Beauty and the Burst: Remote Identification of Encrypted Video Streams
Transformer Feed-Forward Layers Are Key-Value Memories
- Mor Geva, R. Schuster, Jonathan Berant, Omer Levy
- Computer ScienceConference on Empirical Methods in Natural…
- 29 December 2020
This work shows that feed-forward layers in transformer-based language models operate as key-value memories, where each key correlates with textual patterns in the training examples, and each value induces a distribution over the output vocabulary.
Situational Access Control in the Internet of Things
- R. Schuster, Vitaly Shmatikov, Eran Tromer
- Computer ScienceConference on Computer and Communications…
- 8 October 2018
This work designs and implements a new approach to IoT access control and introduces "environmental situation oracles'' (ESOs) as first-class objects in the IoT ecosystem, which reduces inefficiency, supports consistent enforcement of common policies, and reduces overprivileging.
When the Curious Abandon Honesty: Federated Learning Is Not Private
- Franziska Boenisch, Adam Dziedzic, R. Schuster, A. Shamsabadi, Ilia Shumailov, Nicolas Papernot
- Computer ScienceArXiv
- 6 December 2021
This paper argues that prior work still largely underestimates the vulnerability of FL, and introduces an active and dishonest attacker acting as the central party, who is able to modify the shared model’s weights before users compute model gradients.
The Limitations of Stylometry for Detecting Machine-Generated Fake News
- Tal Schuster, R. Schuster, Darsh J. Shah, R. Barzilay
- Computer ScienceInternational Conference on Computational Logic
- 26 August 2019
Though stylometry can successfully prevent impersonation by identifying text provenance, it fails to distinguish legitimate LM applications from those that introduce false information, highlighting the need for non-stylometry approaches in detecting machine-generated misinformation.
Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels
- Daniel Genkin, Mihir Pattani, R. Schuster, Eran Tromer
- Computer ScienceIEEE Symposium on Security and Privacy
- 7 September 2018
It is shown that subtle acoustic noises emanating from within computer screens can be used to detect the content displayed on the screens and to analyze the audio received during video call to infer whether the other side is browsing the web in lieu of watching the video call, and which web site is displayed on their screen.
Humpty Dumpty: Controlling Word Meanings via Corpus Poisoning
- R. Schuster, Tal Schuster, Yoav Meri, Vitaly Shmatikov
- Computer ScienceIEEE Symposium on Security and Privacy (SP)
- 14 January 2020
This work develops an explicit expression over corpus features that serves as a proxy for distance between words and establishes a causative relationship between its values and embedding distances, and shows how the attacker can generate linguistically likely corpus modifications, thus fooling defenses that attempt to filter implausible sentences from the corpus using a language model.
DroidDisintegrator: Intra-Application Information Flow Control in Android Apps
A system, DroidDisintegrator, which demonstrates the viability of component-level IFC for expressing and controlling app behavior, and uses dynamic analysis to generate IFC policies for Android apps, repackages apps to embed these policies, and enforces the policies at runtime.
You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion
- R. Schuster, Congzheng Song, Eran Tromer, Vitaly Shmatikov
- Computer ScienceUSENIX Security Symposium
- 5 July 2020
This work quantifies the efficacy of targeted and untargeted data- and model-poisoning attacks against state-of-the-art autocompleters based on Pythia and GPT-2.
Are We Safe Yet? The Limitations of Distributional Features for Fake News Detection
A fundamental problem with provenance-based approaches against attackers that auto-generate fake news is identified: fake and legitimate texts can originate from nearly identical sources.