Showing total 7 results

1. Explanation leaks: Explanation-guided model extraction attacks.

Author

Yan, Anli, Huang, Teng, Ke, Lishan, Liu, Xiaozhang, Chen, Qi, and Dong, Changyu

Subjects

*MACHINE learning, *ARTIFICIAL intelligence, *INFORMATION modeling, *EXPLANATION, *ORGANIZATIONAL transparency

Abstract

Explainable artificial intelligence (XAI) is gradually becoming a key component of many artificial intelligence systems. However, such pursuit of transparency may bring potential privacy threats to the model confidentially, as the adversary may obtain more critical information about the model. In this paper, we systematically study how model decision explanations impact model extraction attacks, which aim at stealing the functionalities of a black-box model. Based on the threat models we formulated, an XAI-aware model extraction attack (XaMEA), a novel attack framework that exploits spatial knowledge from decision explanations is proposed. XaMEA is designed to be model-agnostic: it achieves considerable extraction fidelity on arbitrary machine learning (ML) models. Moreover, we proved that this attack is inexorable, even if the target model does not proactively provide model explanations. Various empirical results have also verified the effectiveness of XaMEA and disclosed privacy leakages caused by decision explanations. We hope this work would highlight the need for techniques that better trade off the transparency and privacy of ML models. • We propose XaMEA, three XAI-aware model extraction attack architectures. • We further carry out XAI-aware model extraction attacks against non-explanation target models. • We evaluate the attack effectiveness of XaMEA with an exhaustive set of experiments. [ABSTRACT FROM AUTHOR]

Published

2023

2. Prolog-based agnostic explanation module for structured pattern classification.

Author

Nápoles, Gonzalo, Hoitsma, Fabian, Knoben, Andreas, Jastrzebska, Agnieszka, and Leon Espinosa, Maikel

Subjects

*OPERATOR functions, *SET theory, *EXPLANATION, *COUNTERFACTUALS (Logic), *CLASSIFICATION, *NATURAL languages, *CASE-based reasoning

Abstract

This paper presents a Prolog-based reasoning module to generate counterfactual explanations given the predictions computed by a black-box classifier. Our approach comprises four well-defined stages that can be applied to any structured pattern classification problem. Firstly, we pre-process the given dataset by imputing missing values and normalizing the numerical features. Secondly, we transform numerical features into symbolic ones using fuzzy clustering such that extracted fuzzy clusters are mapped to an ordered set of predefined symbols. Thirdly, we encode instances as a Prolog rule using the nominal values, the predefined symbols, the decision classes, and the confidence values. Fourthly, we compute the overall confidence of each Prolog rule using fuzzy-rough set theory to handle the uncertainty caused by transforming numerical quantities into symbols. This step comes with an additional theoretical contribution to a new similarity function to compare the previously defined Prolog rules involving confidence values. Finally, we implement a chatbot as a proxy between humans and the Prolog-based reasoning module to resolve natural language queries and generate counterfactual explanations. During the numerical simulations using synthetic datasets, we study the performance of our system when using different fuzzy operators and similarity functions. [ABSTRACT FROM AUTHOR]

Published

2023

3. Prolog-based agnostic explanation module for structured pattern classification.

Author

Nápoles, Gonzalo, Hoitsma, Fabian, Knoben, Andreas, Jastrzebska, Agnieszka, and Leon Espinosa, Maikel

Subjects

*OPERATOR functions, *SET theory, *EXPLANATION, *COUNTERFACTUALS (Logic), *CLASSIFICATION, *NATURAL languages, *CASE-based reasoning

Abstract

This paper presents a Prolog-based reasoning module to generate counterfactual explanations given the predictions computed by a black-box classifier. Our approach comprises four well-defined stages that can be applied to any structured pattern classification problem. Firstly, we pre-process the given dataset by imputing missing values and normalizing the numerical features. Secondly, we transform numerical features into symbolic ones using fuzzy clustering such that extracted fuzzy clusters are mapped to an ordered set of predefined symbols. Thirdly, we encode instances as a Prolog rule using the nominal values, the predefined symbols, the decision classes, and the confidence values. Fourthly, we compute the overall confidence of each Prolog rule using fuzzy-rough set theory to handle the uncertainty caused by transforming numerical quantities into symbols. This step comes with an additional theoretical contribution to a new similarity function to compare the previously defined Prolog rules involving confidence values. Finally, we implement a chatbot as a proxy between humans and the Prolog-based reasoning module to resolve natural language queries and generate counterfactual explanations. During the numerical simulations using synthetic datasets, we study the performance of our system when using different fuzzy operators and similarity functions. [ABSTRACT FROM AUTHOR]

Published

2023

4. An empirical study on how humans appreciate automated counterfactual explanations which embrace imprecise information.

Author

Stepin, Ilia, Alonso-Moral, Jose M., Catala, Alejandro, and Pereira-Fariña, Martín

Subjects

*COUNTERFACTUALS (Logic), *EMPIRICAL research, *EXPLANATION, *GROUP decision making, *HUMAN beings, *EVALUATION methodology

Abstract

• Design and evaluation of three methods for generation of counterfactual explanations. • Linguistic fuzzy counterfactual explanations embrace imprecise information. • Perceived explanation complexity can be automatically measured from data. • Explanation complexity correlates with informativeness, relevance, and readability. • Human evaluation should focus on explanation issues uncorrelated with complexity. The explanatory capacity of interpretable fuzzy rule-based classifiers is usually limited to offering explanations for the predicted class only. A lack of potentially useful explanations for non-predicted alternatives can be overcome by designing methods for the so-called counterfactual reasoning. Nevertheless, state-of-the-art methods for counterfactual explanation generation require special attention to human evaluation aspects, as the final decision upon the classification under consideration is left for the end user. In this paper, we first introduce novel methods for qualitative and quantitative counterfactual explanation generation. Then, we carry out a comparative analysis of qualitative explanation generation methods operating on (combinations of) linguistic terms as well as a quantitative method suggesting precise changes in feature values. Then, we propose a new metric for assessing the perceived complexity of the generated explanations. Further, we design and carry out two human evaluation experiments to assess the explanatory power of the aforementioned methods. As a major result, we show that the estimated explanation complexity correlates well with the informativeness, relevance, and readability of explanations perceived by the targeted study participants. This fact opens the door to using the new automatic complexity metric for guiding multi-objective evolutionary explainable fuzzy modeling in the near future. [ABSTRACT FROM AUTHOR]

Published

2022

5. Explanation sets: A general framework for machine learning explainability.

Author

R. Fernández, Rubén, Martín de Diego, Isaac, M. Moguerza, Javier, and Herrera, Francisco

Subjects

*MACHINE learning, *ARTIFICIAL intelligence, *COMMUNITIES, *COUNTERFACTUALS (Logic), *EXPLANATION

Abstract

• Explanation Sets, a new framework that unifies counterfactuals and semifactuals. • Counterfactuals and semifactuals are defined in terms of a similarity measure. • Restrictions and preferences over the explanations are defined using a neighborhood. • A taxonomy for set-based representations. Explainable Machine Learning (ML) is an emerging field of Artificial Intelligence that has gained popularity in the last decade. It focuses on explaining ML models and their predictions, enabling people to understand the rationale behind them. Counterfactuals and semifactuals are two instances of Explainable ML techniques that explain model predictions using other observations. These techniques are based on the comparison between the observation to be explained and another one. In counterfactuals, their prediction is different, and in semifactuals, it is the same. Both techniques have been studied in the Social Sciences and Explainable ML communities, and they have different use cases and properties. In this paper, the Explanation Set framework, an approach that unifies counterfactuals and semifactuals, is introduced. Explanation Sets are example-based explanations defined in a neighborhood where most observations satisfy a grouping measure. The neighborhood allows defining and combining restrictions. The grouping measure determines if the explanations are counterfactuals (dissimilarity) or semifactuals (similarity). Besides providing a unified framework, the major strength of the proposal is to extend these explanations to other tasks such as regression by using an appropriate grouping measure. The proposal is validated in a regression and classification task using several neighborhoods and grouping measures. [ABSTRACT FROM AUTHOR]

Published

2022

6. Remarks on the cryptanalysis of common prime RSA for IoT constrained low power devices.

Author

Mumtaz, Majid and Ping, Luo

Subjects

*INTERNET of things, *CRYPTOGRAPHY, *MATHEMATICS, *COMMONS, *EXPLANATION

Abstract

• Introduction of the Common Prime RSA and a brief description of its background mathematics. • An overview and explanation of previous CP-RSA cryptanalytic attacks. • Formulation of new cryptanalytic attack on CP-RSA using Lattice Basis Reduction method. • Explanation and detail description of new Cryptanalytic attack solution on CP-RSA. • CP-RSA Speed and efficiency measures w.r.t practical and asymptotic aspects. • Detail explanation and comparison results with the previous CP-RSA cryptanalytic attacks. Standard RSA cryptosystem becomes vulnerable, when private key d < N 0.292 is used inside CryptoChips of constrained devices, thus an alternate scheme is the Common Prime RSA (CP-RSA) variant, which provides cryptographic (decryption/signing) operations. In this paper, we perform a cryptanalytic attack on CP-RSA using lattice basis reduction method that is used to exploit possible vulnerabilities of RSA small private key attacks. In addition, we performed detail experiments on CP-RSA weak or overestimated bounds and compare results to the past studies. Our implemented cryptanalytic attack implicates more precise and direct method to exploit the CP-RSA existing theoretical and experimental bounds. Also, our results prove that CP-RSA is an effective approach that provides resistance against standard RSA small private key attacks. [ABSTRACT FROM AUTHOR]

Published

2020

7. Trees for explaining recommendations made through collaborative filtering.

Author

Hernando, Antonio, Bobadilla, Jesús, Ortega, Fernando, and Gutiérrez, Abraham

Subjects

*TREE graphs, *INFORMATION filtering, *RECOMMENDER systems, *DATA visualization, *RELIABILITY in engineering, *INFORMATION technology

Abstract

Abstract: In this paper, we present a novel technique for explaining the recommendations made by recommender systems based on collaborative filtering. Our technique is based on the visualisation of trees of items, and it provides users with a quick and attractive way of understanding the recommendations. This type of visualisation provides users with valuable information about the reliability of the recommendations and the importance of the ratings the user has made, which may help users to decide which recommendation to choose. [Copyright &y& Elsevier]

Published

2013