Memguard: Defending against black-box membership inference attacks via adversarial examples
In a membership inference attack, an attacker aims to infer whether a data sample is in a
target classifier's training dataset or not. Specifically, given a black-box access to the target …
target classifier's training dataset or not. Specifically, given a black-box access to the target …
Realtime robust malicious traffic detection via frequency domain analysis
Machine learning (ML) based malicious traffic detection is an emerging security paradigm,
particularly for zero-day attack detection, which is complementary to existing rule based …
particularly for zero-day attack detection, which is complementary to existing rule based …
Subverting website fingerprinting defenses with robust traffic representation
Anonymity networks, eg, Tor, are vulnerable to various website fingerprinting (WF) attacks,
which allows attackers to perceive user privacy on these networks. However, the defenses …
which allows attackers to perceive user privacy on these networks. However, the defenses …
Defeating {DNN-Based} traffic analysis systems in {Real-Time} with blind adversarial perturbations
Deep neural networks (DNNs) are commonly used for various traffic analysis problems, such
as website fingerprinting and flow correlation, as they outperform traditional (eg, statistical) …
as website fingerprinting and flow correlation, as they outperform traditional (eg, statistical) …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
Beyond value perturbation: Local differential privacy in the temporal setting
Time series has numerous application scenarios. However, since many time series data are
personal data, releasing them directly could cause privacy infringement. All existing …
personal data, releasing them directly could cause privacy infringement. All existing …
Fingerprinting encrypted voice traffic on smart speakers with deep learning
This paper investigates the privacy leakage of smart speakers under an encrypted traffic
analysis attack, referred to as voice command fingerprinting. In this attack, an adversary can …
analysis attack, referred to as voice command fingerprinting. In this attack, an adversary can …
Watching the watchers: Practical video identification attack in {LTE} networks
A video identification attack is a tangible privacy threat that can reveal videos that victims are
watching. In this paper, we present the first study of a video identification attack in Long Term …
watching. In this paper, we present the first study of a video identification attack in Long Term …
Detection defense against adversarial attacks with saliency map
D Ye, C Chen, C Liu, H Wang… - International Journal of …, 2022 - Wiley Online Library
It is well established that neural networks are vulnerable to adversarial examples, which are
almost imperceptible on human vision and can cause the deep models misbehave. Such …
almost imperceptible on human vision and can cause the deep models misbehave. Such …
Protecting Confidential Virtual Machines from Hardware Performance Counter Side Channels
In modern cloud platforms, it is becoming more important to preserve the privacy of guest
virtual machines (VMs) from the untrusted host. To this end, Secure Encrypted Virtualization …
virtual machines (VMs) from the untrusted host. To this end, Secure Encrypted Virtualization …