Skip to search formSkip to main contentSkip to account menu
The Limitations of Deep Learning in Adversarial Settings
TLDR
This work formalizes the space of adversaries against deep neural networks (DNNs) and introduces a novel class of algorithms to craft adversarial samples based on a precise understanding of the mapping between inputs and outputs of DNNs.
View on IEEE
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
TLDR
TaintDroid is an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data and enabling realtime analysis by leveraging Android’s virtualized execution environment.
View via Publisher
FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps
TLDR
FlowDroid is presented, a novel and highly precise static taint analysis for Android applications that successfully finds leaks in a subset of 500 apps from Google Play and about 1,000 malware apps from the VirusShare project.
View on ACM
Ensemble Adversarial Training: Attacks and Defenses
TLDR
This work finds that adversarial training remains vulnerable to black-box attacks, where perturbations computed on undefended models are transferred to a powerful novel single-step attack that escapes the non-smooth vicinity of the input data via a small random step.
View PDF on arXiv
Practical Black-Box Attacks against Machine Learning
TLDR
This work introduces the first practical demonstration of an attacker controlling a remotely hosted DNN with no such knowledge, and finds that this black-box attack strategy is capable of evading defense strategies previously found to make adversarial example crafting harder.
View on ACM
Distillation as a Defense to Adversarial Perturbations Against Deep Neural Networks
TLDR
The study shows that defensive distillation can reduce effectiveness of sample creation from 95% to less than 0.5% on a studied DNN, and analytically investigates the generalizability and robustness properties granted by the use of defensive Distillation when training DNNs.
View on IEEE
Transferability in Machine Learning: from Phenomena to Black-Box Attacks using Adversarial Samples
TLDR
New transferability attacks between previously unexplored (substitute, victim) pairs of machine learning model classes, most notably SVMs and decision trees are introduced.
View PDF on arXiv
On lightweight mobile phone application certification
TLDR
The Kirin security service for Android is proposed, which performs lightweight certification of applications to mitigate malware at install time and indicates that security configuration bundled with Android applications provides practical means of detecting malware.
View on ACM
IccTA: Detecting Inter-Component Privacy Leaks in Android Apps
TLDR
IccTA, a static taint analyzer to detect privacy leaks among components in Android applications goes beyond state-of-the-art approaches by supporting inter- component detection and propagating context information among components, which improves the precision of the analysis.
View on ACM
Practical Black-Box Attacks against Deep Learning Systems using Adversarial Examples
TLDR
This work introduces the first practical demonstration that cross-model transfer phenomenon enables attackers to control a remotely hosted DNN with no access to the model, its parameters, or its training data, and introduces the attack strategy of fitting a substitute model to the input-output pairs in this manner, then crafting adversarial examples based on this auxiliary model.
...
...
By clicking accept or continuing to use the site, you agree to the terms outlined in our Privacy Policy, Terms of Service, and Dataset License