Skip to search formSkip to main contentSkip to account menu

The Limitations of Deep Learning in Adversarial Settings

This work formalizes the space of adversaries against deep neural networks (DNNs) and introduces a novel class of algorithms to craft adversarial samples based on a precise understanding of the mapping between inputs and outputs of DNNs.
View on IEEE (opens in a new tab)

Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures

A new class of model inversion attack is developed that exploits confidence values revealed along with predictions and is able to estimate whether a respondent in a lifestyle survey admitted to cheating on their significant other and recover recognizable images of people's faces given only their name.
View on ACM (opens in a new tab)

Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting

The effect that overfitting and influence have on the ability of an attacker to learn information about the training data from machine learning models, either through training set membership inference or attribute inference attacks is examined.
View on IEEE (opens in a new tab)

Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing

It is concluded that current DP mechanisms do not simultaneously improve genomic privacy while retaining desirable clinical efficacy, highlighting the need for new mechanisms that should be evaluated in situ using the general methodology introduced by this work.
View on PubMed (opens in a new tab)

Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors

This paper presents an automatic technique for extracting optimally discriminative specifications, which uniquely identify a class of programs, which can be used by a behavior-based malware detector.
View on IEEE (opens in a new tab)

Cyber SA: Situational Awareness for Cyber Defense

Intrusion detection is a very primitive element of this aspect of situation perception, it identifies an event that may be part of an attack once that event adds to a recognition or identification activity.
View via Publisher (opens in a new tab)

Stolen Memories: Leveraging Model Memorization for Calibrated White-Box Membership Inference

This work shows how a model's idiosyncratic use of features can provide evidence for membership to white-box attackers---even when the model's black-box behavior appears to generalize well---and demonstrates that this attack outperforms prior black- box methods.
View PDF on arXiv (opens in a new tab)

A Layered Architecture for Detecting Malicious Behaviors

This work effectively distinguished malicious execution of high-level behaviors from benign by identifying remotely-initiated actions and designed to preemptively address evasive malware behavior.
View via Publisher (opens in a new tab)

Verified Security for Browser Extensions

This paper presents \ibex, a new framework for authoring, analyzing, verifying, and deploying secure browser extensions based on using type-safe, high-level languages to program extensions against an API providing access to a variety of browser features, and proposes using Data log to specify fine-grained access control and dataflow policies.
View on IEEE (opens in a new tab)

Mining Graph Patterns Efficiently via Randomized Summaries

This work proposes a new framework, called Summarize-Mine, which can find interesting malware fingerprints that were not revealed previously by generating randomized summaries and repeating the process for multiple rounds, and provides strict probabilistic guarantees on pattern loss likelihood.
View via Publisher (opens in a new tab)
...
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy (opens in a new tab), Terms of Service (opens in a new tab), and Dataset License (opens in a new tab)