Privacy Enhancing Technologies

Hi all,

I am looking for a very motivated student for a… Read more

Dear all,

Dr. Giancarlo Pellegrino (https://trouge.net/) from CISPA is looking for a HIWI, if you are interested, please contact him directly via email (gpellegrino@cispa.saarland). The advertisement is as follows.

Best,

Yang

Hi all,

I am looking for a very motivated student for a project in my group at the intersection of web security and adversarial machine learning. The success of this project requires the following skills:

1) [required] Knowledge on adversarial machine learning, e.g., generating adversarial examples using Tensorflow (other framework are fine too as long as you know how to migrate models). The interested student should have attended one of the ML and security lectures at UdS (e.g., Machine Learning in Cyber Security by Prof. Fritz) or have self-taught skills on the subject.

2) [optional] Knowledge of browser extensions and independence in reversing Chrome extension JS code also when minified or lightly obfuscated;


Drop me an email if interested and we can schedule a chat and explain the specifics of the project.

Also, feel free to share this message and my email address to other students!

Best,
Giancarlo

Hi all,

some of you still have confusion on the semester project. I repeat what I said in the class here.

• Model Inversion, Algorithm 1 (page 8) in the paper "Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures". Note that AuxTerm(x) = 0, if you are at the class, you should not have this confusion.
• We recommend you use all these datasets, CIFAR10, MNIST, and Fashion-MNIST.
• You just need to perform your attack on your local trained model, this means you don't need to attack machine learning models in the cloud.
• For model extraction/stealing, please check the fourth paragraph of Section 4.1.2 in the paper "Stealing Machine Learning Models via Prediction APIs". That one is designed for MLP, but you can do the same attack on your simple CNN. So in short, just following the methods on my slides is enough.

If you have more questions about the semester project, please contact us by email ASAP. In the next lecture, I'll also be there to answer more questions. If you don't attend most of the lectures, I'm afraid I'm not able to help.

Yang

 

 

Dear all,

 

As we mentioned in the seminar, you need to implement three attacks during the seminar, which are Membership Inference Attack, Model Inversion Attack, and Model Stealing Attack(a.k.a Model Extraction Attack).

 

In the first phase, to simplify your tasks and quickly build background knowledge, we have some guides as follows:

1. You should use a simple convolutional neural network as the basic model for all the three attacks, please refer to the PyTorch tutorial https://pytorch.org/tutorials/beginner/blitz/cifar10_tutorial.html.
2. We mainly focus on image data and we suggest using the following three datasets: CIFAR10, MNIST, and Fashion-MNIST. You could load the dataset with the python torchvision package, refer to https://pytorch.org/docs/stable/torchvision/datasets.html.
3. As to the membership inference attack, you only need to implement the "attack one" in the paper titled "ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models".
4. As to the model inversion attack, you only need to implement the basic model inversion attack in Algorithm 1, refer to the paper titled "Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures".
5. We will give more information about implementing the model stealing attack next week. You could refer to the paper titled "Stealing Machine Learning Models via Prediction APIs" for some detail in advance.

 

Besides, here is the group information we received so far. I hope no one is missed. :)

1	Julian Augustin, Mahmoud Fawzi, Omar Mansour, Gayathri Vijayan
2	Yu De Lin, Vikram Vashisth, David Ahmed, Mejbah Uddin Shameem,
3	Dominik Sautter Zubayr Khalid Maximilian Zöllner Jan Cloos
4	Dominik Kempter,  Muhammad Hassan Rashid,  Leonard Zitzmann, Barno Kaharova,
5	Rui Wen, Yugeng Liu, Yongqing Wang, Julian Jacques Maurer
6	Benjamin Hollinger Hasan Md Tusfiqur Alam Filip Josheski Rayhanul Islam Rumel
7	Tajbeed Ahmed Chowdhury Mohammed Raihan Hussain Thomas Boisvert-Bilodeau Niraj Premji Sorathiya

 

Best,

Min

Dear all,

 

Today is the deadline for team building. For now, we got 5 teams, the members are as follows.

1	Julian Augustin, Mahmoud Fawzi, Omar Mansour, Gayathri Vijayan
2	Yu De Lin, Vikram Vashisth, David Ahmed, Mejbah Uddin Shameem,
3	Dominik Sautter Zubayr Khalid Maximilian Zöllner Jan Cloos
4	Dominik Kempter,  Muhammad Hassan Rashid,  Leonard Zitzmann, Barno Kaharova,
5	Rui Wen, Yugeng Liu, Yongqing Wang,

 

If you are not here, please make sure to send your team information to us by the end of today. :)

 

Best,

Min

Hi, all

I have created a google group for you to build up your team. You may find it by this link, https://groups.google.com/forum/#!managemembers/pets2020.

I have changed some settings, so you could see it without logging in. You need to apply for being a member to see the forum posts, you could log in with any e-mail you could.

If you have any questions, don't hesitate to contact us. 

 

Best,

Min

Dear all,

the kickoff of our seminar will happen on May 6th, 2020, 12:30-14:00.

Please join via zoom via the following invitation.

Cheers,

Yang

Yang Zhang is inviting you to a scheduled Zoom meeting.

Topic: PETS
Time: This is a recurring meeting Meet anytime

Join Zoom Meeting
https://zoom.us/j/93276565793?pwd=UEJWdHdQUWJqUHMvL0VMVWR2MWUzUT09

Meeting ID: 932 7656 5793
Password: 042605
One tap mobile
+496950502596,,93276565793# Germany
+496971049922,,93276565793# Germany

Dial by your location
        +49 695 050 2596 Germany
        +49 69 7104 9922 Germany
        +49 30 5679 5800 Germany
Meeting ID: 932 7656 5793
Find your local number: https://zoom.us/u/abyd3lrKDY