Google Scholar 
Semantic Scholar

My group is working on Trustworthy Information Processing with a focus on the intersection of AI & Machine Learning with Security & Privacy.

Recent projects and initiatives related to health, privacy, AI:

• Leading Scientist
  Helmholtz Medical Security, Privacy, and AI Research Center (HMSP)
• Coordinator and PI
  Trustworthy Federated Data Analytics Project (TFDA)
• Coordinator and PI
  Protecting Genetic Data with Synthetic Cohorts from Deep Generative Models (PRO-GENE-GEN)
• Partner-PI
  The German Human Genome-Phenome Archive (GHGA)
• Member of working group in “Forum Gesundheit” of BMBF
  “AG Nutzbarmachung digitaler Daten für KI-Entwicklungen in der Gesundheitsforschung”

Recent work on DeepFake detecting, attribution, watermarking and responsible disclosure:

• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• ICCV’19: Attributing Fake Images to GANs: Learning and Analyzing GAN Fingerprints

Recent publications:

• IJCV’21: Semantic Bottlenecks: Quantifying and Improving Inspectability of Deep Representations
• CCS-W’21: Differential Privacy Defenses and Sampling Attacks for Membership Inference
• CCS-W’21: “What’s in the box?!”: Deflecting Adversarial Attacks by Randomly Deploying Adversarially-Disjoint Models
• PKDD-W’21: IReEn: Reverse-Engineering of Black-Box Functions via Iterative Neural Program Synthesis
• PKDD-W’21: SampleFix: Learning to Generate Functionally Diverse Fixes
• ICCV’21: Artificial Fingerprinting for Generative Models: Rooting Deepfake Attribution in Training Data
• ICCV’21: Dual Contrastive Loss and Attention for GANs
• EXCLI’21: Privacy Considerations for Sharing Genomics Data
• IJCAI’21: Beyond the Spectrum: Detecting Deepfakes via Re-Synthesis
• S&P’21: Adversarial Watermarking Transformer: Towards Tracing Text Provenance with Data Hiding
• CVPR’21: Hijack-GAN: Unintended-Use of Pretrained, Black-Box GANs
• CVPR’21: Convolutional Dynamic Alignment Networks for Interpretable Classifications
• CVPR’21: Euro-PVI: Pedestrian Vehicle Interactions in Dense Urban Centers
• CVPR-W’21: MLCapsule: Guarded Offline Deployment of Machine Learning as a Service
• CVPR-W’21: InfoScrub: Towards Attribute Privacy by Targeted Obfuscation
• WACV’21: Future Moment Assessment for Action Query

• NeurIPS’20: GS-WGAN: A Gradient-Sanitized Approach for Learning Differentially Private Generators
• NeurIPS-W’20: SampleFix: Learning to Correct Programs by Sampling Diverse Fixes
• NeurIPS-W’20: IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis
• NeurIPS-W’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• CCS’20: VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
• CCS’20: GAN-Leaks: A Taxonomy of Membership Inference Attacks against GANs
• S&P’20: Automatically Detecting Bystanders in Photos to Reduce Privacy Risks
• USENIX Security’20: Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning
• ICLR’20: Prediction Poisoning: Utility-Constrained Defenses Against Model Stealing Attacks
• CVPR’20: Towards Causal VQA: Revealing and Reducing Spurious Correlations by Invariant and Covariant Semantic Editing
• CVPR’20: Normalizing Flows with Multi-scale Autoregressive Priors
• ECCV’20: Towards Automated Testing and Robustification by Semantic Adversarial Data Generation
• ECCV’20: Inclusive GAN: Improving Data and Minority Coverage in Generative Models
• ECCV’20: Segmentations-Leak: Membership Inference Attacks and Defenses in Semantic Image Segmentation
• ECCV-W’20: Body Shape Privacy in Images: Understanding Privacy and Preventing Automatic Shape Extraction
• ECCV-W’20: Synthetic Convolutional Features for Improved Semantic Segmentation
• NEUCOM’20: Deep gaze pooling: Inferring and visually decoding search intents from human gaze fixations
• GCPR’20: Semantic Bottlenecks: Quantifying & Improving Inspectability of Deep Representations
• GCPR’20: Long-Tailed Recognition Using Class-Balanced Experts
• GCPR’20: Haar Wavelet based Block Autoregressive Flows for Trajectories
• TPAMI’20: Person Recognition in Personal Photo Collections
• Explainable AI Book: Towards reverse-engineering black-box neural networks

Most recent work on ArXiv:

• ArXiv’21: Backdoor Attacks on Network Certification via Data Poisoning
• ArXiv’21: ML-Doctor: Holistic Risk Assessment of Inference Attacks Against Machine Learning Models
• ArXiv’21: Responsible Disclosure of Generative Models Using Scalable Fingerprinting
• ArXiv’20: CosSGD: Nonlinear Quantization for Communication-efficient Federated Learning

News, talks, events:

• Recent program committees: ICML’21, NeurIPS’22, S&P’22, EuroS&P’22, CVPR’22 (AC)
• Runner-up Inria/CNIL Privacy Protection Prize 2020
  S&P’20 paper: “Automatically Detecting Bystanders in Photos to Reduce Privacy Risks”
• Co-Organizers of ICLR’21 Workshop on “Synthetic Data Generation – Quality, Privacy, Bias”
• Co-Organizers of CVPR’21 Workshop on “QuoVadis: Interdisciplinary, Socio-Technical Workshop on the Future of Computer Vision and Pattern Recognition (QuoVadis-CVPR)”
• Co-Organizers of CVPR’21 Workshop on “Causality in Vision”
• Founding member of Saarbrücken Artificial Intelligence & Machine Learning (SAM) unit of the European Laboratory of Learning and Intelligent Systems (ELLIS)
• Lecturer at Digital CISPA Summer School 2020
• Co-Organizer of Third International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at ECCV 2020
• Co-Organizer: 4. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’20
• Keynote at Workshop Machine Learning for Cybersecurity, ECMLPKDD’19
• Talk at Cyber Defense Campus (CYD) Conference on Artificial Intelligence in Defence and Security
• Co-Organizer of Second International Workshop on The Bright and Dark Sides of Computer Vision: Challenges and Opportunities for Privacy and Security (CV-COPS) at CVPR 2019
• Co-Organizer: 3. ACM Symposium on Computer Science in Cars: Future Challenges in Artificial Intelligence & Security for Autonomous Vehicles CSCS’19
• Leading scientist at new Helmholtz Medical Security and Privacy Research Center
• Member of ACM Technical Policy Committee Europe
• Mateusz Malinowski received the DAGM MVTec dissertation award as well as the Dr.-Eduard-Martin award for his PhD
• Associate Editor for IEEE Transactions on Pattern Analysis and Machine Intelligence (TPAMI)

Show all

2015
Inproceedings
	Julia Seiter; Wei-Chen Chiu; Mario Fritz; Oliver Amft; Gerhard Troester Joint Segmentation and Activity Discovery using Semantic and Temporal Priors Inproceedings IEEE Internation Conference on Pervasive Computing and Communication (PERCOM), 2015. Links | BibTeX | Tags: 2014 @inproceedings{seiter15percom, title = {Joint Segmentation and Activity Discovery using Semantic and Temporal Priors}, author = {Julia Seiter and Wei-Chen Chiu and Mario Fritz and Oliver Amft and Gerhard Troester}, url = {https://scalable.mpi-inf.mpg.de/files/2015/02/PID3540259.pdf}, year = {2015}, date = {2015-03-23}, booktitle = {IEEE Internation Conference on Pervasive Computing and Communication (PERCOM)}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://scalable.mpi-inf.mpg.de/files/2015/02/PID3540259.pdf Close
2014
Inproceedings
	Mateusz Malinowski; Mario Fritz A Multi-World Approach to Question Answering about Real-World Scenes based on Uncertain Input Inproceedings Neural Information Processing Systems (NIPS), 2014. Links | BibTeX | Tags: 2014 @inproceedings{malinowski14nips, title = {A Multi-World Approach to Question Answering about Real-World Scenes based on Uncertain Input}, author = {Mateusz Malinowski and Mario Fritz}, url = {http://papers.nips.cc/paper/5411-a-multi-world-approach-to-question-answering-about-real-world-scenes-based-on-uncertain-input.pdf http://www.d2.mpi-inf.mpg.de/visual-turing-challenge}, year = {2014}, date = {2014-12-26}, booktitle = {Neural Information Processing Systems (NIPS)}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close http://papers.nips.cc/paper/5411-a-multi-world-approach-to-question-answering-ab[...] http://www.d2.mpi-inf.mpg.de/visual-turing-challenge Close
	Sergey Karayev; Mario Fritz; Trevor Darrell Anytime Recognition of Objects and Scenes Inproceedings IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2014, (oral). Links | BibTeX | Tags: 2014 @inproceedings{karayev14cvpr, title = {Anytime Recognition of Objects and Scenes}, author = {Sergey Karayev and Mario Fritz and Trevor Darrell}, url = {https://scalable.mpi-inf.mpg.de/files/2014/04/paper_final.pdf http://sergeykarayev.com/recognition-on-a-budget/}, year = {2014}, date = {2014-12-17}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)}, note = {oral}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://scalable.mpi-inf.mpg.de/files/2014/04/paper_final.pdf http://sergeykarayev.com/recognition-on-a-budget/ Close
	Konstantinos Rematas; Tobias Ritschel; Mario Fritz; Tinne Tuytelaars Image-based Synthesis and Re-Synthesis of Viewpoints Guided by 3D Models Inproceedings IEEE Conference on Computer Vision and Pattern Recognition (CVPR), 2014, (oral). Links | BibTeX | Tags: 2014 @inproceedings{kostas14cvpr, title = {Image-based Synthesis and Re-Synthesis of Viewpoints Guided by 3D Models}, author = {Konstantinos Rematas and Tobias Ritschel and Mario Fritz and Tinne Tuytelaars}, url = {https://scalable.mpi-inf.mpg.de/files/2014/04/ImageBasedSynthesis.pdf http://homes.esat.kuleuven.be/~krematas/imgSynth/}, year = {2014}, date = {2014-12-08}, booktitle = {IEEE Conference on Computer Vision and Pattern Recognition (CVPR)}, note = {oral}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://scalable.mpi-inf.mpg.de/files/2014/04/ImageBasedSynthesis.pdf http://homes.esat.kuleuven.be/~krematas/imgSynth/ Close
	Mateusz Malinowski; Mario Fritz Towards a Visual Turing Challenge Inproceedings NIPS Workshop on Learning Semantics, 2014. Links | BibTeX | Tags: 2014 @inproceedings{visual_turing_challenge, title = {Towards a Visual Turing Challenge}, author = {Mateusz Malinowski and Mario Fritz}, url = {http://arxiv.org/abs/1410.8027 http://www.d2.mpi-inf.mpg.de/visual-turing-challenge}, year = {2014}, date = {2014-10-30}, booktitle = {NIPS Workshop on Learning Semantics}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close http://arxiv.org/abs/1410.8027 http://www.d2.mpi-inf.mpg.de/visual-turing-challenge Close
	Wei-Chen Chiu; Gregory S. Johnson; Daniel Mcculley; Oliver Grau; Mario Fritz Object Disambiguation for Augmented Reality Applications Inproceedings British Machine Vision Conference (BMVC), 2014. Links | BibTeX | Tags: 2014 @inproceedings{walon14bmvc, title = {Object Disambiguation for Augmented Reality Applications}, author = {Wei-Chen Chiu and Gregory S. Johnson and Daniel Mcculley and Oliver Grau and Mario Fritz}, url = {https://sites.google.com/site/walonchiu/projects/disambiguation https://scalable.mpi-inf.mpg.de/files/2014/09/walon2014bmvc.pdf}, year = {2014}, date = {2014-09-01}, booktitle = {British Machine Vision Conference (BMVC)}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://sites.google.com/site/walonchiu/projects/disambiguation https://scalable.mpi-inf.mpg.de/files/2014/09/walon2014bmvc.pdf Close
	Mark Simkin; Dominique Schröder; Andreas Bulling; Mario Fritz Ubic: Bridging the Gap Between Digital Cryptography and the Physical World Inproceedings European Symposium on Research in Computer Security (ESORICS), 2014. Links | BibTeX | Tags: 2014 @inproceedings{simkin14esorics, title = {Ubic: Bridging the Gap Between Digital Cryptography and the Physical World}, author = {Mark Simkin and Dominique Schröder and Andreas Bulling and Mario Fritz}, url = {https://scalable.mpi-inf.mpg.de/files/2014/09/ubic.pdf}, year = {2014}, date = {2014-08-01}, booktitle = {European Symposium on Research in Computer Security (ESORICS)}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://scalable.mpi-inf.mpg.de/files/2014/09/ubic.pdf Close
	Evgeny Levinkov Scene Segmentation in Adverse Vision Conditions Inproceedings Young Researcher Forum at GCPR based on master thesis supervised by Mario Fritz, 2014. Links | BibTeX | Tags: 2014 @inproceedings{levinkov14yrf, title = {Scene Segmentation in Adverse Vision Conditions}, author = {Evgeny Levinkov}, url = {https://scalable.mpi-inf.mpg.de/files/2014/08/main175.pdf}, year = {2014}, date = {2014-01-08}, booktitle = {Young Researcher Forum at GCPR based on master thesis supervised by Mario Fritz}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://scalable.mpi-inf.mpg.de/files/2014/08/main175.pdf Close
	Wenbin Li Learning Multi-Scale Representations for Material Classification Inproceedings Young Researcher Forum at GCPR based on master thesis supervised by Mario Fritz, 2014. Links | BibTeX | Tags: 2014 @inproceedings{wenbin14yrf, title = {Learning Multi-Scale Representations for Material Classification}, author = {Wenbin Li}, url = {https://scalable.mpi-inf.mpg.de/files/2014/08/main176.pdf}, year = {2014}, date = {2014-01-04}, booktitle = {Young Researcher Forum at GCPR based on master thesis supervised by Mario Fritz}, keywords = {2014}, pubstate = {published}, tppubtype = {inproceedings} } Close https://scalable.mpi-inf.mpg.de/files/2014/08/main176.pdf Close
Technical Reports
	Mateusz Malinowski; Mario Fritz A Pooling Approach to Modelling Spatial Relations for Image Retrieval and Annotation Technical Report arXiv:1411.5190 [cs.CV], 2014. Links | BibTeX | Tags: 2014 @techreport{malinowski14spatial, title = {A Pooling Approach to Modelling Spatial Relations for Image Retrieval and Annotation}, author = {Mateusz Malinowski and Mario Fritz}, url = {http://arxiv.org/abs/1411.5190 http://arxiv.org/pdf/1411.5190v1.pdf}, year = {2014}, date = {2014-10-29}, type = {arXiv:1411.5190 [cs.CV]}, keywords = {2014}, pubstate = {published}, tppubtype = {techreport} } Close http://arxiv.org/abs/1411.5190 http://arxiv.org/pdf/1411.5190v1.pdf Close
	Wenbin Li; Mario Fritz Learning Multi-Scale Representations for Material Classification Technical Report arXiv:1408.2938 [cs.CV], 2014. Links | BibTeX | Tags: 2014 @techreport{li14multiscale, title = {Learning Multi-Scale Representations for Material Classification}, author = {Wenbin Li and Mario Fritz}, url = {http://arxiv.org/abs/1408.2938 http://arxiv.org/pdf/1408.2938v1.pdf}, year = {2014}, date = {2014-02-01}, type = {arXiv:1408.2938 [cs.CV]}, keywords = {2014}, pubstate = {published}, tppubtype = {techreport} } Close http://arxiv.org/abs/1408.2938 http://arxiv.org/pdf/1408.2938v1.pdf Close
	Mark Simkin; Andreas Bulling; Mario Fritz; Dominique Schroeder Ubic: Bridging the gap between digital cryptography and the physical world Technical Report arXiv:1403.1343 [cs.CR], 2014. Links | BibTeX | Tags: 2014 @techreport{simkin14ubic, title = {Ubic: Bridging the gap between digital cryptography and the physical world}, author = {Mark Simkin and Andreas Bulling and Mario Fritz and Dominique Schroeder}, url = {http://arxiv-web3.library.cornell.edu/abs/1403.1343 https://ca.cs.uni-saarland.de/ubic/ http://www.cebit.de/product/ubicrypt/437871/J842163}, year = {2014}, date = {2014-01-16}, type = {arXiv:1403.1343 [cs.CR]}, keywords = {2014}, pubstate = {published}, tppubtype = {techreport} } Close http://arxiv-web3.library.cornell.edu/abs/1403.1343 https://ca.cs.uni-saarland.de/ubic/ http://www.cebit.de/product/ubicrypt/437871/J842163 Close