is a popular strategy for training models on distribu...
research
∙
08/25/2022
SNAP: Efficient Extraction of Private Properties with Poisoning
Property inference attacks allow an adversary to extract global properti...
research
∙
06/21/2022
The Privacy Onion Effect: Memorization is Relative
Machine learning models trained on private datasets have been shown to l...
research
∙
05/20/2022
SafeNet: Mitigating Data Poisoning Attacks on Private Machine Learning
Secure multiparty computation (MPC) has been proposed to allow multiple ...
research
∙
05/12/2022
How to Combine Membership-Inference Attacks on Multiple Updated Models
A large body of research has shown that machine learning models are vuln...
research
∙
05/05/2022
Subverting Fair Image Search with Generative Adversarial Perturbations
In this work we explore the intersection fairness and robustness in the ...
research
∙
03/31/2022
Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets
We introduce a new class of attacks on machine learning models. We show ...
research
∙
02/15/2022
Quantifying Memorization Across Neural Language Models
Large language models (LMs) have been shown to memorize parts of their t...
research
∙
12/24/2021
Counterfactual Memorization in Neural Language Models
Modern neural language models widely used in tasks across NLP risk memor...
research
∙
12/14/2020
Extracting Training Data from Large Language Models
It has become common to publish large (billion parameter) language model...
research
∙
06/24/2020
Subpopulation Data Poisoning Attacks
Machine learning (ML) systems are deployed in critical settings, but the...
research
∙
06/13/2020
Auditing Differentially Private Machine Learning: How Private is Private SGD?
We investigate whether Differentially Private SGD offers better privacy ...
research
∙
03/10/2020
Cryptanalytic Extraction of Neural Network Models
We argue that the machine learning problem of model extraction is actual...
research
∙
09/03/2019
High-Fidelity Extraction of Neural Network Models
Model extraction allows an adversary to steal a copy of a remotely deplo...
research
∙
12/06/2018
Differentially Private Fair Learning
We design two learning algorithms that simultaneously promise differenti...
research
∙
09/08/2018
On the Intriguing Connections of Regularization, Input Gradients and Transferability of Evasion and Poisoning Attacks
Transferability captures the ability of an attack against a machine-lear...
research
∙
04/01/2018