How to Hide a Backdoor

The Register has an article on our recent work on Stealthy Backdoors as Compression Artifacts: Thomas Claburn, How to hide a backdoor in AI software — Neural networks can be aimed to misbehave when squeezed, The Register, 5 May 2021.

Hybrid Batch Attacks at USENIX Security 2020

Here’s the video for Fnu Suya’s presentation on Hybrid Batch Attacks at USENIX Security 2020:

Download Video [mp4]

Blog Post
Paper: [PDF] [arXiv]

USENIX Security 2020: Hybrid Batch Attacks

New: Video Presentation Finding Black-box Adversarial Examples with Limited Queries Black-box attacks generate adversarial examples (AEs) against deep neural networks with only API access to the victim model. Existing black-box attacks can be grouped into two main categories: Transfer Attacks use white-box attacks on local models to find candidate adversarial examples that transfer to the target model. Optimization Attacks use queries to the target model and apply optimization techniques to search for adversarial examples.

Read More…

Research Symposium Posters

Five students from our group presented posters at the department’s Fall Research Symposium:

Anshuman Suri's Overview Talk

Bargav Jayaraman, Evaluating Differentially Private Machine Learning In Practice [Poster]
[Paper (USENIX Security 2019)]

Hannah Chen [Poster]

Xiao Zhang [Poster]
Paper (NeurIPS 2019)]

Mainudding Jonas [Poster]

Fnu Suya [Poster]
Paper (USENIX Security 2020)]

Wahoos at Oakland

UVA Group Dinner at IEEE Security and Privacy 2018

Including our newest faculty member, Yongwhi Kwon, joining UVA in Fall 2018!

Yuan Tian, Fnu Suya, Mainuddin Jonas, Yongwhi Kwon, David Evans, Weihang Wang, Aihua Chen, Weilin Xu

## Poster Session

Fnu Suya (with Yuan Tian and David Evans), Adversaries Don’t Care About Averages: Batch Attacks on Black-Box Classifiers [PDF]

Mainuddin Jonas (with David Evans), Enhancing Adversarial Example Defenses Using Internal Layers [PDF]
All Posts by Category or Tags.