Search

Your search keyword '"Kathrin Grosse"' showing total 43 results
Start Over Author "Kathrin Grosse"
43 results on '"Kathrin Grosse"'

39. Machine Learning Security in Industry: A Quantitative Survey

Author

Kathrin Grosse, Lukas Bieringer, Tarek R. Besold, Battista Biggio, and Katharina Krombholz

Subjects
organizations, machine learning security, FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, training data, training, quantitative user study, Computer Networks and Communications, security, adversarial machine learning, Machine Learning (cs.LG), data models, Computer Science - Computers and Society, machine learning, Computers and Society (cs.CY), production, Safety, Risk, Reliability and Quality, Cryptography and Security (cs.CR)
Abstract

Despite the large body of academic work on machine learning security, little is known about the occurrence of attacks on machine learning systems in the wild. In this paper, we report on a quantitative study with 139 industrial practitioners. We analyze attack occurrence and concern and evaluate statistical hypotheses on factors influencing threat perception and exposure. Our results shed light on real-world attacks on deployed machine learning. On the organizational level, while we find no predictors for threat exposure in our sample, the amount of implement defenses depends on exposure to threats or expected likelihood to become a target. We also provide a detailed analysis of practitioners' replies on the relevance of individual machine learning attacks, unveiling complex concerns like unreliable decision making, business information leakage, and bias introduction into models. Finally, we find that on the individual level, prior knowledge about machine learning security influences threat perception. Our work paves the way for more research about adversarial machine learning in practice, but yields also insights for regulation and auditing., Comment: Accepted at TIFS, version with more detailed appendix containing more detailed statistical results. 17 pages, 6 tables and 4 figures

Published
2022
Full Text
View/download PDF

40. Backdoor Smoothing: Demystifying Backdoor Attacks on Deep Neural Networks

Author

Kathrin Grosse, Taesung Lee, Battista Biggio, Youngja Park, Michael Backes, and Ian Molloy

Subjects
FOS: Computer and information sciences, Computer Science - Machine Learning, Computer Science - Cryptography and Security, General Computer Science, Statistics - Machine Learning, Machine Learning (stat.ML), Cryptography and Security (cs.CR), Law, Machine Learning (cs.LG)
Abstract

Backdoor attacks mislead machine-learning models to output an attacker-specified class when presented a specific trigger at test time. These attacks require poisoning the training data to compromise the learning algorithm, e.g., by injecting poisoning samples containing the trigger into the training set, along with the desired class label. Despite the increasing number of studies on backdoor attacks and defenses, the underlying factors affecting the success of backdoor attacks, along with their impact on the learning algorithm, are not yet well understood. In this work, we aim to shed light on this issue by unveiling that backdoor attacks induce a smoother decision function around the triggered samples -- a phenomenon which we refer to as \textit{backdoor smoothing}. To quantify backdoor smoothing, we define a measure that evaluates the uncertainty associated to the predictions of a classifier around the input samples. Our experiments show that smoothness increases when the trigger is added to the input samples, and that this phenomenon is more pronounced for more successful attacks. We also provide preliminary evidence that backdoor triggers are not the only smoothing-inducing patterns, but that also other artificial patterns can be detected by our approach, paving the way towards understanding the limitations of current defenses and designing novel ones., 9 pages, 7 figures, under submission

Published
2020

41. MLCapsule: Guarded Offline Deployment of Machine Learning as a Service

Author

Yang Zhang, Mario Fritz, Max Augustin, Kathrin Grosse, Ahmed Salem, Lucjan Hanzlik, and Michael Backes

Subjects
Service (business), Reverse engineering, FOS: Computer and information sciences, Computer Science - Machine Learning, Information privacy, Computer Science - Cryptography and Security, Computer Science - Artificial Intelligence, Computer science, business.industry, Control (management), Machine Learning (stat.ML), Service provider, Business model, Machine learning, computer.software_genre, Data modeling, Machine Learning (cs.LG), Artificial Intelligence (cs.AI), Statistics - Machine Learning, Software deployment, Artificial intelligence, business, computer, Cryptography and Security (cs.CR)
Abstract

With the widespread use of machine learning (ML) techniques, ML as a service has become increasingly popular. In this setting, an ML model resides on a server and users can query it with their data via an API. However, if the user's input is sensitive, sending it to the server is undesirable and sometimes even legally not possible. Equally, the service provider does not want to share the model by sending it to the client for protecting its intellectual property and pay-per-query business model. In this paper, we propose MLCapsule, a guarded offline deployment of machine learning as a service. MLCapsule executes the model locally on the user's side and therefore the data never leaves the client. Meanwhile, MLCapsule offers the service provider the same level of control and security of its model as the commonly used server-side execution. In addition, MLCapsule is applicable to offline applications that require local execution. Beyond protecting against direct model access, we couple the secure offline deployment with defenses against advanced attacks on machine learning models such as model stealing, reverse engineering, and membership inference.

Published
2018

42. Integrating argumentation and sentiment analysis for mining opinions from Twitter

Author

María Paula González, Ana Gabriela Maguitman, Kathrin Grosse, and Carlos Iván Chesñevar

Subjects
Dialectic, Computer science, business.industry, Microblogging, Sentiment analysis, Public opinion, Social relation, Argumentation theory, Ciencias de la Computación, World Wide Web, Tree (data structure), Artificial Intelligence, Argumentation, Ciencias de la Computación e Información, Social media, Opinion Mining, business, Social Media, CIENCIAS NATURALES Y EXACTAS
Abstract

Social networks have grown exponentially in use and impact on the society as a whole. In particular, microblogging platforms such as Twitter have become important tools to assess public opinion on different issues. Recently, some approaches for assessing Twitter messages have been developed, identifying sentiments associated with relevant keywords or hashtags. However, such approaches have an important limitation, as they do not take into account contradictory and potentially inconsistent information which might emerge from relevant messages. We contend that the information made available in Twitter can be useful to extract a particular version of arguments (called “opinions” in our formalization) which emerge bottom-up from the social interaction associated with such messages. In this paper we present a novel framework which allows to mine opinions from Twitter based on incrementally generated queries. As a result, we will be able to obtain an “opinion tree”, rooted in the first original query. Distinguished, conflicting elements in an opinion tree lead to so-called “conflict trees”, which resemble dialectical trees as those used traditionally in defeasible argumentation. Fil: Grosse, Kathrin. Universität Osnabrück. Institut für Kognitionswissenschaft; Alemania Fil: González, María Paula. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca; Argentina. Universidad Nacional del Sur. Departamento de Ciencia e Ingeniería de la Computación. Laboratorio de Investigación y Desarrollo en Inteligencia Artificial; Argentina Fil: Chesñevar, Carlos Iván. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca; Argentina. Universidad Nacional del Sur. Departamento de Ciencia e Ingeniería de la Computación. Laboratorio de Investigación y Desarrollo en Inteligencia Artificial; Argentina Fil: Maguitman, Ana Gabriela. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Bahía Blanca; Argentina. Universidad Nacional del Sur. Departamento de Ciencia e Ingeniería de la Computación. Laboratorio de Investigación y Desarrollo en Inteligencia Artificial; Argentina

Published
2015

43. Propanmissbrauch

Author

Kathrin Grosse and J. Grosse

Subjects
Gynecology, Physics, Psychiatry and Mental health, medicine.medical_specialty, Neurology, Injury control, Accident prevention, medicine, Poison control, Neurology (clinical), General Medicine
Abstract

Der schon lange bekannte Missbrauch fluchtiger Substanzen (Schnuffelstoffe) findet trotz ernst zu nehmender Folgen in Deutschland relativ wenig Beachtung. Im hier vorgestellten Fall wurde von einem 36-jahrigen Patienten Propangas inhaliert, um euphorisierende und halluzinogene Wirkungen zu erzielen. Der Patient konnte die sich entwickelnde Toleranz durch Steigerung der Gasmenge ausgleichen, da er beruflich Zugang zu Propangas hatte. Schlieslich verbrauchte er taglich 5 l flussigen Propans. Bei der klinischen Untersuchung imponierte ein HOPS mit unscharfer Orientierung, reduzierter Auffassungs- und Konzentrationsfahigkeit, Einbusen in den mnestischen Leistungen, lappischen Verhaltensweisen und psychomotorischer Unruhe. Das HOPS bildete sich innerhalb eines halben Jahres unvollstandig zuruck. Da er den Missbrauch in seiner in einem Mehrfamilienhaus gelegenen Wohnung praktizierte, verursachte er eine erhebliche und das gesamte Haus betreffende Explosionsgefahr. Somit lag in diesem Fall neben den gesundheitlichen Risiken des Missbrauchs eine Eigen- und Fremdgefahrdung vor.

Published
2000
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results